[Erp5-report] r11015 - /erp5/trunk/bt5/erp5_dms/PortalTypeRolesTemplateItem/Text.xml

nobody at svn.erp5.org nobody at svn.erp5.org
Mon Oct 30 23:12:15 CET 2006 

Author: bartek
Date: Mon Oct 30 23:12:14 2006
New Revision: 11015

URL: http://svn.erp5.org?rev=11015&view=rev
Log:
Implemented "personal/project" security classification

Modified:
    erp5/trunk/bt5/erp5_dms/PortalTypeRolesTemplateItem/Text.xml

Modified: erp5/trunk/bt5/erp5_dms/PortalTypeRolesTemplateItem/Text.xml
URL: http://svn.erp5.org/erp5/trunk/bt5/erp5_dms/PortalTypeRolesTemplateItem/Text.xml?rev=11015&r1=11014&r2=11015&view=diff
==============================================================================
--- erp5/trunk/bt5/erp5_dms/PortalTypeRolesTemplateItem/Text.xml (original)
+++ erp5/trunk/bt5/erp5_dms/PortalTypeRolesTemplateItem/Text.xml Mon Oct 30 23:12:14 2006
@@ -1,54 +1,43 @@
 <type_roles>
-  <role id='Assignor'>
-   <property id='title'>Team Reviewer</property>
-   <property id='description'>The head of the team who is in charge of reviewing documents published by his team. He is granted special rights on documents produced by his team.</property>
-   <property id='condition'>python: not object.getSourceProject()</property>
-   <property id='priority'>10.0</property>
+  <role id='Associate'>
+   <property id='title'>Project Assignees</property>
+   <property id='description'>Policy: personal/project
+Rule: all project members have a right to access document once it has been shared or released</property>
+   <property id='condition'>python:object.getSourceProject() and object.isMemberOf('classification/personal/project')</property>
+   <property id='priority'>10</property>
    <property id='base_category_script'>ERP5Type_getSecurityCategoryFromArrow</property>
-   <multi_property id='category'>function/publication/reviewer</multi_property>
-   <multi_property id='base_category'>group</multi_property>
-   <multi_property id='base_category'>site</multi_property>
-  </role>
-  <role id='Assignee'>
-   <property id='title'>Project Assignees</property>
-   <property id='description'>In a project collaborative document, all project members have a right to access and modify a document before release or publication.</property>
-   <property id='condition'>python:object.getSourceProject() and object.isMemberOf('classification/collaborative/project')</property>
-   <property id='priority'>10.0</property>
-   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromArrow</property>
-   <multi_property id='base_category'>source_project</multi_property>
-  </role>
-  <role id='Associate'>
-   <property id='title'>Project Associates</property>
-   <property id='description'>In a project document, all project members have a right to access the document before it is released or published.</property>
-   <property id='condition'>python: object.getSourceProject()</property>
-   <property id='priority'>10.0</property>
-   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromArrow</property>
+   <multi_property id='category'></multi_property>
    <multi_property id='base_category'>source_project</multi_property>
   </role>
   <role id='Assignor'>
-   <property id='title'>Project Reviewer</property>
-   <property id='description'>The head of the project who is in charge of reviewing documents produced by the project before release or publication.</property>
-   <property id='condition'>python: object.getSourceProject()</property>
-   <property id='priority'>10.0</property>
+   <property id='title'>P/P - Project Director</property>
+   <property id='description'>Policy: personal/project
+Rule: project director is an Assignor (has management rights to the doc - can review it, release, publish, add local roles)</property>
+   <property id='condition'>python:object.getSourceProject() and object.isMemberOf('classification/personal/project')</property>
+   <property id='priority'>10</property>
    <property id='base_category_script'>ERP5Type_getSecurityCategoryFromArrow</property>
    <multi_property id='category'>function/project/director</multi_property>
    <multi_property id='base_category'>source_project</multi_property>
+   <multi_property id='base_category'>function</multi_property>
   </role>
-  <role id='Associate'>
-   <property id='title'>Team Associates</property>
-   <property id='description'>All team members have a right to access non restricted documents before their release or publication.</property>
-   <property id='condition'>python:not object.isMemberOf('classification/personnal/restricted')</property>
-   <property id='priority'>10.0</property>
-   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromArrow</property>
-   <multi_property id='base_category'>group</multi_property>
-   <multi_property id='base_category'>function</multi_property>
-   <multi_property id='base_category'>site</multi_property>
+  <role id='Assignee'>
+   <property id='title'>P/P - Project Owner</property>
+   <property id='description'>Policy: personal/project
+Rule: the creator is Assignee - can edit the doc and share it with the team</property>
+   <property id='condition'>python:object.getSourceProject() and object.isMemberOf('classification/personal/project')</property>
+   <property id='priority'>10</property>
+   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromUser</property>
+   <multi_property id='category'></multi_property>
+   <multi_property id='base_category'>reference</multi_property>
   </role>
   <role id='Auditor'>
-   <property id='title'>Management</property>
-   <property id='description'>Management has to access anydocument in the system.</property>
-   <property id='priority'>10.0</property>
-   <property id='base_category_script'>ERP5Type_getSecurityCategoryFromArrow</property>
-   <multi_property id='category'>function/hq</multi_property>
+   <property id='title'>P/P - Organisation members</property>
+   <property id='description'>Policy: personal/project
+Rule: all people working for the same organisation are Auditors (we identify the organisation by the first part of the "group" path)</property>
+   <property id='condition'>python:object.getSourceProject() and object.isMemberOf('classification/personal/project')</property>
+   <property id='priority'>10</property>
+   <property id='base_category_script'>ERP5Type_getSecurityCategoryRoot</property>
+   <multi_property id='category'></multi_property>
+   <multi_property id='base_category'>group</multi_property>
   </role>
 </type_roles>

More information about the Erp5-report mailing list