[Zope-Checkins] CVS: Zope/lib/python/AccessControl - PermissionRole.py:1.19 ZopeSecurityPolicy.py:1.24 cAccessControl.c:1.22

Chris McDonough cvs-admin at zope.org
Thu Oct 23 21:22:20 EDT 2003


Update of /cvs-repository/Zope/lib/python/AccessControl
In directory cvs.zope.org:/tmp/cvs-serv23509

Modified Files:
	PermissionRole.py ZopeSecurityPolicy.py cAccessControl.c 
Log Message:
Update AccessControl package to deal with various forms of Unicode and add some tests to make sure.  This fixes Collector #1034.


=== Zope/lib/python/AccessControl/PermissionRole.py 1.18 => 1.19 ===
--- Zope/lib/python/AccessControl/PermissionRole.py:1.18	Tue Jun 10 11:39:04 2003
+++ Zope/lib/python/AccessControl/PermissionRole.py	Thu Oct 23 21:21:48 2003
@@ -85,7 +85,8 @@
         """Implement permission-based roles
         """
 
-        def __of__(self, parent,tt=type(()),st=type(''),getattr=getattr):
+        def __of__(self, parent,tt=type(()),st=type(''),ut=type(u''),
+                   getattr=getattr):
             obj=parent
             n=self._p
             r=None
@@ -102,7 +103,7 @@
                         if r is None: return roles
                         return r+list(roles)
 
-                    if t is st:
+                    if t in (st, ut):
                         # We found roles set to a name.  Start over
                         # with the new permission name.  If the permission
                         # name is '', then treat as private!


=== Zope/lib/python/AccessControl/ZopeSecurityPolicy.py 1.23 => 1.24 ===
--- Zope/lib/python/AccessControl/ZopeSecurityPolicy.py:1.23	Tue Jun 10 11:39:04 2003
+++ Zope/lib/python/AccessControl/ZopeSecurityPolicy.py	Thu Oct 23 21:21:48 2003
@@ -33,7 +33,7 @@
 
 if _use_python_impl:
 
-    from types import StringType
+    from types import StringType, UnicodeType
 
     import SimpleObjectPolicies
     from AccessControl import Unauthorized
@@ -193,6 +193,6 @@
         def checkPermission(self, permission, object, context):
             # XXX proxy roles and executable owner are not checked
             roles=rolesForPermissionOn(permission, object)
-            if type(roles) is StringType:
+            if type(roles) in (StringType, UnicodeType):
                 roles=[roles]
             return context.user.allowed(object, roles)


=== Zope/lib/python/AccessControl/cAccessControl.c 1.21 => 1.22 ===
--- Zope/lib/python/AccessControl/cAccessControl.c:1.21	Thu Sep 11 12:00:42 2003
+++ Zope/lib/python/AccessControl/cAccessControl.c	Thu Oct 23 21:21:48 2003
@@ -758,13 +758,14 @@
           return NULL;
 
 	/*| # Provide special rules for acquisition attributes
-	**| if type(name) is StringType:
+	**| if type(name) in (StringType, UnicodeType):
 	**|     if name[:3] == 'aq_' and name not in valid_aq_:
 	**|	   raise Unauthorized(name, value)
 	*/ 
 
-	if (PyString_Check(name)) {		/* XXX what about unicode? */
-		sname = PyString_AS_STRING(name);
+	if ( PyString_Check(name) || PyUnicode_Check(name) ) {
+	    sname = PyString_AsString(name); 
+	    if (sname != NULL) {
 		if (*sname == 'a' && sname[1]=='q' && sname[2]=='_') {
 			if (strcmp(sname,"aq_parent")   != 0 &&
                             strcmp(sname,"aq_inner") != 0 &&
@@ -772,8 +773,9 @@
 				/* Access control violation */
 				unauthErr(name, value);
 				return NULL;  /* roles is not owned yet */
-			}
-		}
+		            }
+	        }
+	    }
 	}
 
 	Py_XINCREF(roles);	/* Convert the borrowed ref to a real one */
@@ -1145,11 +1147,11 @@
 	if (roles == NULL)
           return NULL;
 
-	/*| if type(roles) is StringType:
+	/*| if type(roles) in (StringType, UnicodeType):
 	**|	roles = [roles]
 	*/
 
-	if (PyString_Check(roles)) {
+	if ( PyString_Check(roles) || PyUnicode_Check(roles) ) {
           PyObject *r;
 
           r = PyList_New(1);
@@ -1294,21 +1296,22 @@
 static PyObject *
 SecurityManager_getattro(SecurityManager *self, PyObject *name)
 {
-  if (PyString_Check(name) && PyString_AS_STRING(name)[0]=='_')
+  if ( (PyString_Check(name) || PyUnicode_Check(name) ) && 
+       PyString_AsString(name)[0]=='_' )
     {
-      if (strcmp(PyString_AS_STRING(name), "_thread_id")==0 
+      if (strcmp(PyString_AsString(name), "_thread_id")==0 
           && self->thread_id)
         {
           Py_INCREF(self->thread_id);
           return self->thread_id;
         }
-      else if (strcmp(PyString_AS_STRING(name), "_context")==0 
+      else if (strcmp(PyString_AsString(name), "_context")==0 
                && self->context)
         {
           Py_INCREF(self->context);
           return self->context;
         }
-      else if (strcmp(PyString_AS_STRING(name), "_policy")==0 
+      else if (strcmp(PyString_AsString(name), "_policy")==0 
                && self->policy)
         {
           Py_INCREF(self->policy);
@@ -1322,21 +1325,22 @@
 static int 
 SecurityManager_setattro(SecurityManager *self, PyObject *name, PyObject *v)
 {
-  if (v && PyString_Check(name) && PyString_AS_STRING(name)[0]=='_')
+  if ( (PyString_Check(name) || PyUnicode_Check(name) ) && 
+       PyString_AsString(name)[0]=='_' )
     {
-      if (strcmp(PyString_AS_STRING(name), "_thread_id")==0)
+      if (strcmp(PyString_AsString(name), "_thread_id")==0)
         {
           Py_INCREF(v);
           ASSIGN(self->thread_id, v);
           return 0;
         }
-      else if (strcmp(PyString_AS_STRING(name), "_context")==0)
+      else if (strcmp(PyString_AsString(name), "_context")==0)
         {
           Py_INCREF(v);
           ASSIGN(self->context, v);
           return 0;
         }
-      else if (strcmp(PyString_AS_STRING(name), "_policy")==0)
+      else if (strcmp(PyString_AsString(name), "_policy")==0)
         {
           Py_INCREF(v);
           ASSIGN(self->policy, v);
@@ -1485,7 +1489,7 @@
 
 static PyObject *PermissionRole_getattro(PermissionRole *self, PyObject *name) {
   	PyObject  *result= NULL;
-  	char      *name_s= PyString_AsString(name);
+        char      *name_s = PyString_AsString(name);
 
 	/* see whether we know the attribute */
 	/* we support both the old "_d" (from the Python implementation)
@@ -1595,13 +1599,13 @@
 			}
 		
 		/*|
-		**|       if t is StringType:
+		**|       if t in (StringType, UnicodeType):
 		**|          # We found roles set to a name.  Start over
 		**|	     # with the new permission name.  If the permission
 		**|	     # name is '', then treat as private!
 		*/
 
-			if (PyString_Check(roles)) {
+			if (PyString_Check(roles) || PyUnicode_Check(roles)) {
 
 		/*|
 		**|          if roles:
@@ -1911,7 +1915,8 @@
   int i;
 
   /* if name[:1] != '_': */
-  if (PyString_Check(name) && PyString_AS_STRING(name)[0] != '_')
+  if ( (PyString_Check(name) || PyUnicode_Check(name)) && 
+       PyString_AsString(name)[0] != '_')
     {
 
       /*




More information about the Zope-Checkins mailing list