[Zope-Checkins] CVS: Zope3/lib/python/Zope/App/Security - PermissionRegistry.py:1.1.2.6

Tres Seaver tseaver@zope.com
Wed, 28 Nov 2001 14:02:29 -0500


Update of /cvs-repository/Zope3/lib/python/Zope/App/Security
In directory cvs.zope.org:/tmp/cvs-serv2992

Modified Files:
      Tag: Zope-3x-branch
	PermissionRegistry.py 
Log Message:


 - Add role registration, including assignment of permissions to roles.


=== Zope3/lib/python/Zope/App/Security/PermissionRegistry.py 1.1.2.5 => 1.1.2.6 ===
 # FOR A PARTICULAR PURPOSE.
 
-""" Global permission registry. """
+""" Global permission, role, and permission-role registries. """
 
 _permissions={}
+_roles={}
 
 def definePermission(name):
-    _permissions[name]=1
-    
+    _permissions[name]=()
+ 
 definedPermission=_permissions.has_key
 
-_clearPermissions=_permissions.clear
+class Role:
+
+    _permissions = ()
+
+    def __init__( self, name ):
+        self._name = name
+
+    def includePermission( self, permission ):
+
+        roles = list( rolesForPermission( permission ) )
+        if self._name in roles:
+            raise KeyError, \
+                    ( 'Role %s already includes permission %s'
+                    % ( self._name, permission )
+                    )
+
+        roles.append( self._name )
+        roles.sort()
+        _permissions[ permission ] = tuple( roles )
+        self._permissions = self._permissions + ( permission, )
+
+    def hasPermission( self, permission ):
+        return permission in self._permissions
+
+def defineRole(name):
+    result = _roles[ name ] = Role( name )
+    return result
+
+definedRole = _roles.has_key
+
+def rolesForPermission( permission ):
+    if not definedPermission( permission ):
+        raise KeyError, 'No such permission: %s' % permission
+    return _permissions[ permission ]
+
+def _clear():
+    _permissions.clear()
+    _roles.clear()