[Zope-Checkins] CVS: Zope3/lib/python/Zope/App/Security - IDTMLSecurityAPI.py:1.1.2.1 IExecutableObject.py:1.1.2.1 ISecurityContext.py:1.1.2.1 ISecurityManagement.py:1.1.2.1 ISecurityManager.py:1.1.2.1 ISecurityPolicy.py:1.1.2.1
Tres Seaver
tseaver@zope.com
Tue, 27 Nov 2001 18:07:18 -0500
Update of /cvs-repository/Zope3/lib/python/Zope/App/Security
In directory cvs.zope.org:/tmp/cvs-serv29760/lib/python/Zope/App/Security
Added Files:
Tag: Zope-3x-branch
IDTMLSecurityAPI.py IExecutableObject.py ISecurityContext.py
ISecurityManagement.py ISecurityManager.py ISecurityPolicy.py
Log Message:
- Add interfaces for security framework.
=== Added File Zope3/lib/python/Zope/App/Security/IDTMLSecurityAPI.py ===
# Copyright (c) 2001 Zope Corporation and Contributors. All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 1.1 (ZPL). A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
from Interface import Interface
class IDTMLSecurityAPI( Interface ):
"""
The DTML Security API is implemented by the DTML namespace (aka _)
and provides tools for checking access to objects.
"""
def SecurityValidate( accessed, container, name, value ):
"""
Validate access.
Arguments:
accessed -- the object that was being accessed
container -- the object the value was found in
name -- The name used to access the value
value -- The value retrieved though the access.
The arguments may be provided as keyword arguments. Some of
these arguments may be omitted; however, the policy may reject
access in some cases when arguments are omitted. It is best to
provide all the values possible.
"""
def SecurityValidateValue( value ):
"""
Convenience for common case of simple value validation.
"""
def SecurityCheckPermission( permission, object ):
"""
Check whether the security context allows the given permission
on the given object.
Arguments:
permission -- A permission name
object -- The object being accessed according to the permission
"""
def SecurityGetUser():
"""
Get the current authenticated user.
"""
def SecurityCalledByExecutable():
"""
Return a boolean value indicating if this context was called
by an executable.
"""
=== Added File Zope3/lib/python/Zope/App/Security/IExecutableObject.py ===
# Copyright (c) 2001 Zope Corporation and Contributors. All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 1.1 (ZPL). A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
from Interface import Interface
class IExecutableObject( Interface ):
"""
An executable object is an object that executes logic provided
through the web (TTW). Examples of executable objects include
DTML methods and documents, SQL methods, Wiki pages, and,
someday, TTW Python methods.
It is likely that SecurityPolicy objects will expect executable
objects to provide certain interfaces. These interfaces
may, in fact, turn out to be policy dependent.
An executable object may provide it's own security policy by
defining the method:
"""
class IExecutableObjectWithCustomSecurityPolicy( IExecutableObject ):
def _customSecurityPolicy():
"""
Return a custom SecurityPolicy.
This should rearely, if ever be needed.
"""
=== Added File Zope3/lib/python/Zope/App/Security/ISecurityContext.py ===
# Copyright (c) 2001 Zope Corporation and Contributors. All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 1.1 (ZPL). A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
from Interface import Interface, Attribute
class ISecurityContext( Interface ):
"""
Capture transient request-specific security information.
"""
Attribute( 'stack'
, 'A stack of elements, each either be an ExecutableObject'
'or a tuple consisting of an ExecutableObject and a'
'custom SecurityPolicy.'
)
Attribute( 'user'
, 'The AUTHENTICATED_USER for the request.'
)
=== Added File Zope3/lib/python/Zope/App/Security/ISecurityManagement.py ===
# Copyright (c) 2001 Zope Corporation and Contributors. All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 1.1 (ZPL). A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
from Interface import Interface
class ISecurityManagementSetup( Interface ):
"""
Infrastructure (including tests, etc.) calls these things to
tweak the security manager.
"""
def newSecurityManager( user ):
"""
Install a new SecurityManager, using user. Return the
old SecurityManager, if any, or None.
"""
def replaceSecurityManager( old_manager ):
"""
Replace the SecurityManager with 'old_manager', which
must implement ISecurityManager.
"""
def noSecurityManager():
"""
Clear any existing SecurityManager.
"""
class ISecurityManagement( Interface ):
"""
"Public" SM API.
"""
def getSecurityManager():
"""
Get a SecurityManager (create if needed).
"""
def setSecurityPolicy( aSecurityPolicy ):
"""
Set the system default security policy.
This method should only be caused by system startup code.
It should never, for example, be called during a web request.
"""
=== Added File Zope3/lib/python/Zope/App/Security/ISecurityManager.py ===
# Copyright (c) 2001 Zope Corporation and Contributors. All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 1.1 (ZPL). A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
from Interface import Interface
class ISecurityManager( Interface ):
"""
A security manager provides methods for checking access and managing
executable context and policies.
"""
def validate( accessed, container, name, value, roles ):
"""
Validate access.
Arguments:
accessed -- the object that was being accessed
container -- the object the value was found in
name -- The attribute name used to access the value
value -- The value retrieved though the access.
roles -- an (optional) list of roles to use when authorizing
access
The arguments may be provided as keyword arguments. Some of
these arguments may be ommitted, however, the policy may
reject access in some cases when arguments are ommitted.
It is best to provide all the values possible.
A boolean value is returned indicating whether the value is
accessible. An Unauthorized exception may be raised in some
cases.
"""
def validateValue(value, roles):
"""
Validate access. This is a shortcut for the common case of
validating a value without providing access information.
A boolean value is returned indicating whether the value is
accessible. An Unauthorized exception may be raised in some
cases.
"""
def checkPermission( permission, object ):
"""
Check whether the security context allows the given
permission on the given object. Return a boolean value.
Arguments:
permission -- A permission name
object -- The object being accessed according to the permission
"""
def addContext( anExecutableObject ):
"""
Add an ExecutableObject to the current security
context.
There is no return.
"""
def removeContext( anExecutableObject ):
"""
Remove an ExecutableObject.
There is no return.
"""
def getUser():
"""
Return the authenticated user.
This is equivalent to something like::
REQUEST['AUTHENTICATED_USER']
but is a bit cleaner, especially if 'REQUEST' isn't handy.
"""
def calledByExecutable():
"""
Determine if called through an ExecutableObject.
A true value is returned if any ExecutableObjects
have (directly or indirectly) called the current method and
a true value otherwise.
This can be used to determine if an object was called
(more or less) directly from a URL, or if it was called by
through-the-web provided code.
(The value returned by the initial implementation
is actually size of the context stack, which is the depth
of the through-the-web call stack. Is this information
valuable enough to promise in the interface?)
"""
=== Added File Zope3/lib/python/Zope/App/Security/ISecurityPolicy.py ===
# Copyright (c) 2001 Zope Corporation and Contributors. All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 1.1 (ZPL). A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
from Interface import Interface
_DONT_CHECK_ROLES = []
class ISecurityPolicy( Interface ):
def validate( accessed
, container
, name
, value
, context
, roles=_DONT_CHECK_ROLES
):
"""
Validate access.
Arguments:
accessed -- the object that was being accessed
container -- the object the value was found in
name -- The name used to access the value
value -- The value returned by the access
context -- must implement ISecurityContext; access to information
such as the context stack and AUTHENTICATED_USER.
roles -- an (optional) list of roles used to authorize access
against the value. This list overrides the roles gathered
by the security policy if used.
"""
def checkPermission( permission
, object
, context
):
"""
Check whether the security context allows the given permission on
the given object.
Arguments:
permission -- A permission name
object -- The object being accessed according to the permission
context -- A SecurityContext, which provides access to information
shuch as the context stack and AUTHENTICATED_USER.
"""