[Checkins] SVN: z3c.securitytool/trunk/ Refactored the
viewRoleMatrix population to a seperate method and updated README
Daniel Blackburn
blackburnd at gmail.com
Wed Jun 11 18:45:13 EDT 2008
Log message for revision 87318:
Refactored the viewRoleMatrix population to a seperate method and updated README
Changed:
U z3c.securitytool/trunk/TODO.txt
U z3c.securitytool/trunk/src/z3c/securitytool/README.txt
U z3c.securitytool/trunk/src/z3c/securitytool/securitytool.py
-=-
Modified: z3c.securitytool/trunk/TODO.txt
===================================================================
--- z3c.securitytool/trunk/TODO.txt 2008-06-11 19:27:04 UTC (rev 87317)
+++ z3c.securitytool/trunk/TODO.txt 2008-06-11 22:45:12 UTC (rev 87318)
@@ -1,19 +1,14 @@
- TODO
-===============
+TODO
+====
- NEED FOR BETA RELEASE
- ==============================
-
- * Show the permission details as a graph ??
+PrincipalDetails and Permission Details
+=======================================
+ * Strike through role - permissions which are denied
+ by specific permission deny settings
- PrincipalDetails and Permission Details
- ===================================================
- * Strike through role - permissions which are denied
- by specific permission deny settings
-
DONE
==============================================================================
* Make sure the group settings are taken into account and
Modified: z3c.securitytool/trunk/src/z3c/securitytool/README.txt
===================================================================
--- z3c.securitytool/trunk/src/z3c/securitytool/README.txt 2008-06-11 19:27:04 UTC (rev 87317)
+++ z3c.securitytool/trunk/src/z3c/securitytool/README.txt 2008-06-11 22:45:12 UTC (rev 87318)
@@ -57,7 +57,7 @@
'getReadPerm',
'populateMatrix',
'populatePermissionMatrix',
- 'updateRolePermissionSetting']
+ 'populateViewRoleMatrix']
To get all the security settings for particular context level the
Modified: z3c.securitytool/trunk/src/z3c/securitytool/securitytool.py
===================================================================
--- z3c.securitytool/trunk/src/z3c/securitytool/securitytool.py 2008-06-11 19:27:04 UTC (rev 87317)
+++ z3c.securitytool/trunk/src/z3c/securitytool/securitytool.py 2008-06-11 22:45:12 UTC (rev 87318)
@@ -78,7 +78,7 @@
{viewSetting:self.viewPermMatrix[item][viewSetting]})
# Now we will inherit the permissions from groups assigned to each
- # principal
+ # principal and digest them accordingly
principals = zapi.principals()
getPrin = principals.getPrincipal
viewPrins = [getPrin(prin) for prin in self.viewMatrix]
@@ -101,14 +101,28 @@
self.name, read_perm = self.getReadPerm(view_reg)
+ # If we are not viewing the permission the user has selected
if self.selectedPermission and self.selectedPermission != read_perm:
return
+
self.views[self.name] = read_perm
allSettings, settings = getSettingsForMatrix(viewInstance)
+
rolePermMap = allSettings.get('rolePermissions', ())
+ self.populateViewRoleMatrix(rolePermMap,settings,read_perm)
- for name,setting in settings:
+ prinPermissions = allSettings.get('principalPermissions',[])
+ self.populatePermissionMatrix(read_perm,prinPermissions)
+
+ def populateViewRoleMatrix(self,rolePermMap,settings,read_perm):
+ """
+ This method is responsible for populating the viewRoleMatrix
+ of the security matrix this will be merged with the permissionMatrix
+ after both are fully populated.
+ """
+
+ for name, setting in settings:
principalRoles = setting.get('principalRoles', [])
for role in principalRoles:
principal = role['principal']
@@ -125,6 +139,8 @@
# this role before, if it is now denied we remove it.
del self.viewRoleMatrix[principal]\
[self.name][role['role']]
+ continue
+
except KeyError:
pass
@@ -134,28 +150,15 @@
permSetting = principalRoleProvidesPermission(
principalRoles, rolePermMap,
principal, read_perm,
- role['role']
- )
+ role['role'])
+
+ # The role is either Allow or zope.public so we add
+ # it to the viewRoleMatrix.
if permSetting[1]:
- self.updateRolePermissionSetting(permSetting[1],
- principal,
- role['role'],
- self.name)
+ self.viewRoleMatrix[principal].setdefault(self.name,{})
+ self.viewRoleMatrix[principal]\
+ [self.name].update({role['role']:permSetting[1]})
- prinPermissions = allSettings.get('principalPermissions',[])
- self.populatePermissionMatrix(read_perm,prinPermissions)
-
- def updateRolePermissionSetting(self,permSetting,principal,role,name):
- """
- Updates permission setting for current role if necessary this
- populates the viewRoleMatrix which is used with viewPermMatrix to
- determine the objects permission for the securityMatrix.html page
-
- """
- if permSetting != 'Deny':
- self.viewRoleMatrix[principal].setdefault(name,{})
- self.viewRoleMatrix[principal][name].update({role:permSetting})
-
def populatePermissionMatrix(self,read_perm,principalPermissions):
""" This method populates the principal permission section of
the view matrix, it is half responsible for the 'Allow' and
More information about the Checkins
mailing list