lino.core.roles

Defines built-in user roles. See Introduction to permissions.

(This module's source code is available here.)

Functions

check_required_roles(required_roles, actor)

Check whether the given value is a valid required_roles specification.

check_role(rr, actor)

checkmro(*args)

Utility function to find out the reason of a TypeError "Cannot create a consistent method resolution order (MRO)".

login_required(*args)

Return a set of roles to be used for a required_roles.

Classes

Anonymous()

The role used by anonymous guest sessions.

Expert()

A user with some expertise.

Explorer()

A user who has permission to explore the database content, e.g.

SiteAdmin()

A user role that grants all permissions.

SiteStaff()

A user who can configure site-wide functionality.

SiteUser()

Every authenticated user has this role.

Supervisor()

A user who has permission to act as another user.

UserRole()

Base class for all user roles.

class lino.core.roles.UserRole

Bases: object

Base class for all user roles. Even anonymous users have this role.

satisfies_requirement(required_roles)

Return True if this user role satisfies the specified role requirement.

required_roles is the set of required roles (class objects). Every item is either a class object (subclass of <UserRole>) or a tuple thereof. This role (an instance) must satisfy every specified requirement.

has_required_roles(required_roles)

Return True if this user role satisfies the specified role requirement.

required_roles is the set of required roles (class objects). Every item is either a class object (subclass of <UserRole>) or a tuple thereof. This role (an instance) must satisfy every specified requirement.

classmethod get_user_profiles()

Yield a series of all user profiles on this site which satisfy this role.

class lino.core.roles.Anonymous

Bases: lino.core.roles.UserRole

The role used by anonymous guest sessions.

class lino.core.roles.SiteUser

Bases: lino.core.roles.UserRole

Every authenticated user has this role.

class lino.core.roles.Expert

Bases: lino.core.roles.SiteUser

A user with some expertise.

class lino.core.roles.SiteStaff

Bases: lino.core.roles.Expert

A user who can configure site-wide functionality.

Certain privileged actions require this role:

  • Merging duplicate database records (MergeAction)

  • Editing printable templates (EditTemplate)

class lino.core.roles.Supervisor

Bases: lino.core.roles.UserRole

A user who has permission to act as another user.

class lino.core.roles.Explorer

Bases: lino.core.roles.UserRole

A user who has permission to explore the database content, e.g. for writing statistical reports.

class lino.core.roles.SiteAdmin

Bases: lino.core.roles.SiteStaff, lino.core.roles.Supervisor, lino.core.roles.Explorer

A user role that grants all permissions.

lino.core.roles.login_required(*args)

Return a set of roles to be used for a required_roles.

An API shortcut available in lino.api.dd.

lino.core.roles.check_required_roles(required_roles, actor)

Check whether the given value is a valid required_roles specification.

  • it must be iterable

  • every element must be either a subclass of UserRole or an iterable thereof.

  • if an element is an iterable, then it may not be empty. Only the top-level iterable may be empty.

lino.core.roles.checkmro(*args)

Utility function to find out the reason of a TypeError "Cannot create a consistent method resolution order (MRO)".

Usage: imagine you have some code like this:

from one import A from two import B from three import C

# A, B and C are subclasses of UserRole

class MyUserRole(A, B, C):

pass

and Python tells you that it cannot create a consistent MRO.

So somewhere in those classes A, B and C is a "duplicate" ancestor. And you have no idea where it is.

In that case you comment out the definition of MyUserRole and say:

checkmro(A, B, C):