[Zope-Checkins] CVS: ZODB3/ZEO - StorageServer.py:1.92.10.3 ClientStorage.py:1.93.2.3
Jeremy Hylton
jeremy@zope.com
Fri, 23 May 2003 17:13:22 -0400
Update of /cvs-repository/ZODB3/ZEO
In directory cvs.zope.org:/tmp/cvs-serv10540/ZEO
Modified Files:
Tag: ZODB3-auth-branch
StorageServer.py ClientStorage.py
Log Message:
A little refactoring, still needs work.
Simplify getExtensionMethods() so that it doesn't need __getattr__().
Create ZEO.auth.base module that defines Client and Database. The
Client base class simplifies use of methods defined by the
protocol-specific storage class.
=== ZODB3/ZEO/StorageServer.py 1.92.10.2 => 1.92.10.3 ===
--- ZODB3/ZEO/StorageServer.py:1.92.10.2 Mon May 19 13:46:06 2003
+++ ZODB3/ZEO/StorageServer.py Fri May 23 17:13:21 2003
@@ -63,9 +63,12 @@
"""Proxy to underlying storage for a single remote client."""
# Classes we instantiate. A subclass might override.
-
ClientStorageStubClass = ClientStub.ClientStorage
+ # A list of extension methods. A subclass with extra methods
+ # should override.
+ extensions = []
+
def __init__(self, server, read_only=0, do_auth=0):
self.server = server
# timeout and stats will be initialized in register()
@@ -82,6 +85,10 @@
self.log_label = _label
self.authenticated = 0
self.do_auth = do_auth
+ # The authentication protocol may define extra methods.
+ self._extensions = {}
+ for func in self.extensions:
+ self._extensions[func.func_name] = None
def finish_auth(self, authenticated):
if not self.do_auth:
@@ -144,9 +151,11 @@
# can be removed
pass
else:
- for name in fn().keys():
- if not hasattr(self,name):
- setattr(self, name, getattr(self.storage, name))
+ d = fn()
+ self._extensions.update(d)
+ for name in d.keys():
+ assert not hasattr(self, name)
+ setattr(self, name, getattr(self.storage, name))
self.lastTransaction = self.storage.lastTransaction
def _check_tid(self, tid, exc=None):
@@ -169,6 +178,15 @@
return 0
return 1
+ def getAuthProtocol(self):
+ """Return string specifying name of authentication module to use.
+
+ The module name should be auth_%s where %s is auth_protocol."""
+ protocol = self.server.auth_protocol
+ if not protocol or protocol == 'none':
+ return None
+ return protocol
+
def register(self, storage_id, read_only):
"""Select the storage that this client will use
@@ -214,12 +232,7 @@
}
def getExtensionMethods(self):
- try:
- e = self.storage.getExtensionMethods
- except AttributeError:
- return {}
- else:
- return e()
+ return self._extensions
def zeoLoad(self, oid):
self.stats.loads += 1
@@ -427,15 +440,6 @@
else:
return self._wait(lambda: self._vote())
- def getAuthProtocol(self):
- """Return string specifying name of authentication module to use.
-
- The module name should be auth_%s where %s is auth_protocol."""
- protocol = self.server.auth_protocol
- if not protocol or protocol == 'none':
- return None
- return protocol
-
def abortVersion(self, src, id):
self._check_tid(id, exc=StorageTransactionError)
if self.locked:
=== ZODB3/ZEO/ClientStorage.py 1.93.2.2 => 1.93.2.3 ===
--- ZODB3/ZEO/ClientStorage.py:1.93.2.2 Mon May 19 13:46:06 2003
+++ ZODB3/ZEO/ClientStorage.py Fri May 23 17:13:21 2003
@@ -366,15 +366,6 @@
if self._username == '' and self._password == '':
raise AuthError, "empty username or password"
- # import the auth module
- # XXX: Should we validate the client module that is being specified
- # by the server? A malicious server could cause any auth_*.py file
- # to be loaded according to Python import semantics.
-
- # XXX There should probably be a registry of valid authentication
- # mechanisms for the client, and we should only import those
- # modules.
-
module = get_module(protocol)
if not module:
log2(PROBLEM, "%s: no such an auth protocol: %s" %