[Zope-Checkins] CVS: Zope/lib/python/AccessControl - PermissionRole.py:1.10.30.2 SecurityManager.py:1.6.18.1 ZopeSecurityPolicy.py:1.12.30.3 cAccessControl.c:1.10.12.3
Shane Hathaway
shane@digicool.com
Wed, 17 Oct 2001 01:19:27 -0400
Update of /cvs-repository/Zope/lib/python/AccessControl
In directory cvs.zope.org:/tmp/cvs-serv6244
Modified Files:
Tag: cAccessControl-review-branch
PermissionRole.py SecurityManager.py ZopeSecurityPolicy.py
cAccessControl.c
Log Message:
- Removed unneeded getattr and setattr implementations.
- Moved imports and aq_init after Py_InitModule() to work around a
bug in the current Python releases.
- Added code that looks for the ZOPE_SECURITY_POLICY variable in the
environment. Set to "PYTHON" to use the Python version of the
Zope security policy.
- Made sure SecurityManager doesn't pass Python's version of _noroles to
ZopeSecurityPolicy.validate().
- Added exception handling and a DECREF for the handling of variable
"p" in validate().
- Made sure _p of imPermissionRole objects is non-NULL.
- Simplified list concatenation and added exception detection.
- Added a Py_INCREF(_what_not_even_god_should_do)
- If _pa is NULL we have to set some exception before returning NULL.
Fixed.
- Removed apparently unnecessary assignments to NULL in
imPermissionRole_dealloc().
- Minor cosmetic changes:
UNLESS(x) -> if(x == NULL) in some places
Remove whitespace
(Still to do: change PyObject_CallMethod to PyObject_CallObject)
=== Zope/lib/python/AccessControl/PermissionRole.py 1.10.30.1 => 1.10.30.2 ===
__version__='$Revision$'[11:-2]
-try:
- import cAccessControl
+_use_python_impl = 0
+import os
+if os.environ.get("ZOPE_SECURITY_POLICY", None) == "PYTHON":
+ _use_python_impl = 1
+else:
+ try:
+ # C Optimization:
+ from cAccessControl import rolesForPermissionOn, \
+ PermissionRole, imPermissionRole, _what_not_even_god_should_do
+ except ImportError:
+ # Fall back to Python implementation.
+ _use_python_impl = 1
+
-except ImportError:
- # Fall back to Python implementation
+if _use_python_impl:
import sys
@@ -208,13 +218,6 @@
del self._pa
return len(v)
-
-else:
- # C Optimizations:
- rolesForPermissionOn=cAccessControl.rolesForPermissionOn
- PermissionRole=cAccessControl.PermissionRole
- imPermisionRole=cAccessControl.imPermissionRole
- _what_not_even_god_should_do= cAccessControl._what_not_even_god_should_do
##############################################################################
# Test functions:
=== Zope/lib/python/AccessControl/SecurityManager.py 1.6 => 1.6.18.1 ===
policy=self._policy
if policy is None: policy=_defaultPolicy
- return policy.validate(accessed, container, name, value,
- self._context, roles)
+ if roles is _noroles:
+ return policy.validate(accessed, container, name, value,
+ self._context)
+ else:
+ return policy.validate(accessed, container, name, value,
+ self._context, roles)
def DTMLValidate(self, accessed=None, container=None, name=None,
value=None,md=None):
@@ -175,15 +179,19 @@
policy=self._policy
if policy is None: policy=_defaultPolicy
return policy.validate(accessed, container, name, value,
- self._context, _noroles)
+ self._context)
def validateValue(self, value, roles=_noroles):
"""Convenience for common case of simple value validation.
"""
policy=self._policy
if policy is None: policy=_defaultPolicy
- return policy.validate(None, None, None, value,
- self._context, roles)
+ if roles is _noroles:
+ return policy.validate(None, None, None, value,
+ self._context)
+ else:
+ return policy.validate(None, None, None, value,
+ self._context, roles)
def checkPermission(self, permission, object):
"""Check whether the security context allows the given permission on
=== Zope/lib/python/AccessControl/ZopeSecurityPolicy.py 1.12.30.2 => 1.12.30.3 ===
-try:
- import cAccessControl
-except ImportError:
- # Fall back on Python implementation
+_use_python_impl = 0
+import os
+if os.environ.get("ZOPE_SECURITY_POLICY", None) == "PYTHON":
+ _use_python_impl = 1
+else:
+ try:
+ # C Optimization:
+ from cAccessControl import ZopeSecurityPolicy
+ from SimpleObjectPolicies import _noroles
+ except ImportError:
+ # Fall back to Python implementation.
+ _use_python_impl = 1
+
+
+if _use_python_impl:
from types import StringType
@@ -102,7 +113,8 @@
from zLOG import LOG, PROBLEM
from Acquisition import aq_base
- from PermissionRole import _what_not_even_god_should_do, rolesForPermissionOn
+ from PermissionRole import _what_not_even_god_should_do, \
+ rolesForPermissionOn
class ZopeSecurityPolicy:
@@ -241,10 +253,4 @@
if type(roles) is StringType:
roles=[roles]
return context.user.allowed(object, roles)
-
-else:
- # C Optimization
- from SimpleObjectPolicies import _noroles
- ZopeSecurityPolicy = cAccessControl.ZopeSecurityPolicy
-
=== Zope/lib/python/AccessControl/cAccessControl.c 1.10.12.2 => 1.10.12.3 === (613/713 lines abridged)
-static PyObject *PermissionRole_getattro(PermissionRole *self, PyObject *name);
-static int PermissionRole_setattro(PermissionRole *self, PyObject *name,
- PyObject *value);
static PyObject *PermissionRole_init(PermissionRole *self, PyObject *args);
static PyObject *PermissionRole_of(PermissionRole *self, PyObject *args);
static void PermissionRole_dealloc(PermissionRole *self);
-static PyObject *imPermissionRole_getattro(imPermissionRole *self,
- PyObject *name);
-static int imPermissionRole_setattro(imPermissionRole *self, PyObject *name,
- PyObject *value);
static PyObject *imPermissionRole_of(imPermissionRole *self, PyObject *args);
static int imPermissionRole_length(imPermissionRole *self);
static PyObject *imPermissionRole_get(imPermissionRole *self,
@@ -222,8 +215,8 @@
NULL, /* tp_hash */
NULL, /* tp_call */
NULL, /* tp_str */
- (getattrofunc) PermissionRole_getattro, /* tp_getattr */
- (setattrofunc) PermissionRole_setattro, /* tp_setattr */
+ NULL, /* tp_getattro */
+ NULL, /* tp_setattro */
/* Reserved fields */
0, /* tp_xxx3 */
0, /* tp_xxx4 */
@@ -287,8 +280,8 @@
NULL, /* tp_hash */
NULL, /* tp_call */
NULL, /* tp_str */
- (getattrofunc) imPermissionRole_getattro, /* tp_getattro */
- (setattrofunc) imPermissionRole_setattro, /* tp_setattro */
+ NULL, /* tp_getattro */
+ NULL, /* tp_setattro */
/* Reserved fields */
0, /* tp_xxx3 */
0, /* tp_xxx4 */
@@ -338,21 +331,8 @@
** elsewhere... (e.g. imports)
*/
-#define IMPORT(module, name) if ((module = PyImport_ImportModule(name)) == NULL) return -1;
-#define GETATTR(module, name) if ((name = PyObject_GetAttrString(module, #name)) == NULL) return -1;
-
static int
ZopeSecurityPolicy_setup(void) {
- PyObject *module;
-
- /*| from zLOG import LOG, PROBLEM
[-=- -=- -=- 613 lines omitted -=- -=- -=-]
+ imPermissionRoleType.tp_getattro =
+ (getattrofunc) PyExtensionClassCAPI->getattro;
-
-
- module = Py_InitModule4("cAccessControl",
+ module = Py_InitModule3("cAccessControl",
cAccessControl_methods,
- "$Id: %\n",
- OBJECT(NULL),
- PYTHON_API_VERSION);
+ "$Id$\n");
+
+ aq_init(); /* For Python <= 2.1.1, aq_init() should be after
+ Py_InitModule(). */
dict = PyModule_GetDict(module);
@@ -1542,6 +1434,8 @@
PyExtensionClass_Export(dict, "imPermissionRole",
imPermissionRoleType);
+ imPermissionRoleObj = PyDict_GetItemString(dict, "imPermissionRole");
+
/*| from SimpleObjectPolicies import Containers
*/
@@ -1550,11 +1444,20 @@
Py_DECREF(module);
module = NULL;
- /*| from AccessControl import Unauthorized
+ /*| from unauthorized import Unauthorized
*/
- IMPORT(module, "AccessControl");
+ IMPORT(module, "AccessControl.unauthorized");
GETATTR(module, Unauthorized);
+ Py_DECREF(module);
+ module = NULL;
+
+ /*| from zLOG import LOG, PROBLEM
+ */
+
+ IMPORT(module, "zLOG");
+ GETATTR(module, LOG);
+ GETATTR(module, PROBLEM);
Py_DECREF(module);
module = NULL;
}