[CMF-checkins] CVS: CMF/CMFCore - DirectoryView.py:1.21.2.1

Chris Withers chrisw@nipltd.com
Mon, 13 May 2002 11:58:21 -0400


Update of /cvs-repository/CMF/CMFCore
In directory cvs.zope.org:/tmp/cvs-serv2419

Modified Files:
      Tag: chrisw_fssecurity_branch
	DirectoryView.py 
Log Message:
first pass at fs-based security, editing in debug mode doesn't currently work...

=== CMF/CMFCore/DirectoryView.py 1.21 => 1.21.2.1 ===
             return props
 
+    def _readSecurity(self, fp):
+        """Reads the security file next to an object.
+        """
+        try:
+            f = open(fp, 'rt')
+        except IOError:
+            return None        
+        else:
+            lines = f.readlines()
+            f.close()
+            prm = {}
+            for line in lines:
+                try:
+                    c1 = line.index(':')+1
+                    c2 = line.index(':',c1)
+                    permission = line[:c1-1]
+                    acquire = not not line[c1:c2] # get boolean                    
+                    proles = line[c2+1:].split(',')
+                    roles=[]
+                    for role in proles:
+                        role = role.strip()
+                        if role:
+                            roles.append(role)
+                except:
+                    LOG('DirectoryView',
+                        ERROR,
+                        'Error reading permission from .security file',
+                        error=sys.exc_info())
+                prm[permission]=(acquire,roles)
+            return prm
 
     if Globals.DevelopmentMode and os.name=='nt':
 
@@ -254,6 +284,13 @@
                         finally:
                             tb = None   # Avoid leaking frame!
                             
+                    # FS-based security                    
+                    permissions = self._readSecurity(e_fp + '.security')
+                    if permissions is not None:
+                        for name in permissions.keys():
+                            acquire,roles = permissions[name]
+                            ob.manage_permission(name,roles,acquire)
+
                     ob_id = ob.getId()
                     data[ob_id] = ob
                     objects.append({'id': ob_id, 'meta_type': ob.meta_type})