Customize Subjects field serializer to handle permission

news/1338.bugfix

@@ -0,0 +1 @@
+Subject field serializer return "additionalItems" flag based on what is set in Plone control panel. [cekk]

src/plone/restapi/tests/test_types.py

@@ -1,6 +1,8 @@
 from datetime import date
 from decimal import Decimal
 from plone.app.multilingual.dx import directives
+from plone.app.testing import setRoles
+from plone.app.testing import TEST_USER_ID
 from plone.app.textfield import RichText
 from plone.autoform import directives as form
 from plone.dexterity.fti import DexterityFTI
@@ -18,6 +20,7 @@
 from z3c.form.browser.text import TextWidget
 from zope import schema
 from zope.component import getMultiAdapter
+from zope.component import queryMultiAdapter
 from zope.interface import provider
 from zope.schema.interfaces import IContextAwareDefaultFactory
 from zope.schema.vocabulary import SimpleTerm
@@ -797,3 +800,36 @@ def test_jsonfield(self):
             },
             adapter.get_schema(),
         )
+
+    def test_tuple_field_return_always_additionalItems_true(self):
+        field = schema.Tuple(title="Subjects", value_type=schema.TextLine(), default=())
+        adapter = queryMultiAdapter(
+            (field, self.portal, self.request),
+            interface=IJsonSchemaProvider,
+        )
+
+        self.assertTrue(adapter.get_schema()["additionalItems"])
+
+        # now change roles (by default are enabled to change passwords Manager, Site Administrator and Reviewer)
+        setRoles(self.portal, TEST_USER_ID, ["Member", "Contributor", "Editor"])
+        self.assertTrue(adapter.get_schema()["additionalItems"])
+
+        setRoles(self.portal, TEST_USER_ID, ["Member", "Reviewer"])
+        self.assertTrue(adapter.get_schema()["additionalItems"])
+
+    def test_subjects_field_return_additionalItems_flag_based_on_roles(self):
+        field = schema.Tuple(title="Subjects", value_type=schema.TextLine(), default=())
+        adapter = queryMultiAdapter(
+            (field, self.portal, self.request),
+            interface=IJsonSchemaProvider,
+            name="subjects",
+        )
+
+        self.assertTrue(adapter.get_schema()["additionalItems"])
+
+        # now change roles (by default are enabled to change passwords Manager, Site Administrator and Reviewer)
+        setRoles(self.portal, TEST_USER_ID, ["Member", "Contributor", "Editor"])
+        self.assertFalse(adapter.get_schema()["additionalItems"])
+
+        setRoles(self.portal, TEST_USER_ID, ["Member", "Reviewer"])
+        self.assertTrue(adapter.get_schema()["additionalItems"])

src/plone/restapi/types/adapters.py

@@ -1,18 +1,21 @@
 """JsonSchema providers."""
 from plone.app.textfield.interfaces import IRichText
+from plone.registry.interfaces import IRegistry
 from plone.restapi.types.interfaces import IJsonSchemaProvider
 from plone.restapi.types.utils import get_fieldsets
 from plone.restapi.types.utils import get_jsonschema_properties
+from plone.restapi.types.utils import get_multilingual_directives
 from plone.restapi.types.utils import get_querysource_url
 from plone.restapi.types.utils import get_source_url
 from plone.restapi.types.utils import get_vocabulary_url
 from plone.restapi.types.utils import get_widget_params
-from plone.restapi.types.utils import get_multilingual_directives
 from plone.schema import IEmail
 from plone.schema import IJSONField
+from Products.CMFCore.utils import getToolByName
 from z3c.formwidget.query.interfaces import IQuerySource
 from zope.component import adapter
 from zope.component import getMultiAdapter
+from zope.component import getUtility
 from zope.i18n import translate
 from zope.interface import implementer
 from zope.interface import Interface
@@ -33,11 +36,11 @@
 from zope.schema.interfaces import IList
 from zope.schema.interfaces import IObject
 from zope.schema.interfaces import IPassword
-from zope.schema.interfaces import IURI
 from zope.schema.interfaces import ISet
 from zope.schema.interfaces import IText
 from zope.schema.interfaces import ITextLine
 from zope.schema.interfaces import ITuple
+from zope.schema.interfaces import IURI
 
 
 @adapter(IField, Interface, Interface)
@@ -278,6 +281,7 @@ def get_items(self):
     def additional(self):
         info = {}
         info["additionalItems"] = True
+
         if self.field.min_length:
             info["minItems"] = self.field.min_length
 
@@ -501,8 +505,22 @@ def get_factory(self):
 
 @adapter(ITuple, Interface, Interface)
 @implementer(IJsonSchemaProvider)
-class SubjectsFieldJsonSchemaProvider(ChoiceJsonSchemaProvider):
-    pass
+class SubjectsFieldJsonSchemaProvider(TupleJsonSchemaProvider):
+    def additional(self):
+        info = super().additional()
+        membership = getToolByName(self.context, "portal_membership")
+        user = membership.getAuthenticatedMember()
+        registry = getUtility(IRegistry)
+        roles_allowed_to_add_keywords = registry.get(
+            "plone.roles_allowed_to_add_keywords", set()
+        )
+        roles = set(user.getRolesInContext(self.context))
+        allowNewItems = bool(
+            roles.intersection(roles_allowed_to_add_keywords),
+        )
+        info["additionalItems"] = allowNewItems
+
+        return info
 
 
 @adapter(IJSONField, Interface, Interface)

src/plone/restapi/types/configure.zcml

@@ -26,6 +26,10 @@
       />
   <adapter factory=".adapters.SetJsonSchemaProvider" />
   <adapter factory=".adapters.TupleJsonSchemaProvider" />
+  <adapter
+      factory=".adapters.SubjectsFieldJsonSchemaProvider"
+      name="subjects"
+      />
   <adapter factory=".adapters.ChoiceJsonSchemaProvider" />
   <adapter factory=".adapters.ObjectJsonSchemaProvider" />
   <adapter factory=".adapters.DictJsonSchemaProvider" />