[Checkins]
SVN: z3c.securitytool/trunk/src/z3c/securitytool/securitytool.py
Cleaned up securitytool.py principalPermissions
Daniel Blackburn
blackburnd at gmail.com
Sat Feb 16 16:16:12 EST 2008
Log message for revision 83940:
Cleaned up securitytool.py principalPermissions
Changed:
U z3c.securitytool/trunk/src/z3c/securitytool/securitytool.py
-=-
Modified: z3c.securitytool/trunk/src/z3c/securitytool/securitytool.py
===================================================================
--- z3c.securitytool/trunk/src/z3c/securitytool/securitytool.py 2008-02-16 20:49:21 UTC (rev 83939)
+++ z3c.securitytool/trunk/src/z3c/securitytool/securitytool.py 2008-02-16 21:16:12 UTC (rev 83940)
@@ -226,9 +226,14 @@
settingsForObject(view) ]
self.populatePrincipalMatrix(all_settings)
-
+ self.orderRoleTree()
return self.principalMatrix
+ def orderRoleTree(self):
+ # This is silly I know but I want global settings at the end
+ globalSettings = self.principalMatrix['roleTree'].pop(0)
+ self.principalMatrix['roleTree'].append(globalSettings)
+
def populatePrincipalMatrix(self, settings):
""" this method recursively populates the principal permissions
dict and is only used by principalPermissions """
@@ -244,54 +249,52 @@
self.policyPermissions(group, settings)
+ def populatePrincipalRoleTree(self,item,parentList,curRole):
+ key = item.get('uid')
+ keys = [x.keys()[0] for x in\
+ self.principalMatrix['roleTree']]
+
+ if key not in keys:
+ self.principalMatrix['roleTree'].append({
+ key:{}})
+ place = -1
+ else:
+ place = keys.index(key)
+
+ # Each key is unique so we just get the list index to edit
+ # we keep it as a list so the order stays the same.
+
+ parentList.reverse()
+ self.principalMatrix['roleTree'][place]\
+ [key]['parentList'] = \
+ parentList
+
+ self.principalMatrix['roleTree'][place]\
+ [key]['name'] = item.get('name')
+
+ self.principalMatrix['roleTree']\
+ [place][key].setdefault('roles',[])
+
+
+ # we make sure we only add the roles we do not yet have.
+ if curRole not in \
+ self.principalMatrix['roleTree'][place]\
+ [key]['roles']:
+ self.principalMatrix['roleTree'][place]\
+ [key]['roles'].append(curRole)
+
def populatePrincipalMatrixRoles(self, name, item):
for curRole in item.get('principalRoles', ()):
if curRole['principal'] != self.principal.id:
continue
role = curRole['role']
+ parentList = item.get('parentList',None)
- contextName = name and name or 'Root Folder'
- # Now we will build the roleTree object to display
- # the levels and settings for all roles assigned to this
- # principal.
-
- parentList = item.get('parentList',None)
if parentList:
- key = item.get('uid')
- keys = [x.keys()[0] for x in\
- self.principalMatrix['roleTree']]
+ # If we have a parent list we want to populate the tree
+ self.populatePrincipalRoleTree(item,parentList,curRole)
- if key not in keys:
- self.principalMatrix['roleTree'].append({
- key:{}})
- place = -1
- else:
- place = keys.index(key)
-
- # Each key is unique so we just get the list index to edit
- # we keep it as a list so the order stays the same.
-
- parentList.reverse()
- self.principalMatrix['roleTree'][place]\
- [key]['parentList'] = \
- parentList
-
- self.principalMatrix['roleTree'][place]\
- [key]['name'] = item.get('name')
-
- self.principalMatrix['roleTree']\
- [place][key].setdefault('roles',[])
-
-
- # we make sure we only add the roles we do not yet have.
- if curRole not in \
- self.principalMatrix['roleTree'][place]\
- [key]['roles']:
- self.principalMatrix['roleTree'][place]\
- [key]['roles'].append(curRole)
-
-
if curRole['setting'] == Deny:
try:
# Here we see if we have added a security setting with
@@ -300,25 +303,27 @@
except KeyError:
pass
continue
- elif curRole['setting'] == Allow:
- # We only want to append the role if it is Allowed
- if not self.principalMatrix['roles'].has_key(role):
- self.principalMatrix['roles'][role] = curRole
- for rolePerms in item['rolePermissions']:
- # Here we get the permissions provided by each role
- if rolePerms['role'] == role:
- permission = rolePerms['permission']
- _setting = rolePerms['setting'].getName()
- mapping = {'permission': permission,
- 'setting': _setting}
+ else:
+ self.populatePrincipalRoles(item,role,curRole)
+ def populatePrincipalRoles(self,item,role,curRole):
+ if curRole['setting'] == Allow:
+ # We only want to append the role if it is Allowed
+ if not self.principalMatrix['roles'].has_key(role):
+ self.principalMatrix['roles'][role] = curRole
+
+ for rolePerms in item['rolePermissions']:
+ # Here we get the permissions provided by each role
+ if rolePerms['role'] == role:
+ permission = rolePerms['permission']
+ _setting = rolePerms['setting'].getName()
+ mapping = {'permission': permission,
+ 'setting': _setting}
+
+ if not role in self.principalMatrix['roles']:
+ self.principalMatrix['roles'].append({role:mapping})
- if not role in self.principalMatrix['roles']:
- self.principalMatrix['roles'].append({role:mapping})
-
-
-
def populatePrincipalMatrixPermissions(self, item):
# Here we get all the permssions for this principal
for prinPerms in item.get('principalPermissions', ()):
More information about the Checkins
mailing list