<%def name="render_select( current_actions, action_key, action, all_roles )"> <% import sets in_roles = sets.Set() for a in current_actions: if a.action == action.action: in_roles.add( a.role ) out_roles = filter( lambda x: x not in in_roles, all_roles ) %>

${action.action}: ${action.description} %if action == trans.app.security_agent.permitted_actions.DATASET_ACCESS:
NOTE: Users must have every role associated with this dataset in order to access it %endif

Roles associated:

Roles not associated:

## Any permission ( e.g., 'DATASET_ACCESS' ) included in the do_not_render param will not be rendered on the page. <%def name="render_permission_form( obj, obj_name, form_url, all_roles, do_not_render=[] )"> <% if isinstance( obj, trans.app.model.User ): current_actions = obj.default_permissions permitted_actions = trans.app.model.Dataset.permitted_actions.items() obj_str = 'user %s' % obj_name obj_type = 'dataset' elif isinstance( obj, trans.app.model.History ): current_actions = obj.default_permissions permitted_actions = trans.app.model.Dataset.permitted_actions.items() obj_str = 'history %s' % obj_name obj_type = 'dataset' elif isinstance( obj, trans.app.model.Dataset ): current_actions = obj.actions permitted_actions = trans.app.model.Dataset.permitted_actions.items() obj_str = obj_name obj_type = 'dataset' elif isinstance( obj, trans.app.model.LibraryDatasetDatasetAssociation ): current_actions = obj.actions + obj.dataset.actions permitted_actions = trans.app.model.Dataset.permitted_actions.items() + trans.app.model.Library.permitted_actions.items() obj_str = obj_name obj_type = 'dataset' elif isinstance( obj, trans.app.model.Library ): current_actions = obj.actions permitted_actions = trans.app.model.Library.permitted_actions.items() obj_str = 'library %s' % obj_name obj_type = 'library' elif isinstance( obj, trans.app.model.LibraryDataset ): current_actions = obj.actions permitted_actions = trans.app.model.Library.permitted_actions.items() obj_str = 'library dataset %s' % obj_name obj_type = 'library' elif isinstance( obj, trans.app.model.LibraryFolder ): current_actions = obj.actions permitted_actions = trans.app.model.Library.permitted_actions.items() obj_str = 'library folder %s' % obj_name obj_type = 'library' else: current_actions = [] permitted_actions = {}.items() obj_str = 'unknown object %s' %obj_name obj_type = '' %>
Manage ${obj_type} permissions on ${obj_str}
%for k, v in permitted_actions: %if k not in do_not_render:
${render_select( current_actions, k, v, all_roles )}
%endif %endfor