[Zope-Checkins] CVS: Zope3/lib/python/Zope/App/Security - ZopeSecurityPolicy.py:1.1.2.18

[Steve Alexander]

Update of /cvs-repository/Zope3/lib/python/Zope/App/Security
In directory cvs.zope.org:/tmp/cvs-serv1912/lib/python/Zope/App/Security

Modified Files:
      Tag: Zope-3x-branch
	ZopeSecurityPolicy.py 
Log Message:
Minimal changes needed to get the ZMI viewable again, now that Shane's ZPT security hooking up has landed.
There's still a few more declarations that will be needed in OFS, and possibly elsewhere too (like on Roles...)

Also, I've patched the security policy to allow access to strings, unicodes and lists as Zope.Public. I don't know whether this is the right thing to do or not, but it is clearly commented in the code for easy removal later :)



=== Zope3/lib/python/Zope/App/Security/ZopeSecurityPolicy.py 1.1.2.17 => 1.1.2.18 ===
 from Zope.App.Security.Settings import Allow, Deny, Assign, Remove, Unset
 
+from types import StringTypes, ListType
+
 getPermissionsForPrincipal = \
                 principalPermissionManager.getPermissionsForPrincipal
 getPermissionsForRole      = rolePermissionManager.getPermissionsForRole
@@ -81,7 +83,12 @@
 
         try: permission=value.__permission__
         except AttributeError:
-            raise Forbidden(name, value, 'No permission set')
+            # XXX: allow some simple types to get ZMI working
+            #      is this the right thing to do?
+            if isinstance(value, (ListType, StringTypes)):
+                permission = 'Zope.Public'
+            else:
+                raise Forbidden(name, value, 'No permission set')
 
         if permission == 'Zope.Public': # XXX need unit test for this
             return