[Zope-Checkins] SVN: Zope/branches/jim-mproxy/ Added "Mild"
proxies. These are variations on Zope 3 security proxies
Jim Fulton
jim at zope.com
Thu Oct 6 16:32:26 EDT 2005
Log message for revision 38828:
Added "Mild" proxies. These are variations on Zope 3 security proxies
that, we hope, will backward compatible.
Changed:
A Zope/branches/jim-mproxy/lib/python/Zope2/security/
A Zope/branches/jim-mproxy/lib/python/Zope2/security/_Zope2_security_mproxy.c
A Zope/branches/jim-mproxy/lib/python/Zope2/security/__init__.py
A Zope/branches/jim-mproxy/lib/python/Zope2/security/mproxy.py
A Zope/branches/jim-mproxy/lib/python/Zope2/security/mproxy.txt
A Zope/branches/jim-mproxy/lib/python/Zope2/security/tests.py
U Zope/branches/jim-mproxy/setup.py
-=-
Added: Zope/branches/jim-mproxy/lib/python/Zope2/security/_Zope2_security_mproxy.c
===================================================================
--- Zope/branches/jim-mproxy/lib/python/Zope2/security/_Zope2_security_mproxy.c 2005-10-06 20:23:16 UTC (rev 38827)
+++ Zope/branches/jim-mproxy/lib/python/Zope2/security/_Zope2_security_mproxy.c 2005-10-06 20:32:26 UTC (rev 38828)
@@ -0,0 +1,261 @@
+/*****************************************************************************
+*
+* Copyright (c) 2003, 2004 Zope Corporation and Contributors.
+* All Rights Reserved.
+*
+* This software is subject to the provisions of the Zope Public License,
+* Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
+* THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+* WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+* WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+* FOR A PARTICULAR PURPOSE.
+*
+******************************************************************************
+Security Proxy Implementation
+
+$Id: _proxy.c 26705 2004-07-23 16:22:56Z jim $
+*/
+
+#include <Python.h>
+
+static PyTypeObject *_Proxy = NULL;
+
+#define DECLARE_STRING(N) static PyObject *str_##N
+
+typedef struct {
+ PyObject_HEAD
+ PyObject *proxy_object;
+ PyObject *proxy_checker;
+} MProxy;
+
+static PyObject *
+mproxy_new(PyTypeObject *type, PyObject *args, PyObject *kwds)
+{
+ static char *kwlist[] = {"object", "checker", 0};
+ MProxy *self;
+ PyObject *object;
+ PyObject *checker;
+
+ if (!PyArg_ParseTupleAndKeywords(args, kwds,
+ "OO:_Proxy.__new__", kwlist,
+ &object, &checker))
+ return NULL;
+
+ if (checker == Py_None)
+ {
+ PyErr_SetString(PyExc_ValueError, "None passed as proxy checker");
+ return NULL;
+ }
+
+ self = (MProxy *)type->tp_alloc(type, 0);
+ if (self == NULL)
+ return NULL;
+ Py_INCREF(object);
+ Py_INCREF(checker);
+ self->proxy_object = object;
+ self->proxy_checker = checker;
+ return (PyObject *)self;
+}
+
+static PyObject *
+clean_args(MProxy *self, PyObject *args, int l)
+{
+ PyObject *result;
+ int i;
+
+ result = PyTuple_New(l);
+ if (result == NULL)
+ return NULL;
+
+ for (i=0; i < l; i++)
+ {
+ PyObject *o;
+
+ o = PyTuple_GET_ITEM(args, i);
+ if (o != NULL)
+ {
+ if (o->ob_type == self->ob_type)
+ o = ((MProxy *)o)->proxy_object;
+ Py_INCREF(o);
+ }
+ PyTuple_SET_ITEM(result, i, o);
+ }
+
+ return result;
+}
+
+static PyObject *
+clean_kwds(MProxy *self, PyObject *kwds)
+{
+ PyObject *result;
+ PyObject *k, *o;
+ int pos = 0;
+
+ result = PyDict_New();
+ if (result == NULL)
+ return NULL;
+
+ while (PyDict_Next(kwds, &pos, &k, &o))
+ {
+ if (o->ob_type == self->ob_type)
+ o = ((MProxy *)o)->proxy_object;
+ if (PyDict_SetItem(result, k, o) < 0)
+ {
+ Py_DECREF(result);
+ return NULL;
+ }
+ }
+
+ return result;
+}
+
+static PyObject *
+mproxy_call(MProxy *self, PyObject *args, PyObject *kwds)
+{
+ PyObject *result = NULL;
+
+ if (args != NULL)
+ {
+ int i, l;
+
+ l = PyTuple_Size(args);
+ if (l < 0)
+ return NULL;
+
+ Py_INCREF(args);
+ for (i=0; i < l; i++)
+ {
+ PyObject *o;
+
+ o = PyTuple_GET_ITEM(args, i);
+ if (o != NULL && o->ob_type == self->ob_type)
+ {
+ Py_DECREF(args);
+ args = clean_args(self, args, l);
+ break;
+ }
+ }
+ }
+
+ if (kwds != NULL)
+ {
+ PyObject *k, *o;
+ int pos = 0;
+
+ Py_INCREF(kwds);
+ while (PyDict_Next(kwds, &pos, &k, &o))
+ {
+ if (o->ob_type == self->ob_type)
+ {
+ Py_DECREF(kwds);
+ kwds = clean_kwds(self, kwds);
+ break;
+ }
+ }
+ }
+
+ result = _Proxy->tp_call((PyObject*)self, args, kwds);
+ Py_XDECREF(args);
+ Py_XDECREF(kwds);
+
+ return result;
+}
+
+static char proxy_doc[] =
+"Mild security proxies.\n"
+"\n"
+"See mproxy.txt.\n"
+;
+
+statichere PyTypeObject
+MProxyType = {
+ PyObject_HEAD_INIT(NULL)
+ 0,
+ "Zope2.security.mproxy.MProxy",
+ sizeof(MProxy),
+ 0,
+ 0,
+ 0, /* tp_print */
+ 0, /* tp_getattr */
+ 0, /* tp_setattr */
+ 0, /* tp_compare */
+ 0, /* tp_repr */
+ 0, /* tp_as_number */
+ 0, /* tp_as_sequence */
+ 0, /* tp_as_mapping */
+ 0, /* tp_hash */
+ (ternaryfunc)mproxy_call, /* tp_call */
+ 0, /* tp_str */
+ 0, /* tp_getattro */
+ 0, /* tp_setattro */
+ 0, /* tp_as_buffer */
+ Py_TPFLAGS_DEFAULT | Py_TPFLAGS_BASETYPE | Py_TPFLAGS_CHECKTYPES |
+ Py_TPFLAGS_HAVE_GC, /* tp_flags */
+ proxy_doc, /* tp_doc */
+ 0, /* tp_traverse */
+ 0, /* tp_clear */
+ 0, /* tp_richcompare */
+ 0, /* tp_weaklistoffset */
+ 0, /* tp_iter */
+ 0, /* tp_iternext */
+ 0, /* tp_methods */
+ 0, /* tp_members */
+ 0, /* tp_getset */
+ 0, /* tp_base */
+ 0, /* tp_dict */
+ 0, /* tp_descr_get */
+ 0, /* tp_descr_set */
+ 0, /* tp_dictoffset */
+ 0, /* tp_init */
+ 0, /*PyType_GenericAlloc,*/ /* tp_alloc */
+ mproxy_new, /* tp_new */
+ 0, /*_PyObject_GC_Del,*/ /* tp_free */
+};
+
+static PyObject *
+module_debug(void)
+{
+ Py_INCREF(Py_None);
+ return Py_None;
+}
+
+static PyMethodDef
+module_functions[] = {
+ {"debug", (PyCFunction)module_debug, METH_NOARGS, ""},
+ {NULL}
+};
+
+static char
+module___doc__[] = "Security proxy implementation.";
+
+void
+init_Zope2_security_mproxy(void)
+{
+ PyObject *m;
+
+ m = PyImport_ImportModule("zope.security.proxy");
+ if (m == NULL)
+ return;
+
+ _Proxy = (PyTypeObject *)PyObject_GetAttrString(m, "Proxy");
+ if (_Proxy == NULL)
+ return;
+
+
+ MProxyType.ob_type = &PyType_Type;
+ MProxyType.tp_alloc = PyType_GenericAlloc;
+ MProxyType.tp_free = _PyObject_GC_Del;
+ MProxyType.tp_base = _Proxy;
+ MProxyType.tp_traverse = _Proxy->tp_traverse;
+ MProxyType.tp_clear = _Proxy->tp_clear;
+ if (PyType_Ready(&MProxyType) < 0)
+ return;
+
+ m = Py_InitModule3("_Zope2_security_mproxy",
+ module_functions, module___doc__);
+ if (m == NULL)
+ return;
+
+ Py_INCREF(&MProxyType);
+ PyModule_AddObject(m, "MProxy", (PyObject *)&MProxyType);
+}
Property changes on: Zope/branches/jim-mproxy/lib/python/Zope2/security/_Zope2_security_mproxy.c
___________________________________________________________________
Name: svn:eol-style
+ native
Added: Zope/branches/jim-mproxy/lib/python/Zope2/security/__init__.py
===================================================================
--- Zope/branches/jim-mproxy/lib/python/Zope2/security/__init__.py 2005-10-06 20:23:16 UTC (rev 38827)
+++ Zope/branches/jim-mproxy/lib/python/Zope2/security/__init__.py 2005-10-06 20:32:26 UTC (rev 38828)
@@ -0,0 +1 @@
+#
Property changes on: Zope/branches/jim-mproxy/lib/python/Zope2/security/__init__.py
___________________________________________________________________
Name: svn:keywords
+ Id
Name: svn:eol-style
+ native
Added: Zope/branches/jim-mproxy/lib/python/Zope2/security/mproxy.py
===================================================================
--- Zope/branches/jim-mproxy/lib/python/Zope2/security/mproxy.py 2005-10-06 20:23:16 UTC (rev 38827)
+++ Zope/branches/jim-mproxy/lib/python/Zope2/security/mproxy.py 2005-10-06 20:32:26 UTC (rev 38828)
@@ -0,0 +1,21 @@
+##############################################################################
+#
+# Copyright (c) 2004 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""Mile proxies.
+
+See mproxy.txt
+
+$Id$
+"""
+
+from _Zope2_security_mproxy import MProxy
Property changes on: Zope/branches/jim-mproxy/lib/python/Zope2/security/mproxy.py
___________________________________________________________________
Name: svn:keywords
+ Id
Name: svn:eol-style
+ native
Added: Zope/branches/jim-mproxy/lib/python/Zope2/security/mproxy.txt
===================================================================
--- Zope/branches/jim-mproxy/lib/python/Zope2/security/mproxy.txt 2005-10-06 20:23:16 UTC (rev 38827)
+++ Zope/branches/jim-mproxy/lib/python/Zope2/security/mproxy.txt 2005-10-06 20:32:26 UTC (rev 38828)
@@ -0,0 +1,33 @@
+Mild proxies
+============
+
+Mild proxies (mproxies) are security proxies that are designed to
+provide backward compatibility for Zope 2 while eintrocusing a more
+robust protection system. They differ from normal security proxies in
+that they remove mproxies from arguments passed when calling the
+procies.
+
+ >>> from Zope2.security.mproxy import MProxy
+ >>> from zope.security import checker
+ >>> def f(*args):
+ ... return [type(a).__name__ for a in args]
+
+ >>> class C(object):
+ ... pass
+
+ >>> call_checker = checker.NamesChecker(['__call__'])
+
+ >>> MProxy(f, call_checker)(MProxy(C(), call_checker))
+ ['C']
+
+Otherwise, mproxies are like regular security proxies:
+
+ >>> from zope.security import proxy
+ >>> isinstance(MProxy(C(), call_checker), proxy.Proxy)
+ True
+ >>> MProxy(C(), checker.NamesChecker([]))()
+ ... # doctest: +ELLIPSIS
+ Traceback (most recent call last):
+ ...
+ ForbiddenAttribute: ('__call__', ...)
+
Property changes on: Zope/branches/jim-mproxy/lib/python/Zope2/security/mproxy.txt
___________________________________________________________________
Name: svn:eol-style
+ native
Added: Zope/branches/jim-mproxy/lib/python/Zope2/security/tests.py
===================================================================
--- Zope/branches/jim-mproxy/lib/python/Zope2/security/tests.py 2005-10-06 20:23:16 UTC (rev 38827)
+++ Zope/branches/jim-mproxy/lib/python/Zope2/security/tests.py 2005-10-06 20:32:26 UTC (rev 38828)
@@ -0,0 +1,28 @@
+##############################################################################
+#
+# Copyright (c) 2004 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.0 (ZPL). A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""XXX short summary goes here.
+
+$Id$
+"""
+import unittest
+from zope.testing import doctest
+
+def test_suite():
+ return unittest.TestSuite((
+ doctest.DocFileSuite('mproxy.txt'),
+ ))
+
+if __name__ == '__main__':
+ unittest.main(defaultTest='test_suite')
+
Property changes on: Zope/branches/jim-mproxy/lib/python/Zope2/security/tests.py
___________________________________________________________________
Name: svn:keywords
+ Id
Name: svn:eol-style
+ native
Modified: Zope/branches/jim-mproxy/setup.py
===================================================================
--- Zope/branches/jim-mproxy/setup.py 2005-10-06 20:23:16 UTC (rev 38827)
+++ Zope/branches/jim-mproxy/setup.py 2005-10-06 20:32:26 UTC (rev 38828)
@@ -425,6 +425,12 @@
"zope/proxy/_zope_proxy_proxy.c",
]),
+ # Zope2.security
+ Extension("Zope2.security._Zope2_security_mproxy",
+ ["Zope2/security/_Zope2_security_mproxy.c"],
+ ),
+
+
]
# We're using the module docstring as the distutils descriptions.
More information about the Zope-Checkins
mailing list