Created
August 20, 2020 21:10
-
-
Save cdw9/1217ba75613cb5de04321bae5308dcc7 to your computer and use it in GitHub Desktop.
Restrict access to a custom Plone File type
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<!-- custom template --> | |
<browser:page | |
name="ofs_file_view" | |
class=".ofs.OFSFileView" | |
template="ofs_file_view.pt" | |
permission="zope2.View" | |
for="plone.app.contenttypes.interfaces.IFile" | |
/> | |
<!-- custom @@download for the type --> | |
<browser:page | |
name="download" | |
for="intranet.ofs.content.ofs_file.IOFSFile" | |
class=".ofs.OFSFileDownload" | |
permission="zope2.View" | |
/> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from plone.app.contenttypes.browser.file import FileView | |
from plone.namedfile.browser import Download | |
from plone.namedfile.utils import stream_data | |
def user_is_authorized(self): | |
user = self.request['AUTHENTICATED_USER'] | |
roles = user.getRolesInContext(self.context) | |
return 'Manager' in roles or \ | |
'Site Administrator' in roles | |
class OFSFileView(FileView): | |
"""define functions to be accessed by the template | |
""" | |
def is_authorized(self): | |
return user_is_authorized(self) | |
class OFSFileDownload(Download): | |
"""custom download permissions - check that user is | |
authorized before allowing download | |
""" | |
def __call__(self): | |
if user_is_authorized(self): | |
file = self._getFile() | |
self.set_headers(file) | |
return stream_data(file) | |
self.request.response.redirect(self.context.absolute_url()) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?xml version="1.0"?> | |
<object name="ofs_file" meta_type="Dexterity FTI" i18n:domain="plone" | |
xmlns:i18n="http://xml.zope.org/namespaces/i18n"> | |
<property name="title" i18n:translate="">ofs File</property> | |
<property name="description" i18n:translate="">ofs File type</property> | |
<property name="icon_expr">string:${portal_url}/document_icon.png</property> | |
<property name="factory">ofs_file</property> | |
<property | |
name="add_view_expr">string:${folder_url}/++add++ofs_file</property> | |
<property name="link_target"></property> | |
<property name="immediate_view">ofs_file_view</property> | |
<property name="global_allow">False</property> | |
<property name="filter_content_types">True</property> | |
<property name="allowed_content_types"/> | |
<property name="allow_discussion">False</property> | |
<property name="default_view">ofs_file_view</property> | |
<property name="view_methods"/> | |
<property name="default_view_fallback">False</property> | |
<property name="add_permission">cmf.AddPortalContent</property> | |
<property name="klass">intranet.ofs.content.ofs_file.OFSFile</property> | |
<property name="model_file">plone.app.contenttypes.schema:file.xml</property> | |
<property name="model_source"></property> | |
<property name="schema"></property> | |
<property name="behaviors"> | |
<element value="plone.app.dexterity.behaviors.filename.INameFromFileName"/> | |
<element value="plone.app.dexterity.behaviors.metadata.IPublication"/> | |
</property> | |
<property name="schema_policy">dexterity</property> | |
<alias from="(Default)" to="(dynamic view)"/> | |
<alias from="edit" to="@@edit"/> | |
<alias from="sharing" to="@@sharing"/> | |
<alias from="view" to="(selected layout)"/> | |
<action title="View" action_id="view" category="object" condition_expr="" | |
description="" icon_expr="" link_target="" url_expr="string:${object_url}" | |
visible="True"> | |
<permission value="View"/> | |
</action> | |
<action title="Edit" action_id="edit" category="object" condition_expr="" | |
description="" icon_expr="" link_target="" | |
url_expr="string:${object_url}/edit" visible="True"> | |
<permission value="Modify portal content"/> | |
</action> | |
</object> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" | |
xmlns:tal="http://xml.zope.org/namespaces/tal" | |
xmlns:metal="http://xml.zope.org/namespaces/metal" | |
xmlns:i18n="http://xml.zope.org/namespaces/i18n" | |
lang="en" | |
metal:use-macro="context/main_template/macros/master" | |
i18n:domain="plone"> | |
<body> | |
<metal:content-core fill-slot="content-core"> | |
<metal:block define-macro="content-core" | |
tal:define="content_type context/file/contentType|nothing; | |
download_url string:${context/absolute_url}/@@download/file/${context/file/filename}"> | |
<tal:authorized condition="view/is_authorized"> | |
<p> | |
<a tal:attributes="href download_url"> | |
<img tal:attributes="src view/get_mimetype_icon; | |
alt content_type;" border="0" /> | |
<tal:name tal:content="context/file/filename" >Filename</tal:name> | |
</a> | |
<span class="discreet">— <span tal:replace="view/human_readable_size" /></span> | |
</p> | |
<video tal:condition="view/is_videotype" controls="controls"> | |
<source tal:attributes="src download_url; type content_type"></source> | |
</video> | |
<audio tal:condition="view/is_audiotype" controls="controls"> | |
<source tal:attributes="src download_url; type content_type"></source> | |
</audio> | |
<div tal:condition="python: content_type.startswith('text')"> | |
<h2 i18n:translate="heading_file_contents">File contents</h2> | |
<pre tal:content="context/file/data|nothing" /> | |
</div> | |
</tal:authorized> | |
<tal:unauthorized condition="not:view/is_authorized"> | |
<h2>You are not authorized to view this resource</h2> | |
</tal:unauthorized> | |
</metal:block> | |
</metal:content-core> | |
</body> | |
</html> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment