[Zope-Checkins] CVS: Zope3/lib/python/Zope/App/Security - metaConfigure.py:1.1.2.26.8.1 protectClass.py:1.1.2.14.2.1 publicClass.py:1.1.2.10.2.1 security-meta.zcml:1.1.2.5.2.1 security.zcml:1.1.2.8.2.2
Jim Fulton
jim@zope.com
Mon, 3 Jun 2002 13:15:57 -0400
Update of /cvs-repository/Zope3/lib/python/Zope/App/Security
In directory cvs.zope.org:/tmp/cvs-serv12372/lib/python/Zope/App/Security
Modified Files:
Tag: Zope3InWonderland-branch
metaConfigure.py protectClass.py publicClass.py
security-meta.zcml security.zcml
Log Message:
- Attribute renaming.
In directives that define things, renamed thing_id to id. For
example:
<permission permission_id='xxx' ...
became:
<permission id='xxx' ...
In directives that used things defined in this way, removed the id
suffix. For example:
<view permission_id='xxx' ...
became:
<view permission='xxx' ...
- Changed the way that exceptions from configuration files are
reported. Went back to normal Python tracebacks followed by
"configuration tracebacks". The configuration tracebacks look
somewhat similar to Python tracebacks, with file location
information. The most specific configuration file location is at the
end of the traceback, followed by the original error type and
value.
- Added a testxmlconfig function to the xmlconfig module to support
unit testing. This function suppresses usual configuration error
generation so that the original error is raised. This is needed so
that unit tests can detect that proper low-level errors are raised.
Note that everyone will need to edit their principals.zcml files to
reflect these changes!
=== Zope3/lib/python/Zope/App/Security/metaConfigure.py 1.1.2.26 => 1.1.2.26.8.1 ===
]
-def definePermission(_context, permission_id, title, description=''):
+def definePermission(_context, id, title, description=''):
return [
Action(
- discriminator = ('definePermission', permission_id),
+ discriminator = ('definePermission', id),
callable = perm_reg.definePermission,
- args = (permission_id, title, description),
+ args = (id, title, description),
)
]
-def defineRole(_context, role_id, title, description=''):
+def defineRole(_context, id, title, description=''):
return [
Action(
- discriminator = ('defineRole', role_id),
+ discriminator = ('defineRole', id),
callable = role_reg.defineRole,
- args = (role_id, title, description),
+ args = (id, title, description),
)
]
-def principal(_context, principal_id, title, login, password, description=''):
+def principal(_context, id, title, login, password, description=''):
return [
Action(
- discriminator = ('principal', principal_id),
+ discriminator = ('principal', id),
callable = principalRegistry.definePrincipal,
- args = (principal_id, title, description, login, password),
+ args = (id, title, description, login, password),
)
]
-def defaultPrincipal(_context, principal_id, title, description=''):
+def defaultPrincipal(_context, id, title, description=''):
return [
Action(
discriminator = 'defaultPrincipal',
callable = principalRegistry.defineDefaultPrincipal,
- args = (principal_id, title, description),
+ args = (id, title, description),
)
]
-def grantPermissionToRole(_context, permission_id, role_id):
+def grantPermissionToRole(_context, permission, role):
return [
Action(
- discriminator = ('grantPermissionToRole', permission_id, role_id),
+ discriminator = ('grantPermissionToRole', permission, role),
callable = role_perm_mgr.grantPermissionToRole,
- args = (permission_id, role_id),
+ args = (permission, role),
)
]
-def grantPermissionToPrincipal(_context, permission_id, principal_id):
+def grantPermissionToPrincipal(_context, permission, principal):
return [
Action(
discriminator = ('grantPermissionToPrincipal',
- permission_id,
- principal_id),
+ permission,
+ principal),
callable = principal_perm_mgr.grantPermissionToPrincipal,
- args = (permission_id, principal_id),
+ args = (permission, principal),
)
]
-def assignRoleToPrincipal(_context, role_id, principal_id):
+def assignRoleToPrincipal(_context, role, principal):
return [
Action(
- discriminator = ('assignRoleToPrincipal', role_id, principal_id),
+ discriminator = ('assignRoleToPrincipal', role, principal),
callable = principal_role_mgr.assignRoleToPrincipal,
- args = (role_id, principal_id),
+ args = (role, principal),
)
]
=== Zope3/lib/python/Zope/App/Security/protectClass.py 1.1.2.14 => 1.1.2.14.2.1 ===
__class_implements__ = INonEmptyDirective
- def __init__(self, _context, class_, permission_id=None, interface=None,
+ def __init__(self, _context, class_, permission=None, interface=None,
names=None, like_unto=None):
self.__class = _context.resolve(class_)
self.__name = class_
- self.__permission_id = permission_id
+ self.__permission = permission
self.__like_unto = like_unto
self.__context = _context
- self.__r = self.protect(_context, permission_id, interface, names,
+ self.__r = self.protect(_context, permission, interface, names,
like_unto)
# ._getPermission() is handy for subclassing with different permission
# policy, eg publicClass.
- def _getPermission(self, permission_id=None):
+ def _getPermission(self, permission=None):
"""Return the permission to use.
Consider optional permission argument and permission specified on
class init."""
- if permission_id is None:
- permission_id = self.__permission_id
- if permission_id is None:
+ if permission is None:
+ permission = self.__permission
+ if permission is None:
raise ProtectionDeclarationException("No permission specified")
else:
- return permission_id
+ return permission
- def protect(self, _context, permission_id=None, interface=None,
+ def protect(self, _context, permission=None, interface=None,
names=None, like_unto=None):
"Protect a specific aspect"
@@ -70,32 +70,32 @@
if not (interface or names):
return r
- permission_id = self._getPermission(permission_id)
+ permission = self._getPermission(permission)
if interface:
- self.__protectByInterface(interface, permission_id, r)
+ self.__protectByInterface(interface, permission, r)
if names:
- self.__protectNames(names, permission_id, r)
+ self.__protectNames(names, permission, r)
return r
- def __protectName(self, name, permission_id, r):
+ def __protectName(self, name, permission, r):
"Set a permission on a particular name."
r.append((
('protectName', self.__class, name),
- protectName, (self.__class, name, permission_id)))
+ protectName, (self.__class, name, permission)))
- def __protectNames(self, names, permission_id, r):
+ def __protectNames(self, names, permission, r):
"Set a permission on a bunch of names."
for name in names.split(","):
- self.__protectName(name.strip(), permission_id, r)
+ self.__protectName(name.strip(), permission, r)
- def __protectByInterface(self, interface, permission_id, r):
+ def __protectByInterface(self, interface, permission, r):
"Set a permission on names in an interface."
interface = self.__context.resolve(interface)
for n, d in interface.namesAndDescriptions(1):
- self.__protectName(n, permission_id, r)
+ self.__protectName(n, permission, r)
def __protectLikeUnto(self, like_unto, r):
"Set a permission on names in an interface."
@@ -111,27 +111,27 @@
"Handle empty/simple declaration."
return self.__r
-def _checkPermission(permission_id):
+def _checkPermission(permission):
"""Check to make sure that the permission is valid.
"""
- if not permissionRegistry.definedPermission(permission_id):
- raise UndefinedPermissionError(permission_id)
+ if not permissionRegistry.definedPermission(permission):
+ raise UndefinedPermissionError(permission)
-def protectName(class_, name, permission_id):
+def protectName(class_, name, permission):
"Set a permission on a particular name."
checker = getCheckerForInstancesOf(class_)
if checker is None:
checker = Checker({}.get)
defineChecker(class_, checker)
- if permission_id == 'Zope.Public':
+ if permission == 'Zope.Public':
# Translate public permission to CheckerPublic
- permission_id = CheckerPublic
+ permission = CheckerPublic
# OK, so it's a hack.
protections = checker.getPermission_func().__self__
- protections[name] = permission_id
+ protections[name] = permission
def protectLikeUnto(class_, like_unto):
"""Use the protections from like_unto for class_
=== Zope3/lib/python/Zope/App/Security/publicClass.py 1.1.2.10 => 1.1.2.10.2.1 ===
class publicClass(protectClass):
- def __init__(self, _context, class_, permission_id=None, interface=None,
+ def __init__(self, _context, class_, permission=None, interface=None,
names=None):
- self._getPermission(permission_id) # Prohibit explicit permission!
+ self._getPermission(permission) # Prohibit explicit permission!
protectClass.__init__(self, _context, class_,
- permission_id=PublicPermission,
+ permission=PublicPermission,
interface=interface, names=names)
- def _getPermission(self, permission_id=None):
- if permission_id not in [None, PublicPermission]:
+ def _getPermission(self, permission=None):
+ if permission not in [None, PublicPermission]:
raise PublicDeclarationException(
"It's invalid to specify a permission in public declarations.")
- return permission_id
+ return permission
def __call__(self):
=== Zope3/lib/python/Zope/App/Security/security-meta.zcml 1.1.2.5 => 1.1.2.5.2.1 ===
<directives namespace="http://namespaces.zope.org/security">
<directive name="permission"
- attributes="permission_id, title, description"
+ attributes="id, title, description"
handler="Zope.App.Security.metaConfigure.definePermission" />
<directive name="role"
- attributes="role_id, title, description"
+ attributes="id, title, description"
handler="Zope.App.Security.metaConfigure.defineRole" />
<directive name="protectClass"
- attributes="class, permission_id, interface, names"
+ attributes="class, permission, interface, names"
handler="Zope.App.Security.protectClass.">
<subdirective name="protect"
- attributes="permission_id, interface, names" />
+ attributes="permission, interface, names" />
</directive>
<directive name="publicClass" attributes="class, interface, names"
handler="Zope.App.Security.publicClass." />
<directive name="defaultPolicy" attributes="name"
handler="Zope.App.Security.metaConfigure.defaultPolicy" />
- <directive name="principal" attributes="principal_id, title, description"
+ <directive name="principal" attributes="id, title, description"
handler="Zope.App.Security.metaConfigure.principal" />
<directive name="defaultPrincipal"
- attributes="principal_id, title, description"
+ attributes="principal, title, description"
handler="Zope.App.Security.metaConfigure.defaultPrincipal" />
- <directive name="grantPermissionToRole" attributes="permission_id, role_id"
+ <directive name="grantPermissionToRole" attributes="permission, role"
handler="Zope.App.Security.metaConfigure.grantPermissionToRole" />
<directive
name="grantPermissionToPrincipal"
- attributes="permission_id, principal_id"
+ attributes="permission, principal"
handler="Zope.App.Security.metaConfigure.grantPermissionToPrincipal" />
- <directive name="assignRoleToPrincipal" attributes="role_id, principal_id"
+ <directive name="assignRoleToPrincipal" attributes="role, principal"
handler="Zope.App.Security.metaConfigure.assignRoleToPrincipal" />
</directives>
=== Zope3/lib/python/Zope/App/Security/security.zcml 1.1.2.8.2.1 => 1.1.2.8.2.2 ===
<security:protectClass
class="Zope.App.Security.RolePermissionView.PermissionRoles."
- permission_id="Zope.Security"
+ permission="Zope.Security"
names="roles, rolesInfo"
interface="Zope.App.Security.IRegisteredObject." />
<browser:view for="Zope.App.OFS.Annotation.IAnnotatable."
- permission_id="Zope.Security"
+ permission="Zope.Security"
factory="Zope.App.Security.RolePermissionView.">
<browser:page name="AllRolePermissions.html"
@@ -83,7 +83,7 @@
<!-- Principal-Permission management view -->
<security:protectClass class="Zope.App.Security.PrincipalPermissionView."
- permission_id="Zope.Security"
+ permission="Zope.Security"
names="index, get_principal, unsetPermissions, denyPermissions,
grantPermissions, getUnsetPermissionsForPrincipal,
getPermissionsForPrincipal" />
@@ -101,7 +101,7 @@
<!-- protect Roles and Permissions -->
<security:protectClass class="Zope.App.Security.RoleRegistry.Role"
interface="Zope.App.Security.IRegisteredObject."
- permission_id="Zope.Public"/>
+ permission="Zope.Public"/>
</zopeConfigure>