[Zope-Checkins] CVS: Zope3/lib/python/Zope/App/Security - AttributeRolePermissionManager.py:1.1.2.1 IAttributeRolePermissionManageable.py:1.1.2.1

Jim Fulton jim@zope.com
Fri, 28 Dec 2001 08:45:17 -0500 

Update of /cvs-repository/Zope3/lib/python/Zope/App/Security
In directory cvs.zope.org:/tmp/cvs-serv16867

Added Files:
      Tag: Zope-3x-branch
	AttributeRolePermissionManager.py 
	IAttributeRolePermissionManageable.py 
Log Message:
Added framework for managing role permissions in an attribute of
objects. This is needed to implement a Zope2-style security page (sans
role and local-role definitions).

We decided to punt, for now, on "acquiring permission settings".
That feature, specifically the abiliy to disable acquisition of
permission settings,  was very tied to the Zope 2 implementation.
This needs more thought.
 


=== Added File Zope3/lib/python/Zope/App/Security/AttributeRolePermissionManager.py ===
##############################################################################
#
# Copyright (c) 2001 Zope Corporation and Contributors. All Rights Reserved.
# 
# This software is subject to the provisions of the Zope Public License,
# Version 2.0 (ZPL).  A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE
# 
##############################################################################
"""

Revision information: $Id: AttributeRolePermissionManager.py,v 1.1.2.1 2001/12/28 13:45:16 jim Exp $
"""

from Zope.ComponentArchitecture import getService

from IRolePermissionManager import IRolePermissionManager

class  AttributeRolePermissionManager:
    """
    provide adaptor that manages role permission data in an object attribute
    """

    __implements__ = IRolePermissionManager

    def __init__(self, context):
        self._context = context

    def getPermissionsForRole(self, role):
        """Return the list of permissions for the given role.

        role must be an IRole.  If no permissions have been granted to this
        role, then the empty list is returned.
        """
        try:
            rp = self._context.__role_permissions__
        except AttributeError:
            return ()
        return rp.get(role, ())

    def getRolesForPermission(self, permission):
        """Return the list of roles for the given permission.

        permission must be an IPermission.  If no roles have been granted
        this permission, then the empty list is returned.
        """
        try:
            rp = self._context.__role_permissions__
        except AttributeError:
            return ()

        r = []
        for role, permissions in rp.items():
            if permission in permissions:
                r.append(role)

        return r

    def getPermissionAcquired(self, permission):
        """Return a flag indicating whether permission settings are acquired.
        """
        # punt for now
        return 1

    def grantPermissionToRole(self, permission, role):
        """Bind the permission to the role.

        permission must be an IPermission
        role must be an IRole
        """
        permissionService = getService(self._context,
                                       'PermissionService')
        p = permissionService.getPermission(permission)
        if p is None:
            raise ValueError('Invalid Permission')

        roleService = getService(self._context,
                                 'RoleService')
        r = roleService.getRole(role)
        if r is None:
            raise ValueError('Invalid Role')
        
        try:
            rp = self._context.__role_permissions__
        except AttributeError:
            rp = self._context.__role_permissions__ = {}

        try:
            permissions = rp[role]
        except KeyError:
            rp[role] = [ permission ]
            self._context._p_changed = 1
        else:
            if permission not in permissions:
                permissions.append(permission)
                self._context._p_changed = 1

    def setPermissionAcquired(self, permission, flag):
        """Set a flag indicating whether permission settings are acquired.

        Permission settings are acquired by default.
        """


=== Added File Zope3/lib/python/Zope/App/Security/IAttributeRolePermissionManageable.py ===
##############################################################################
#
# Copyright (c) 2001 Zope Corporation and Contributors. All Rights Reserved.
# 
# This software is subject to the provisions of the Zope Public License,
# Version 2.0 (ZPL).  A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE
# 
##############################################################################
"""

Revision information: $Id: IAttributeRolePermissionManageable.py,v 1.1.2.1 2001/12/28 13:45:16 jim Exp $
"""

from Interface import Interface

class IAttributeRolePermissionManageable(Interface):

    """The object reserves the attribute __role_permissions__ for use
    by implementations of IRolePermissionManager"""