[Zope-Checkins] CVS: Zope3/lib/python/Zope/App/ZMI - ZMIViewService.py:1.1.2.11 metaConfigure.py:1.1.2.12 zmi.zcml:1.1.2.8
Jim Fulton
jim@zope.com
Sun, 28 Apr 2002 13:17:12 -0400
Update of /cvs-repository/Zope3/lib/python/Zope/App/ZMI
In directory cvs.zope.org:/tmp/cvs-serv17050/lib/python/Zope/App/ZMI
Modified Files:
Tag: Zope-3x-branch
ZMIViewService.py metaConfigure.py zmi.zcml
Log Message:
HOTYB: Merged SecurityProxy-branch into main branch.
All tests pass and folders can be listed and added through the web.
It is likely that most other things don't work and will need to be
fixed. The reason is that many accesses that should have been checked
before are now being checked and additional checks and thinking about
permissions and security settings are needed.
I'm in the process of drafting a paper for the wiki that describes the
changes in more detail.
=== Zope3/lib/python/Zope/App/ZMI/ZMIViewService.py 1.1.2.10 => 1.1.2.11 ===
from IZMIViewService import IZMIViewService
from Interface.Implements import objectImplements, flattenInterfaces
-
-
-from Zope.ContextWrapper import getinnercontext
+from Zope.Proxy.ContextWrapper import getWrapperContainer
from Zope.ComponentArchitecture import getAdapter
from Zope.App.Traversing.ITraverser import ITraverser
-from Zope.App.Security.SecurityManagement import getSecurityManager
+from Zope.Security.SecurityManagement import getSecurityManager
from Zope.PageTemplate.EngineConfig import getEngine
+from Zope.Proxy.ProxyIntrospection import removeAllProxies
+
+
class ZMIViewService:
__implements__ = IZMIViewService
@@ -45,7 +46,9 @@
res = []
- obj_interfaces = flattenInterfaces(objectImplements(object))
+ obj_interfaces = flattenInterfaces(objectImplements(
+ removeAllProxies(object)
+ ))
for interface in obj_interfaces:
@@ -60,12 +63,6 @@
if view_value in res:
continue
- ## XXX security check
- ## XXX This is now much tricker, since we will need
- # to traverse views
- #try: adapter.restrictedTraverse(v.action)
- #except:
- # continue
## check filter, short circuit if default
if not v.filter_string == 'python: 1':
@@ -84,9 +81,8 @@
data = {
'context': object,
- 'view': getinnercontext(object),
+ 'view': getWrapperContainer(object),
'nothing': None,
- # 'request': getattr( object, 'REQUEST', None ),
'user': getSecurityManager().getPrincipal(),
}
return getEngine().getContext(data)
=== Zope3/lib/python/Zope/App/ZMI/metaConfigure.py 1.1.2.11 => 1.1.2.12 ===
from Zope.ComponentArchitecture import provideFactory, getService
from IGenericCreatorMarker import IGenericCreatorMarker
+from Zope.Security.Checker import NamesChecker, CheckerPublic, ProxyFactory
class ClassFactory:
__implements__ = IFactory
- def __init__(self, _class, permission):
- self.__permission__ = permission
+ def __init__(self, _class):
self._class = _class
def __call__(self, *args, **kwargs):
return self._class(*args, **kwargs)
-
def provideClass(registry, qualified_name, _class, permission,
title, description='', marker_interface=None):
"""Provide simple class setup
@@ -45,10 +44,13 @@
- set component permission
"""
- factory = ClassFactory(_class, permission)
+ factory = ClassFactory(_class)
+ if permission and (permission != 'Zope.Public'):
+ factory = ProxyFactory(factory, NamesChecker(__call__=permission))
provideFactory(qualified_name, factory)
registry=getService(None,registry)
- registry.provideAddable(qualified_name, title, description, marker_interface)
+ registry.provideAddable(qualified_name, title, description,
+ marker_interface)
def ServiceClassDir(_context, name, class_, permission_id, title,
=== Zope3/lib/python/Zope/App/ZMI/zmi.zcml 1.1.2.7 => 1.1.2.8 ===
<security:protectClass name=".ZMIViewUtility."
permission_id="Zope.View"
- methods="getZMIViews"/>
+ names="getZMIViews"/>
<security:protectClass
name=".IGenericCreatorMarker."