External management of roles and permissions
How do I programmatically set the Security settings programmatically? Specifically, I have a collection of Zopes. I need to verify that each supports certain special security roles and, if they are not present, create them. Then I need to set the permissions for each security option/role programattically--the moral equivalent of going through and checking the boxes. In a few instances I'll also need to test/and or set a proxy programmatically. A quick browse of the API and code didn't point me in the right direction. How does one do this?
On Tue, 19.08.2003 at 13:33 -0700, Dennis Allison wrote:
How do I programmatically set the Security settings programmatically?
Check out lib/python/AccessControl/Role.py -- paavo. Proletarier aller Länder, macht Schluß!
Then I need to set the permissions for each security option/role programattically--the moral equivalent of going through and checking the boxes.
Does this help at all? 'setup' below is called from the 'manage_addMyApp' constructor. def addRoles(obj, roles): ''' Create MyApp roles ''' # First add roles # (AccessControl.Role._addRole is awkward, so we Just Do It) current_roles=list(obj.__ac_roles__) for role in current_roles: if role not in roles: roles.append(role) obj.__ac_roles__=tuple(roles) def setPermissions(obj, permissions, acquire=0): ''' Set permissions for object ''' roles_for_permissions = {} for role, perms in permissions.items(): for perm in perms: roles_for_permissions[perm] = roles_for_permissions.get(perm, []) roles_for_permissions[perm].append(role) for perm, roles in roles_for_permissions.items(): obj.manage_permission(perm, roles, acquire) def setPermissionsForRoles(obj, permissions, roles): for permission in permissions: obj.manage_permission(permission, roles, 0) def setup(myapp): # # Set permissions # addRoles(myapp, ['Member', 'Evaluator']) setPermissions(myapp, myapp_permissions) setPermissionsForRoles( myapp.members, view_permissions, ['Manager', 'Member']) setPermissionsForRoles( myapp.downloads, view_permissions, ['Manager']) view_permissions = ('Access Transient Objects', 'Access contents information', 'Access session data', 'Add portal member', 'Copy or Move', 'Mail forgotten password', 'Query Vocabulary', 'Search ZCatalog', 'Use Database Methods', 'View', 'WebDAV access', ) ... myapp_permissions = { 'Anonymous': view_permissions, 'Authenticated': (), 'Manager': all_permissions, 'Owner': owner_permissions, } ... etc -- Jean Jordaan http://www.upfrontsystems.co.za
On Wed, 20 Aug 2003, Jean Jordaan wrote:
Then I need to set the permissions for each security option/role programattically--the moral equivalent of going through and checking the boxes.
Does this help at all? 'setup' below is called from the 'manage_addMyApp' constructor.
Thanks... that's a good place to start. -dra
Dennis Allison wrote at 2003-8-19 13:33 -0700:
How do I programmatically set the Security settings programmatically?
Specifically, I have a collection of Zopes. I need to verify that each supports certain special security roles and, if they are not present, create them. Then I need to set the permissions for each security option/role programattically--the moral equivalent of going through and checking the boxes. In a few instances I'll also need to test/and or set a proxy programmatically. A quick browse of the API and code didn't point me in the right direction. How does one do this?
I suggest, you look at the modules in "AccessControl", especially "Role" and "Permission". You should find everything in "AccessControl". Dieter
participants (4)
-
Dennis Allison -
Dieter Maurer -
Jean Jordaan -
Paavo Parkkinen