changing permissions on classes/methods at runtime?
hi all! is it possible to change permissions and roles on classes/methods at runtime? normally you'd attach security declarations inline in your class definition code: from AccessControl import ClassSecurityInfo from AccessControl.class_init import InitializeClass class Cls(): security = ClassSecurityInfo() security.declarePrivate('foo') def foo(self): pass InitializeClass(Cls) now what i tried at runtime is: from mycode import Cls from AccessControl import ClassSecurityInfo security = ClassSecurityInfo() security.declarePublic('foo') security.apply(Cls) but this does not what i want it to, in fact it doesn't seem to do anything yet - probably because i'm using the wrong way :) any hints how to do this correctly would be greatly appreciated. thank you very much in advance and best regards, Jürgen Herrmann --
XLhost.de ® - Webhosting von supersmall bis eXtra Large <<
XLhost.de GmbH Jürgen Herrmann, Geschäftsführer Boelckestrasse 21, 93051 Regensburg, Germany Geschäftsführer: Jürgen Herrmann Registriert unter: HRB9918 Umsatzsteuer-Identifikationsnummer: DE245931218 Fon: +49 (0)800 XLHOSTDE [0800 95467833] Fax: +49 (0)800 95467830 Web: http://www.XLhost.de
Hi, Le Wed, 29 Feb 2012 15:12:37 +0100, Jürgen Herrmann <Juergen.Herrmann@XLhost.de> a écrit:
is it possible to change permissions and roles on classes/methods at runtime? normally you'd attach security declarations inline in your class definition code:
from AccessControl import ClassSecurityInfo from AccessControl.class_init import InitializeClass class Cls(): security = ClassSecurityInfo() security.declarePrivate('foo') def foo(self): pass InitializeClass(Cls)
now what i tried at runtime is:
from mycode import Cls from AccessControl import ClassSecurityInfo security = ClassSecurityInfo() security.declarePublic('foo') security.apply(Cls)
but this does not what i want it to, in fact it doesn't seem to do anything yet - probably because i'm using the wrong way :)
any hints how to do this correctly would be greatly appreciated.
thank you very much in advance and best regards,
The way I handle this kind of problem is: - declare me method as protected, with a specific permission - grant this permission to roles or users (which can be "anybody") according to your context. Best regards, Thierry -- Chef de projets internet/intranet Office National des Forêts Direction des Systèmes d'Information 2, Avenue de Saint Mandé 75570 PARIS Cedex 12 Tél. : 01 40 19 59 64 Fax. : 01 40 19 59 85 Mél. : thierry.florac@onf.fr WWW : http://www.onf.fr
On Wed, Feb 29, 2012 at 7:12 AM, Jürgen Herrmann <Juergen.Herrmann@xlhost.de> wrote:
hi all!
is it possible to change permissions and roles on classes/methods at runtime? normally you'd attach security declarations inline in your class definition code:
I don't off-hand know why just monkey-patching the security attribute of your class and then calling InitializeClass() again would not work, but the idea of changing these at runtime after initial zope startup sounds a bit odd, possibly dangerous. What is it that you are trying to do? Sean
On Mon, Mar 5, 2012 at 19:22, Sean Upton <sdupton@gmail.com> wrote:
On Wed, Feb 29, 2012 at 7:12 AM, Jürgen Herrmann <Juergen.Herrmann@xlhost.de> wrote:
hi all!
is it possible to change permissions and roles on classes/methods at runtime? normally you'd attach security declarations inline in your class definition code:
I don't off-hand know why just monkey-patching the security attribute of your class and then calling InitializeClass() again would not work, but the idea of changing these at runtime after initial zope startup sounds a bit odd, possibly dangerous. What is it that you are trying to do?
When I needed this to be dynamic I simply did not have any security declaration and instead tested the permissions the first thing I did in the method. That worked fine. It is however probably ten years ago, and I don't remember or have the code. But it was quite simple, I think. //Lennart
Am 06.03.2012 09:02, schrieb Lennart Regebro:
On Mon, Mar 5, 2012 at 19:22, Sean Upton <sdupton@gmail.com> wrote:
On Wed, Feb 29, 2012 at 7:12 AM, Jürgen Herrmann <Juergen.Herrmann@xlhost.de> wrote:
hi all!
is it possible to change permissions and roles on classes/methods at runtime? normally you'd attach security declarations inline in your class definition code:
I don't off-hand know why just monkey-patching the security attribute of your class and then calling InitializeClass() again would not work, but the idea of changing these at runtime after initial zope startup sounds a bit odd, possibly dangerous. What is it that you are trying to do?
When I needed this to be dynamic I simply did not have any security declaration and instead tested the permissions the first thing I did in the method. That worked fine. It is however probably ten years ago, and I don't remember or have the code. But it was quite simple, I think.
//Lennart
Since a long time i have a mechanism in place that scans class-specific directories for page templates, dtml files, images, sql-methods etc. and attaches these to the classes. up to now i did mark everything as protected, with a fixed permission, worked fine for my purposes. now i had a use case where i need to mark some templates and methods as public because they use an internal authentication. best regards, jürgen --
XLhost.de ® - Webhosting von supersmall bis eXtra Large <<
XLhost.de GmbH Jürgen Herrmann, Geschäftsführer Boelckestrasse 21, 93051 Regensburg, Germany Geschäftsführer: Jürgen Herrmann Registriert unter: HRB9918 Umsatzsteuer-Identifikationsnummer: DE245931218 Fon: +49 (0)800 XLHOSTDE [0800 95467833] Fax: +49 (0)800 95467830 Web: http://www.XLhost.de
On Wed, Mar 7, 2012 at 3:47 AM, Jürgen Herrmann <Juergen.Herrmann@xlhost.de> wrote:
now i had a use case where i need to mark some templates and methods as public because they use an internal authentication.
One of the challenges I see is that InitializeClass() removes the original 'security' attribute of the class, so you end up having to copy the security info to a module global before calling InitializeClass() the first time. Then, if you have that copy of the class security information, you should be able to re-use it, modify it, re-apply it to the class, then call InitializeClass (again). Sean
participants (4)
-
Jürgen Herrmann -
Lennart Regebro -
Sean Upton -
Thierry Florac