--- a/Allura/allura/model/neighborhood.py
+++ b/Allura/allura/model/neighborhood.py
@@ -23,15 +23,6 @@
url_prefix - location of neighborhood (may include scheme and/or host)
css - block of CSS text to add to all neighborhood pages
- acl - list of user IDs who have rights to perform ops on neighborhood. Empty
- acl implies that any authenticated user can perform the op
- 'read' - access the neighborhood (usually [ User.anonymous()._id ])
- 'create' - create projects within the neighborhood (open neighborhoods
- will typically have this empty)
- 'moderate' - invite projects into the neighborhood, evict projects from
- the neighborhood
- 'admin' - update neighborhood ACLs, acts as a superuser with all
- permissions in neighborhood projects
'''
class __mongometa__:
session = main_orm_session
@@ -43,16 +34,21 @@
shortname_prefix = FieldProperty(str, if_missing='')
css = FieldProperty(str, if_missing='')
homepage = FieldProperty(str, if_missing='')
- acl = FieldProperty({
- 'read':[S.ObjectId], # access neighborhood at all
- 'create':[S.ObjectId], # create project in neighborhood
- 'moderate':[S.ObjectId], # invite/evict projects
- 'admin':[S.ObjectId], # update ACLs
- })
redirect = FieldProperty(str, if_missing='')
projects = RelationProperty('Project')
allow_browse = FieldProperty(bool, if_missing=True)
site_specific_html = FieldProperty(str, if_missing='')
+
+ def parent_security_context(self):
+ return None
+
+ @property
+ def acl(self):
+ from .project import Project
+ nbhd_project = Project.query.get(
+ neighborhood_id=self._id,
+ shortname='--init--')
+ return nbhd_project.acl
def url(self):
url = self.url_prefix