[Zope-Checkins] CVS: Zope/lib/python/OFS -
ObjectManager.py:1.163.26.2 SimpleItem.py:1.106.26.1
Traversable.py:1.21.4.1
Jim Fulton
cvs-admin at zope.org
Sat Nov 22 12:16:27 EST 2003
Update of /cvs-repository/Zope/lib/python/OFS
In directory cvs.zope.org:/tmp/cvs-serv17116/lib/python/OFS
Modified Files:
Tag: zodb33-devel-branch
ObjectManager.py SimpleItem.py Traversable.py
Log Message:
Implemented a new mechanism for computing roles, based on a suggestion
by Dieter Maurer.
=== Zope/lib/python/OFS/ObjectManager.py 1.163.26.1 => 1.163.26.2 ===
--- Zope/lib/python/OFS/ObjectManager.py:1.163.26.1 Sat Nov 15 07:11:26 2003
+++ Zope/lib/python/OFS/ObjectManager.py Sat Nov 22 12:15:56 2003
@@ -34,6 +34,7 @@
import App.Common
from App.config import getConfiguration
from AccessControl import getSecurityManager
+from AccessControl.ZopeSecurityPolicy import getRoles
from zLOG import LOG, ERROR
import sys,fnmatch,copy
from cgi import escape
@@ -629,12 +630,15 @@
if not (len(REQUEST.PARENTS) > 1 and
self.objectValues() == REQUEST.PARENTS[1].objectValues()):
try:
- if getSecurityManager().validateValue(self.manage_FTPlist):
+ if getSecurityManager().validate(
+ None, self, 'manage_FTPlist', self.manage_FTPlist
+ ):
mode=mode | 0770
except: pass
if nobody.allowed(
- self.manage_FTPlist,
- self.manage_FTPlist.__roles__):
+ self.manage_FTPlist,
+ getRoles(self, 'manage_FTPlist', self.manage_FTPlist, ()),
+ self.manage_FTPlist.__roles__):
mode=mode | 0007
mtime=self.bobobase_modification_time().timeTime()
# get owner and group
=== Zope/lib/python/OFS/SimpleItem.py 1.106 => 1.106.26.1 ===
--- Zope/lib/python/OFS/SimpleItem.py:1.106 Tue Feb 4 11:38:10 2003
+++ Zope/lib/python/OFS/SimpleItem.py Sat Nov 22 12:15:56 2003
@@ -34,6 +34,7 @@
from zExceptions.ExceptionFormatter import format_exception
import time
from zLOG import LOG, BLATHER
+from AccessControl.ZopeSecurityPolicy import getRoles
import marshal
import ZDOM
@@ -237,25 +238,32 @@
from AccessControl.User import nobody
mode=0100000
- # check read permissions
- if (hasattr(aq_base(self),'manage_FTPget') and
- hasattr(self.manage_FTPget, '__roles__')):
+ if (hasattr(aq_base(self),'manage_FTPget')):
try:
- if getSecurityManager().validateValue(self.manage_FTPget):
+ if getSecurityManager().validate(
+ None, self, 'manage_FTPget', self.manage_FTPget):
mode=mode | 0440
- except: pass
- if nobody.allowed(self.manage_FTPget,
- self.manage_FTPget.__roles__):
+ except Unauthorized:
+ pass
+
+ if nobody.allowed(
+ self.manage_FTPget,
+ getRoles(self, 'manage_FTPget', self.manage_FTPget, ()),
+ ):
mode=mode | 0004
# check write permissions
- if hasattr(aq_base(self),'PUT') and hasattr(self.PUT, '__roles__'):
+ if hasattr(aq_base(self),'PUT'):
try:
- if getSecurityManager().validateValue(self.PUT):
+ if getSecurityManager().validate(None, self, 'PUT', self.PUT):
mode=mode | 0220
- except: pass
+ except Unauthorized:
+ pass
- if nobody.allowed(self.PUT, self.PUT.__roles__):
+ if nobody.allowed(
+ self.PUT,
+ getRoles(self, 'PUT', self.PUT, ()),
+ ):
mode=mode | 0002
# get size
=== Zope/lib/python/OFS/Traversable.py 1.21 => 1.21.4.1 ===
--- Zope/lib/python/OFS/Traversable.py:1.21 Mon Sep 29 08:34:38 2003
+++ Zope/lib/python/OFS/Traversable.py Sat Nov 22 12:15:56 2003
@@ -91,7 +91,8 @@
# If the path starts with an empty string, go to the root first.
pop()
self=self.getPhysicalRoot()
- if (restricted and not securityManager.validateValue(self)):
+ if (restricted and not securityManager.validate(
+ None, None, None, self)):
raise Unauthorized, name
try:
More information about the Zope-Checkins
mailing list