[Zope-Checkins] CVS: Zope3/lib/python/Zope/Security - Checker.py:1.1.4.2

Shane Hathaway shane@cvs.zope.org
Mon, 29 Apr 2002 10:56:32 -0400 

Update of /cvs-repository/Zope3/lib/python/Zope/Security
In directory cvs.zope.org:/tmp/cvs-serv28505

Modified Files:
      Tag: Zope-3x-branch
	Checker.py 
Log Message:
- Added a check for None in selectChecker(), which makes the ZMI work again.
  I'm a little confused about selectChecker(), however, since it seems
  to be asking for an implementation of IChecker then turning around and
  making sure the returned object is an instance of Checker.  If it is not
  a Checker, it *calls* whatever it got.  I don't understand why it is done
  this way, so I may be getting this wrong, sorry.

- Added an env var, ZOPE_WATCH_CHECKERS, that you can turn on to watch what
  the checkers are doing.  It should help debugging and it's kind of
  fascinating. :-)


=== Zope3/lib/python/Zope/Security/Checker.py 1.1.4.1 => 1.1.4.2 ===
 from ISecurityProxyFactory import ISecurityProxyFactory
 from Zope.Security.SecurityManagement import getSecurityManager
+import sys, os
+
+
+if os.environ.get('ZOPE_WATCH_CHECKERS'):
+    WATCH_CHECKERS = 1
+else:
+    WATCH_CHECKERS = 0
+
 
 # Marker for public attributes
 CheckerPublic = object()
@@ -73,19 +81,32 @@
     def check(self, object, name):
         'See Zope.Security.IChecker.IChecker'
 
+        if WATCH_CHECKERS:
+            print >> sys.stderr, ('Checking %r.%s:' % (object, name)),
+
         # We have the information we need already
         permission = self.__permission_func(name)
         if permission:
             if permission is CheckerPublic:
+                if WATCH_CHECKERS:
+                    print >> sys.stderr, 'Public.'
                 return # Public
             manager = getSecurityManager()
             if manager.checkPermission(permission, object):
+                if WATCH_CHECKERS:
+                    print >> sys.stderr, 'Granted.'
                 return
             else:
+                if WATCH_CHECKERS:
+                    print >> sys.stderr, 'Unauthorized.'
                 raise Unauthorized(name=name)
         elif name in _always_available:
+            if WATCH_CHECKERS:
+                print >> sys.stderr, 'Always available.'
             return
 
+        if WATCH_CHECKERS:
+            print >> sys.stderr, 'Forbidden.'
         raise ForbiddenAttribute(name)
 
     def proxy(self, value):
@@ -176,7 +197,7 @@
 
     while not isinstance(checker, Checker):
         checker = checker(object)
-        if checker is NoProxy:
+        if checker is NoProxy or checker is None:
             return None
     
     return checker