[Zope-Checkins] CVS: Zope3/lib/python/Zope/App/Security - metaConfigure.py:1.1.2.26.8.1 protectClass.py:1.1.2.14.2.1 publicClass.py:1.1.2.10.2.1 security-meta.zcml:1.1.2.5.2.1 security.zcml:1.1.2.8.2.2

Jim Fulton jim@zope.com
Mon, 3 Jun 2002 13:15:57 -0400


Update of /cvs-repository/Zope3/lib/python/Zope/App/Security
In directory cvs.zope.org:/tmp/cvs-serv12372/lib/python/Zope/App/Security

Modified Files:
      Tag: Zope3InWonderland-branch
	metaConfigure.py protectClass.py publicClass.py 
	security-meta.zcml security.zcml 
Log Message:
- Attribute renaming.

  In directives that define things, renamed thing_id to id. For
  example:

    <permission permission_id='xxx' ...

  became:

    <permission id='xxx' ...

  In directives that used things defined in this way, removed the id
  suffix. For example:

     <view permission_id='xxx' ...

  became:

     <view permission='xxx' ...

- Changed the way that exceptions from configuration files are
  reported. Went back to normal Python tracebacks followed by
  "configuration tracebacks". The configuration tracebacks look
  somewhat similar to Python tracebacks, with file location
  information. The most specific configuration file location is at the
  end of the traceback, followed by the original error type and
  value. 

- Added a testxmlconfig function to the xmlconfig module to support
  unit testing. This function suppresses usual configuration error
  generation so that the original error is raised. This is needed so
  that unit tests can detect that proper low-level errors are raised. 

Note that everyone will need to edit their principals.zcml files to
reflect these changes!



=== Zope3/lib/python/Zope/App/Security/metaConfigure.py 1.1.2.26 => 1.1.2.26.8.1 ===
         ]
 
-def definePermission(_context, permission_id, title, description=''):
+def definePermission(_context, id, title, description=''):
     return [
         Action(
-            discriminator = ('definePermission', permission_id),
+            discriminator = ('definePermission', id),
             callable = perm_reg.definePermission,
-            args = (permission_id, title, description),
+            args = (id, title, description),
             )
         ]
 
-def defineRole(_context, role_id, title, description=''):
+def defineRole(_context, id, title, description=''):
     return [
         Action(
-            discriminator = ('defineRole', role_id),
+            discriminator = ('defineRole', id),
             callable = role_reg.defineRole,
-            args = (role_id, title, description),
+            args = (id, title, description),
             )
         ]
 
-def principal(_context, principal_id, title, login, password, description=''):
+def principal(_context, id, title, login, password, description=''):
     return [
         Action(
-            discriminator = ('principal', principal_id),
+            discriminator = ('principal', id),
             callable = principalRegistry.definePrincipal,
-            args = (principal_id, title, description, login, password),
+            args = (id, title, description, login, password),
             )
         ]
 
-def defaultPrincipal(_context, principal_id, title, description=''):
+def defaultPrincipal(_context, id, title, description=''):
     return [
         Action(
             discriminator = 'defaultPrincipal',
             callable = principalRegistry.defineDefaultPrincipal,
-            args = (principal_id, title, description),
+            args = (id, title, description),
             )
         ]
 
-def grantPermissionToRole(_context, permission_id, role_id):
+def grantPermissionToRole(_context, permission, role):
     return [
         Action(
-            discriminator = ('grantPermissionToRole', permission_id, role_id),
+            discriminator = ('grantPermissionToRole', permission, role),
             callable = role_perm_mgr.grantPermissionToRole,
-            args = (permission_id, role_id),
+            args = (permission, role),
             )
         ]
 
-def grantPermissionToPrincipal(_context, permission_id, principal_id):
+def grantPermissionToPrincipal(_context, permission, principal):
     return [
         Action(
             discriminator = ('grantPermissionToPrincipal', 
-                             permission_id,
-                             principal_id),
+                             permission,
+                             principal),
             callable = principal_perm_mgr.grantPermissionToPrincipal,
-            args = (permission_id, principal_id),
+            args = (permission, principal),
         )
     ]
 
-def assignRoleToPrincipal(_context, role_id, principal_id):
+def assignRoleToPrincipal(_context, role, principal):
     return [
         Action(
-            discriminator = ('assignRoleToPrincipal', role_id, principal_id),
+            discriminator = ('assignRoleToPrincipal', role, principal),
             callable = principal_role_mgr.assignRoleToPrincipal,
-            args = (role_id, principal_id),
+            args = (role, principal),
         )
     ]
 


=== Zope3/lib/python/Zope/App/Security/protectClass.py 1.1.2.14 => 1.1.2.14.2.1 ===
     __class_implements__ = INonEmptyDirective    
     
-    def __init__(self, _context, class_, permission_id=None, interface=None,
+    def __init__(self, _context, class_, permission=None, interface=None,
                  names=None, like_unto=None):
         self.__class = _context.resolve(class_)
         self.__name = class_
-        self.__permission_id = permission_id
+        self.__permission = permission
         self.__like_unto = like_unto
         self.__context = _context
-        self.__r = self.protect(_context, permission_id, interface, names,
+        self.__r = self.protect(_context, permission, interface, names,
                                 like_unto)
 
     # ._getPermission() is handy for subclassing with different permission
     # policy, eg publicClass.
-    def _getPermission(self, permission_id=None):
+    def _getPermission(self, permission=None):
         """Return the permission to use.
 
         Consider optional permission argument and permission specified on
         class init."""
-        if permission_id is None:
-            permission_id = self.__permission_id
-        if permission_id is None:
+        if permission is None:
+            permission = self.__permission
+        if permission is None:
             raise ProtectionDeclarationException("No permission specified")
         else:
-            return permission_id
+            return permission
 
-    def protect(self, _context, permission_id=None, interface=None,
+    def protect(self, _context, permission=None, interface=None,
                 names=None, like_unto=None):
         "Protect a specific aspect"
 
@@ -70,32 +70,32 @@
         if not (interface or names):
             return r
         
-        permission_id = self._getPermission(permission_id)
+        permission = self._getPermission(permission)
 
 
         if interface:
-            self.__protectByInterface(interface, permission_id, r)
+            self.__protectByInterface(interface, permission, r)
         if names:
-            self.__protectNames(names, permission_id, r)
+            self.__protectNames(names, permission, r)
 
         return r
 
-    def __protectName(self, name, permission_id, r):
+    def __protectName(self, name, permission, r):
         "Set a permission on a particular name."
         r.append((
             ('protectName', self.__class, name),
-            protectName, (self.__class, name, permission_id)))
+            protectName, (self.__class, name, permission)))
 
-    def __protectNames(self, names, permission_id, r):
+    def __protectNames(self, names, permission, r):
         "Set a permission on a bunch of names."
         for name in names.split(","):
-            self.__protectName(name.strip(), permission_id, r)
+            self.__protectName(name.strip(), permission, r)
 
-    def __protectByInterface(self, interface, permission_id, r):
+    def __protectByInterface(self, interface, permission, r):
         "Set a permission on names in an interface."
         interface = self.__context.resolve(interface)
         for n, d in interface.namesAndDescriptions(1):
-            self.__protectName(n, permission_id, r)
+            self.__protectName(n, permission, r)
 
     def __protectLikeUnto(self, like_unto, r):
         "Set a permission on names in an interface."
@@ -111,27 +111,27 @@
         "Handle empty/simple declaration."
         return self.__r
 
-def _checkPermission(permission_id):
+def _checkPermission(permission):
     """Check to make sure that the permission is valid.
     """
     
-    if not permissionRegistry.definedPermission(permission_id):
-        raise UndefinedPermissionError(permission_id)
+    if not permissionRegistry.definedPermission(permission):
+        raise UndefinedPermissionError(permission)
 
-def protectName(class_, name, permission_id):
+def protectName(class_, name, permission):
     "Set a permission on a particular name."
     checker = getCheckerForInstancesOf(class_)
     if checker is None:
         checker = Checker({}.get)
         defineChecker(class_, checker)
 
-    if permission_id == 'Zope.Public':
+    if permission == 'Zope.Public':
         # Translate public permission to CheckerPublic
-        permission_id = CheckerPublic
+        permission = CheckerPublic
 
     # OK, so it's a hack.
     protections = checker.getPermission_func().__self__    
-    protections[name] = permission_id
+    protections[name] = permission
 
 def protectLikeUnto(class_, like_unto):
     """Use the protections from like_unto for class_


=== Zope3/lib/python/Zope/App/Security/publicClass.py 1.1.2.10 => 1.1.2.10.2.1 ===
 class publicClass(protectClass):
 
-    def __init__(self, _context, class_, permission_id=None, interface=None,
+    def __init__(self, _context, class_, permission=None, interface=None,
                  names=None):
-        self._getPermission(permission_id) # Prohibit explicit permission!
+        self._getPermission(permission) # Prohibit explicit permission!
         protectClass.__init__(self, _context, class_,
-                              permission_id=PublicPermission,
+                              permission=PublicPermission,
                               interface=interface, names=names)
 
-    def _getPermission(self, permission_id=None):
-        if permission_id not in [None, PublicPermission]:
+    def _getPermission(self, permission=None):
+        if permission not in [None, PublicPermission]:
             raise PublicDeclarationException(
                 "It's invalid to specify a permission in public declarations.")
-        return permission_id
+        return permission
 
 
     def __call__(self):


=== Zope3/lib/python/Zope/App/Security/security-meta.zcml 1.1.2.5 => 1.1.2.5.2.1 ===
   <directives namespace="http://namespaces.zope.org/security">
     <directive name="permission"
-               attributes="permission_id, title, description"
+               attributes="id, title, description"
                handler="Zope.App.Security.metaConfigure.definePermission" />
     <directive name="role"
-               attributes="role_id, title, description"
+               attributes="id, title, description"
                handler="Zope.App.Security.metaConfigure.defineRole" />
     <directive name="protectClass"
-               attributes="class, permission_id, interface, names"
+               attributes="class, permission, interface, names"
                handler="Zope.App.Security.protectClass.">
       <subdirective name="protect"
-                    attributes="permission_id, interface, names" />
+                    attributes="permission, interface, names" />
       </directive>
     <directive name="publicClass" attributes="class, interface, names"
                handler="Zope.App.Security.publicClass." />
     <directive name="defaultPolicy" attributes="name"
        handler="Zope.App.Security.metaConfigure.defaultPolicy" />
-    <directive name="principal" attributes="principal_id, title, description"
+    <directive name="principal" attributes="id, title, description"
        handler="Zope.App.Security.metaConfigure.principal" />
     <directive name="defaultPrincipal" 
-               attributes="principal_id, title, description"
+               attributes="principal, title, description"
        handler="Zope.App.Security.metaConfigure.defaultPrincipal" />
-    <directive name="grantPermissionToRole" attributes="permission_id, role_id"
+    <directive name="grantPermissionToRole" attributes="permission, role"
        handler="Zope.App.Security.metaConfigure.grantPermissionToRole" />
     <directive
        name="grantPermissionToPrincipal"
-       attributes="permission_id, principal_id"
+       attributes="permission, principal"
        handler="Zope.App.Security.metaConfigure.grantPermissionToPrincipal" />
-    <directive name="assignRoleToPrincipal" attributes="role_id, principal_id"
+    <directive name="assignRoleToPrincipal" attributes="role, principal"
        handler="Zope.App.Security.metaConfigure.assignRoleToPrincipal" />
   </directives>
 


=== Zope3/lib/python/Zope/App/Security/security.zcml 1.1.2.8.2.1 => 1.1.2.8.2.2 ===
 <security:protectClass
    class="Zope.App.Security.RolePermissionView.PermissionRoles."
-   permission_id="Zope.Security"
+   permission="Zope.Security"
    names="roles, rolesInfo"
    interface="Zope.App.Security.IRegisteredObject." />
 
 <browser:view for="Zope.App.OFS.Annotation.IAnnotatable."
-              permission_id="Zope.Security"
+              permission="Zope.Security"
               factory="Zope.App.Security.RolePermissionView.">
 
     <browser:page name="AllRolePermissions.html" 
@@ -83,7 +83,7 @@
 <!-- Principal-Permission management view -->
   
 <security:protectClass class="Zope.App.Security.PrincipalPermissionView."
-   permission_id="Zope.Security"
+   permission="Zope.Security"
    names="index, get_principal, unsetPermissions, denyPermissions,
    grantPermissions, getUnsetPermissionsForPrincipal,
    getPermissionsForPrincipal" />
@@ -101,7 +101,7 @@
 <!-- protect Roles and Permissions -->
 <security:protectClass class="Zope.App.Security.RoleRegistry.Role"
                        interface="Zope.App.Security.IRegisteredObject."
-                       permission_id="Zope.Public"/>
+                       permission="Zope.Public"/>
 
 </zopeConfigure>