[Zope-Checkins] CVS: Zope3/lib/python/Zope/App/Traversing - DefaultTraversable.py:1.1.2.4.6.1 ITraverser.py:1.1.2.4.6.1 Traverser.py:1.1.2.8.6.1 __init__.py:1.1.2.6.6.1

Jim Fulton jim@zope.com
Fri, 26 Apr 2002 14:23:18 -0400 

Update of /cvs-repository/Zope3/lib/python/Zope/App/Traversing
In directory cvs.zope.org:/tmp/cvs-serv26237/lib/python/Zope/App/Traversing

Modified Files:
      Tag: SecurityProxy-branch
	DefaultTraversable.py ITraverser.py Traverser.py __init__.py 
Log Message:
Changed security code to use security proxies and name-based
security. This has pretty far-reaching implications:

- You now protect names/operations, *not* values. This means it's as
  easy yo protect data attributes that have simple values as it is to
  protect methods.

- There is no longer a __permissions__ attribute. :)

- There is no longer a validate method in either security managers or
  policies. 

- No more need to have a special compiler for restricted code.
  In exchange, lots of objects are proxies and code sometimes needs to
  be prepared to remove proxies.

In addition:

- Basic objects (None, strings, numbers, etc.) are not wrapped in
  context wrappers.

- There is a test that fails unless Python 2.3 is used.



=== Zope3/lib/python/Zope/App/Traversing/DefaultTraversable.py 1.1.2.4 => 1.1.2.4.6.1 ===
     def traverse(self, name, furtherPath):
         subject = self._subject
-        if hasattr(subject, name):
-            return getattr(subject, name)
+        r = getattr(subject, name, self) # self used as marker
+        if r is not self:
+            return r
+        
+        if hasattr(subject, '__getitem__'):
+            # Let exceptions propagate.
+            return self._subject[name]
         else:
-            if hasattr(subject, '__getitem__'):
-                # Let exceptions propagate.
-                return self._subject[name]
-            else:
-                raise NotFoundError, name
+            raise NotFoundError, name
 


=== Zope3/lib/python/Zope/App/Traversing/ITraverser.py 1.1.2.4 => 1.1.2.4.6.1 ===
         """
     
-    def unrestrictedTraverse(path, default=_RAISE_KEYERROR):
+    def traverse(path, default=_RAISE_KEYERROR):
         """
         Return an object given a path.
         
@@ -50,15 +50,4 @@
         is relative to the current context.
 
         If the object is not found, return 'default' argument.
-        """
-
-    def restrictedTraverse(path, default=_RAISE_KEYERROR):
-        """
-        Return the object obtained by traversing the given path from the object
-        on which the method was called, performing security checks along the
-        way.
-
-        The path argument is the same as for unrestrictedTraverse.
-                
-        If an object is not found then the 'default' argument will be returned.
         """


=== Zope3/lib/python/Zope/App/Traversing/Traverser.py 1.1.2.8 => 1.1.2.8.6.1 ===
 from ITraversable import ITraversable
 from Zope.ContextWrapper.IWrapper import IWrapper
-from Zope.ContextWrapper import wrapper
+from Zope.Proxy.ContextWrapper import getWrapperContext, getWrapperData
+from Zope.Proxy.ContextWrapper import ContextWrapper
 from Zope.ComponentArchitecture import getAdapter
 from Zope.Exceptions import NotFoundError, Unauthorized
 from Zope.App.Security.SecurityManagement import getSecurityManager
@@ -32,7 +33,7 @@
 def WrapperChain(w):
     while w is not None:
         yield w
-        w = wrapper.getcontext(w)
+        w = getWrapperContext(w)
 
 _marker = object()
 
@@ -58,13 +59,13 @@
         path = []
         
         for w in WrapperChain(self._wrapper):
-            d = wrapper.getdict(w)
+            d = getWrapperData(w)
             if d:
                 path.insert(0, d['name'])
 
         return tuple(path)
     
-    def unrestrictedTraverse(self, path, default=_marker, restricted=0):
+    def traverse(self, path, default=_marker):
         if not path:
             return self._wrapper
 
@@ -79,16 +80,11 @@
         path.reverse()
         pop = path.pop
 
-        validate = restricted and getSecurityManager().validate
-
         curr = self._wrapper
         if not path[-1]:
             # Start at the root
             pop()
             curr = self.getPhysicalRoot()
-            if restricted:
-                validate(None, curr)
-
         try:
             while path:
                 name = pop()
@@ -97,9 +93,7 @@
                     continue
 
                 if name == '..':
-                    curr = wrapper.getcontext(curr) or curr
-                    if restricted:
-                        validate(None, curr)
+                    curr = getWrapperContext(curr) or curr
                     continue
 
                 traversable = getAdapter(curr, ITraversable, None)
@@ -107,9 +101,7 @@
                     raise NotFoundError, 'No traversable adapter found'
 
                 next = traversable.traverse(name, path)
-                curr = wrapper.Wrapper(next, curr, name=name)
-                if restricted:
-                    validate(name, curr)
+                curr = ContextWrapper(next, curr, name=name)
 
             return curr
 
@@ -117,7 +109,4 @@
             if default == _marker:
                 raise
             return default
-
-    def restrictedTraverse(self, path, default=_marker):
-        return self.unrestrictedTraverse(path, default, restricted=1)
 


=== Zope3/lib/python/Zope/App/Traversing/__init__.py 1.1.2.6 => 1.1.2.6.6.1 ===
 Traversing the object tree.
 """
-
-import Zope.ContextWrapper
-def ZopeWrapper(obj, context=None, **data):
-    if obj is None or isinstance(obj,
-        (int, long, float, complex, unicode, str)):
-        return obj
-    return Zope.ContextWrapper.Wrapper(obj, context, **data)