Remove can_assign key from roles endpoint

plone · Dec 20, 2023 · 7a4b791 · 7a4b791
1 parent 408020a
commit 7a4b791
Show file tree

Hide file tree

Showing 3 changed files with 0 additions and 34 deletions.
diff --git a/src/plone/restapi/services/roles/get.py b/src/plone/restapi/services/roles/get.py
@@ -1,32 +1,19 @@
-from AccessControl import getSecurityManager
 from Acquisition import aq_inner
 from plone.restapi.services import Service
-from Products.CMFCore.permissions import ManagePortal
 from Products.CMFCore.utils import getToolByName
 from zope.i18n import translate
 
 
 class RolesGet(Service):
-    @property
-    def is_zope_manager(self):
-        return getSecurityManager().checkPermission(ManagePortal, self.context)
-
-    def can_assign(self, is_zope_manager, _id):
-        if is_zope_manager:
-            return True
-        return _id != "Manager"
-
     def reply(self):
         pmemb = getToolByName(aq_inner(self.context), "portal_membership")
         roles = [r for r in pmemb.getPortalRoles() if r != "Owner"]
-        is_zope_manager = self.is_zope_manager
         return [
             {
                 "@type": "role",
                 "@id": f"{self.context.absolute_url()}/@roles/{r}",
                 "id": r,
                 "title": translate(r, context=self.request, domain="plone"),
-                "can_assign": self.can_assign(is_zope_manager, r),
             }
             for r in roles
         ]
diff --git a/src/plone/restapi/tests/http-examples/roles.resp b/src/plone/restapi/tests/http-examples/roles.resp
@@ -5,49 +5,42 @@ Content-Type: application/json
     {
         "@id": "http://localhost:55001/plone/@roles/Contributor",
         "@type": "role",
-        "can_assign": true,
         "id": "Contributor",
         "title": "Contributor"
     },
     {
         "@id": "http://localhost:55001/plone/@roles/Editor",
         "@type": "role",
-        "can_assign": true,
         "id": "Editor",
         "title": "Editor"
     },
     {
         "@id": "http://localhost:55001/plone/@roles/Member",
         "@type": "role",
-        "can_assign": true,
         "id": "Member",
         "title": "Member"
     },
     {
         "@id": "http://localhost:55001/plone/@roles/Reader",
         "@type": "role",
-        "can_assign": true,
         "id": "Reader",
         "title": "Reader"
     },
     {
         "@id": "http://localhost:55001/plone/@roles/Reviewer",
         "@type": "role",
-        "can_assign": true,
         "id": "Reviewer",
         "title": "Reviewer"
     },
     {
         "@id": "http://localhost:55001/plone/@roles/Site Administrator",
         "@type": "role",
-        "can_assign": true,
         "id": "Site Administrator",
         "title": "Site Administrator"
     },
     {
         "@id": "http://localhost:55001/plone/@roles/Manager",
         "@type": "role",
-        "can_assign": true,
         "id": "Manager",
         "title": "Manager"
     }

diff --git a/src/plone/restapi/tests/test_services_roles.py b/src/plone/restapi/tests/test_services_roles.py
@@ -46,49 +46,42 @@ def test_roles_endpoint_lists_roles(self):
                 "@type": "role",
                 "id": "Contributor",
                 "title": "Contributor",
-                "can_assign": True,
             },
             {
                 "@id": self.portal_url + "/@roles/Editor",
                 "@type": "role",
                 "id": "Editor",
                 "title": "Editor",
-                "can_assign": True,
             },
             {
                 "@id": self.portal_url + "/@roles/Member",
                 "@type": "role",
                 "id": "Member",
                 "title": "Member",
-                "can_assign": True,
             },
             {
                 "@id": self.portal_url + "/@roles/Reader",
                 "@type": "role",
                 "id": "Reader",
                 "title": "Reader",
-                "can_assign": True,
             },
             {
                 "@id": self.portal_url + "/@roles/Reviewer",
                 "@type": "role",
                 "id": "Reviewer",
                 "title": "Reviewer",
-                "can_assign": True,
             },
             {
                 "@id": self.portal_url + "/@roles/Site Administrator",
                 "@type": "role",
                 "id": "Site Administrator",
                 "title": "Site Administrator",
-                "can_assign": True,
             },
             {
                 "@id": self.portal_url + "/@roles/Manager",
                 "@type": "role",
                 "id": "Manager",
                 "title": "Manager",
-                "can_assign": True,
             },
         )
         result = response.json()
@@ -106,49 +99,42 @@ def test_siteadm_roles_endpoint_lists_roles(self):
                 "@type": "role",
                 "id": "Contributor",
                 "title": "Contributor",
-                "can_assign": True,
             },
             {
                 "@id": self.portal_url + "/@roles/Editor",
                 "@type": "role",
                 "id": "Editor",
                 "title": "Editor",
-                "can_assign": True,
             },
             {
                 "@id": self.portal_url + "/@roles/Member",
                 "@type": "role",
                 "id": "Member",
                 "title": "Member",
-                "can_assign": True,
             },
             {
                 "@id": self.portal_url + "/@roles/Reader",
                 "@type": "role",
                 "id": "Reader",
                 "title": "Reader",
-                "can_assign": True,
             },
             {
                 "@id": self.portal_url + "/@roles/Reviewer",
                 "@type": "role",
                 "id": "Reviewer",
                 "title": "Reviewer",
-                "can_assign": True,
             },
             {
                 "@id": self.portal_url + "/@roles/Site Administrator",
                 "@type": "role",
                 "id": "Site Administrator",
                 "title": "Site Administrator",
-                "can_assign": True,
             },
             {
                 "@id": self.portal_url + "/@roles/Manager",
                 "@type": "role",
                 "id": "Manager",
                 "title": "Manager",
-                "can_assign": False,
             },
         )
         result = response.json()