[Zope-Checkins] CVS: Zope3/lib/python/Zope/App/Security/Grants/Global - PrincipalRoleManager.py:1.2

[Jim Fulton]

Update of /cvs-repository/Zope3/lib/python/Zope/App/Security/Grants/Global
In directory cvs.zope.org:/tmp/cvs-serv3863/lib/python/Zope/App/Security/Grants/Global

Modified Files:
	PrincipalRoleManager.py 
Log Message:
Added a utility function in the ZopeSecurityPolicy module to get the
permissions held by a principal. This is needed to implement the
granting policy described in

http://dev.zope.org/Wikis/DevSite/Projects/ComponentArchitecture/Zope3SecurityModel

Also removed the special security settings "Assign" and "Remove" and
switched code to the "Allow" and "Deny" instead.



=== Zope3/lib/python/Zope/App/Security/Grants/Global/PrincipalRoleManager.py 1.1 => 1.2 ===
 
 from Zope.App.Security.Grants.LocalSecurityMap import LocalSecurityMap
-from Zope.App.Security.Settings import Assign, Remove, Unset
+from Zope.App.Security.Settings import Allow, Deny, Unset
 from Zope.App.Security.IPrincipalRoleManager import IPrincipalRoleManager
 from Zope.App.Security.IPrincipalRoleMap import IPrincipalRoleMap
 
@@ -27,11 +27,11 @@
 
     def assignRoleToPrincipal( self, role_id, principal_id ):
         ''' See the interface IPrincipalRoleManager '''
-        self.addCell( role_id, principal_id, Assign )
+        self.addCell( role_id, principal_id, Allow )
 
     def removeRoleFromPrincipal( self, role_id, principal_id ):
         ''' See the interface IPrincipalRoleManager '''
-        self.addCell( role_id, principal_id, Remove )
+        self.addCell( role_id, principal_id, Deny )
 
     def unsetRoleForPrincipal( self, role_id, principal_id ):
         ''' See the interface IPrincipalRoleManager '''