[Zope-Checkins] CVS: Zope/lib/python/AccessControl - PermissionRole.py:1.10.30.2 SecurityManager.py:1.6.18.1 ZopeSecurityPolicy.py:1.12.30.3 cAccessControl.c:1.10.12.3

Shane Hathaway shane@digicool.com
Wed, 17 Oct 2001 01:19:27 -0400


Update of /cvs-repository/Zope/lib/python/AccessControl
In directory cvs.zope.org:/tmp/cvs-serv6244

Modified Files:
      Tag: cAccessControl-review-branch
	PermissionRole.py SecurityManager.py ZopeSecurityPolicy.py 
	cAccessControl.c 
Log Message:
- Removed unneeded getattr and setattr implementations.

- Moved imports and aq_init after Py_InitModule() to work around a
  bug in the current Python releases.

- Added code that looks for the ZOPE_SECURITY_POLICY variable in the
  environment.  Set to "PYTHON" to use the Python version of the
  Zope security policy.

- Made sure SecurityManager doesn't pass Python's version of _noroles to
  ZopeSecurityPolicy.validate().

- Added exception handling and a DECREF for the handling of variable
  "p" in validate().

- Made sure _p of imPermissionRole objects is non-NULL.

- Simplified list concatenation and added exception detection.

- Added a Py_INCREF(_what_not_even_god_should_do)

- If _pa is NULL we have to set some exception before returning NULL.
  Fixed.

- Removed apparently unnecessary assignments to NULL in
  imPermissionRole_dealloc().

- Minor cosmetic changes:
    UNLESS(x) -> if(x == NULL) in some places
    Remove whitespace

(Still to do: change PyObject_CallMethod to PyObject_CallObject)                


=== Zope/lib/python/AccessControl/PermissionRole.py 1.10.30.1 => 1.10.30.2 ===
 __version__='$Revision$'[11:-2]
 
-try:
-    import cAccessControl
+_use_python_impl = 0
+import os
+if os.environ.get("ZOPE_SECURITY_POLICY", None) == "PYTHON":
+    _use_python_impl = 1
+else:
+    try:
+        # C Optimization:
+        from cAccessControl import rolesForPermissionOn, \
+             PermissionRole, imPermissionRole, _what_not_even_god_should_do
+    except ImportError:
+        # Fall back to Python implementation.
+        _use_python_impl = 1
+
 
-except ImportError:
-    # Fall back to Python implementation
+if _use_python_impl:
 
     import sys
 
@@ -208,13 +218,6 @@
                 del self._pa
 
             return len(v)
-
-else:
-    # C Optimizations:
-    rolesForPermissionOn=cAccessControl.rolesForPermissionOn
-    PermissionRole=cAccessControl.PermissionRole
-    imPermisionRole=cAccessControl.imPermissionRole
-    _what_not_even_god_should_do= cAccessControl._what_not_even_god_should_do
 
 ############################################################################## 
 # Test functions:


=== Zope/lib/python/AccessControl/SecurityManager.py 1.6 => 1.6.18.1 ===
         policy=self._policy
         if policy is None: policy=_defaultPolicy
-        return policy.validate(accessed, container, name, value,
-                               self._context, roles)
+        if roles is _noroles:
+            return policy.validate(accessed, container, name, value,
+                                   self._context)
+        else:
+            return policy.validate(accessed, container, name, value,
+                                   self._context, roles)
 
     def DTMLValidate(self, accessed=None, container=None, name=None,
                     value=None,md=None):
@@ -175,15 +179,19 @@
         policy=self._policy
         if policy is None: policy=_defaultPolicy
         return policy.validate(accessed, container, name, value,
-                               self._context, _noroles)
+                               self._context)
 
     def validateValue(self, value, roles=_noroles):
         """Convenience for common case of simple value validation.
         """
         policy=self._policy
         if policy is None: policy=_defaultPolicy
-        return policy.validate(None, None, None, value,
-                               self._context, roles)
+        if roles is _noroles:
+            return policy.validate(None, None, None, value,
+                                   self._context)
+        else:
+            return policy.validate(None, None, None, value,
+                                   self._context, roles)
 
     def checkPermission(self, permission, object):
         """Check whether the security context allows the given permission on


=== Zope/lib/python/AccessControl/ZopeSecurityPolicy.py 1.12.30.2 => 1.12.30.3 ===
 
 
-try:
-    import cAccessControl
-except ImportError:
-    # Fall back on Python implementation
+_use_python_impl = 0
+import os
+if os.environ.get("ZOPE_SECURITY_POLICY", None) == "PYTHON":
+    _use_python_impl = 1
+else:
+    try:
+        # C Optimization:
+        from cAccessControl import ZopeSecurityPolicy
+        from SimpleObjectPolicies import _noroles
+    except ImportError:
+        # Fall back to Python implementation.
+        _use_python_impl = 1
+
+
+if _use_python_impl:
 
     from types import StringType
 
@@ -102,7 +113,8 @@
     from zLOG import LOG, PROBLEM
     from Acquisition import aq_base
 
-    from PermissionRole import _what_not_even_god_should_do, rolesForPermissionOn
+    from PermissionRole import _what_not_even_god_should_do, \
+         rolesForPermissionOn
 
 
     class ZopeSecurityPolicy:
@@ -241,10 +253,4 @@
             if type(roles) is StringType:
                 roles=[roles]
             return context.user.allowed(object, roles)
-
-else:
-    # C Optimization
-    from SimpleObjectPolicies import _noroles
-    ZopeSecurityPolicy = cAccessControl.ZopeSecurityPolicy
-
 


=== Zope/lib/python/AccessControl/cAccessControl.c 1.10.12.2 => 1.10.12.3 === (613/713 lines abridged)
 
 
-static PyObject *PermissionRole_getattro(PermissionRole *self, PyObject *name);
-static int PermissionRole_setattro(PermissionRole *self, PyObject *name,
-                                   PyObject *value);
 static PyObject *PermissionRole_init(PermissionRole *self, PyObject *args);
 static PyObject *PermissionRole_of(PermissionRole *self, PyObject *args);
 static void PermissionRole_dealloc(PermissionRole *self);
 
-static PyObject *imPermissionRole_getattro(imPermissionRole *self, 
-                                           PyObject *name);
-static int imPermissionRole_setattro(imPermissionRole *self, PyObject *name,
-                                     PyObject *value);
 static PyObject *imPermissionRole_of(imPermissionRole *self, PyObject *args);
 static int imPermissionRole_length(imPermissionRole *self);
 static PyObject *imPermissionRole_get(imPermissionRole *self,
@@ -222,8 +215,8 @@
 	NULL,					/* tp_hash	*/
 	NULL,					/* tp_call	*/
 	NULL,					/* tp_str	*/
-	(getattrofunc) PermissionRole_getattro,	/* tp_getattr	*/
-	(setattrofunc) PermissionRole_setattro,	/* tp_setattr	*/
+	NULL,					/* tp_getattro	*/
+	NULL,					/* tp_setattro	*/
 	/* Reserved fields	*/
 	0,					/* tp_xxx3	*/
 	0,					/* tp_xxx4	*/
@@ -287,8 +280,8 @@
 	NULL,					/* tp_hash	*/
 	NULL,					/* tp_call	*/
 	NULL,					/* tp_str	*/
-	(getattrofunc) imPermissionRole_getattro,	/* tp_getattro	*/
-	(setattrofunc) imPermissionRole_setattro,	/* tp_setattro	*/
+	NULL,					/* tp_getattro	*/
+	NULL,					/* tp_setattro	*/
 	/* Reserved fields	*/
 	0,					/* tp_xxx3	*/
 	0,					/* tp_xxx4	*/
@@ -338,21 +331,8 @@
 ** elsewhere... (e.g. imports)
 */
 
-#define IMPORT(module, name) if ((module = PyImport_ImportModule(name)) == NULL) return -1;
-#define GETATTR(module, name) if ((name = PyObject_GetAttrString(module, #name)) == NULL) return -1;
-
 static int 
 ZopeSecurityPolicy_setup(void) {
-	PyObject *module;
-
-	/*| from zLOG import LOG, PROBLEM

[-=- -=- -=- 613 lines omitted -=- -=- -=-]

+	imPermissionRoleType.tp_getattro =
+		(getattrofunc) PyExtensionClassCAPI->getattro;
 
-
-
-	module = Py_InitModule4("cAccessControl",
+	module = Py_InitModule3("cAccessControl",
 		cAccessControl_methods,
-		"$Id: %\n",
-		OBJECT(NULL),
-		PYTHON_API_VERSION);
+		"$Id$\n");
+
+	aq_init(); /* For Python <= 2.1.1, aq_init() should be after
+                      Py_InitModule(). */
 
 	dict = PyModule_GetDict(module);
 
@@ -1542,6 +1434,8 @@
 	PyExtensionClass_Export(dict, "imPermissionRole",
 		imPermissionRoleType);
 
+ 	imPermissionRoleObj = PyDict_GetItemString(dict, "imPermissionRole");
+
 	/*| from SimpleObjectPolicies import Containers
 	*/
 
@@ -1550,11 +1444,20 @@
 	Py_DECREF(module);
 	module = NULL;
 
-	/*| from AccessControl import Unauthorized
+	/*| from unauthorized import Unauthorized
 	*/
 
-	IMPORT(module, "AccessControl");
+	IMPORT(module, "AccessControl.unauthorized");
 	GETATTR(module, Unauthorized);
+	Py_DECREF(module);
+	module = NULL;
+
+	/*| from zLOG import LOG, PROBLEM
+	*/
+
+	IMPORT(module, "zLOG");
+	GETATTR(module, LOG);
+	GETATTR(module, PROBLEM);
 	Py_DECREF(module);
 	module = NULL;
 }