[Zope-Checkins] CVS: Zope3/lib/python/Zope/App/Security - ZopeSecurityPolicy.py:1.1.2.12
Anthony Baxter
anthony@interlink.com.au
Sat, 9 Feb 2002 17:20:32 -0500
Update of /cvs-repository/Zope3/lib/python/Zope/App/Security
In directory cvs.zope.org:/tmp/cvs-serv8632
Modified Files:
Tag: Zope-3x-branch
ZopeSecurityPolicy.py
Log Message:
Deal with RolePermissions having Allow/Deny.
=== Zope3/lib/python/Zope/App/Security/ZopeSecurityPolicy.py 1.1.2.11 => 1.1.2.12 ===
# XXX: As yet, role permission managers have no concept of
# deny, refactor when this gets implemented
- if permission in rpm.getPermissionsForRole(role):
+ setting = rpm.getSetting(permission, role)
+ if setting == Allow:
seen_allowed = 1
+ if setting == Deny:
+ return 0 # Explicit Deny on role.
if seen_allowed:
return 1 # I'm allowed by a role on the principal