[Zope-Checkins] CVS: Zope3/lib/python/Zope/App/Security - IRoleManagement.py:1.1.2.1 IZope3RoleManageable.py:1.1.2.1 Zope3RoleManagement.py:1.1.2.1
Tres Seaver
tseaver@zope.com
Thu, 29 Nov 2001 11:45:35 -0500
Update of /cvs-repository/Zope3/lib/python/Zope/App/Security
In directory cvs.zope.org:/tmp/cvs-serv2590/lib/python/Zope/App/Security
Added Files:
Tag: Zope-3x-branch
IRoleManagement.py IZope3RoleManageable.py
Zope3RoleManagement.py
Log Message:
- Add initial role management.
=== Added File Zope3/lib/python/Zope/App/Security/IRoleManagement.py ===
# Copyright (c) 2001 Zope Corporation and Contributors. All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 1.1 (ZPL). A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
from Interface import Interface
class IRoleManagement( Interface ):
"""
Interface for features which manage knowledge of role-permission
bindings for a given object.
"""
def listAvailableRoles():
"""
What roles are available at our context?
"""
def addRole( role_name ):
"""
Create a new, empty role.
"""
def removeRole( role_name ):
"""
Remove a role, and any associated permission bindings.
"""
def listPermissionsOfRole( role_name ):
"""
What permissions does the 'role_name' have?
"""
def clearPermissionsOfRole( role_name ):
"""
Remove all permissions from 'role_name'.
"""
def addPermissionToRole( role_name, permission ):
"""
Add 'permission' to 'role_name'.
"""
def listRolesWithPermission( permission ):
"""
Which roles have 'permission' in our context?
"""
=== Added File Zope3/lib/python/Zope/App/Security/IZope3RoleManageable.py ===
# Copyright (c) 2001 Zope Corporation and Contributors. All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 1.1 (ZPL). A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
from Interface import Interface, Attribute
SPECIAL_ATTRIBUTE_NAME = '__zope3_role_permission_bindings__'
class IZope3RoleManageable( Interface ):
"""
Marker interface for objects which use the new-style
role-permission bindings scheme (as distinct from
'ILegacyRoleManageable', which use the old "pollute
the instance dict" strategy).
Objects which assert this interface declare thereby
their willingness to allow the security machinery to
stash arbitrary information in their instance dict,
under the specially-named attribute.
"""
Attribute( SPECIAL_ATTRIBUTE_NAME
, """
Reserve this attribute name for the storage of
role-permission bindings.
"""
)
=== Added File Zope3/lib/python/Zope/App/Security/Zope3RoleManagement.py ===
# Copyright (c) 2001 Zope Coporation and Contributors. All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 1.1 (ZPL). A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
from IRoleManagement import IRoleManagement
from IZope3RoleManageable import IZope3RoleManageable
from IZope3RoleManageable import SPECIAL_ATTRIBUTE_NAME
class _PermissionRoleBindings:
def __init__( self ):
self._permissions = {}
self._roles = {}
class Zope3RoleManagement:
"""
Implement IRoleManagement for new-style objects.
"""
__implements__ = ( IRoleManagement, )
def __init__( self, context ):
self._context = context
def getContext( self ):
return self._context
def _getContextBindings( self ):
"""
Find or create the permission-role bindings for our context.
"""
bindings = getattr( self._context, SPECIAL_ATTRIBUTE_NAME, None )
if bindings is None:
bindings = _PermissionRoleBindings()
setattr( self._context, SPECIAL_ATTRIBUTE_NAME, bindings )
return bindings
#
# IRoleManagement implementation
#
def listAvailableRoles( self ):
"""
What roles are available at our context?
"""
roles = self._getContextBindings()._roles
return tuple( roles.keys() )
def addRole( self, role_name ):
"""
Create a new, empty role.
"""
roles = self._getContextBindings()._roles
if roles.has_key( role_name ):
raise KeyError, 'Role %s already defined.' % role_name
roles[ role_name ] = ()
def removeRole( self, role_name ):
"""
Remove a role, and any associated permission bindings.
"""
roles = self._getContextBindings()._roles
if not roles.has_key( role_name ):
raise KeyError, 'Role %s not defined.' % role_name
self.clearPermissionsOfRole( role_name )
del roles[ role_name ]
def listPermissionsOfRole( self, role_name ):
"""
What permissions does the 'role_name' have?
"""
def clearPermissionsOfRole( self, role_name ):
"""
Remove all permissions from 'role_name'.
"""
def addPermissionToRole( self, role_name, permission ):
"""
Add 'permission' to 'role_name'.
"""
def listRolesWithPermission( self, permission ):
"""
Which roles have 'permission' in our context?
"""