[Zope-Checkins] SVN: Zope/trunk/src/AccessControl/ Some PEP8 cleanup
Hanno Schlichting
hannosch at hannosch.eu
Sat Jun 5 15:22:38 EDT 2010
Log message for revision 113166:
Some PEP8 cleanup
Changed:
U Zope/trunk/src/AccessControl/Permission.py
U Zope/trunk/src/AccessControl/Role.py
-=-
Modified: Zope/trunk/src/AccessControl/Permission.py
===================================================================
--- Zope/trunk/src/AccessControl/Permission.py 2010-06-05 19:07:49 UTC (rev 113165)
+++ Zope/trunk/src/AccessControl/Permission.py 2010-06-05 19:22:38 UTC (rev 113166)
@@ -20,110 +20,135 @@
from Acquisition import aq_base
name_trans=filter(lambda c, an=string.letters+string.digits+'_': c not in an,
- map(chr,range(256)))
+ map(chr, range(256)))
name_trans=string.maketrans(''.join(name_trans), '_'*len(name_trans))
+
def pname(name, translate=string.translate, name_trans=name_trans):
- return '_'+translate(name,name_trans)+"_Permission"
+ return '_'+translate(name, name_trans) + "_Permission"
_marker=[]
+
+
class Permission:
# A Permission maps a named logical permission to a set
# of attribute names. Attribute names which appear in a
# permission may not appear in any other permission defined
# by the object.
- def __init__(self,name,data,obj,default=None):
- self.name=name
- self._p='_'+string.translate(name,name_trans)+"_Permission"
- self.data=data
- self.obj=aq_base(obj)
- self.default=default
+ def __init__(self, name, data, obj, default=None):
+ self.name = name
+ self._p = '_' + string.translate(name, name_trans) + "_Permission"
+ self.data = data
+ self.obj = aq_base(obj)
+ self.default = default
def getRoles(self, default=_marker):
# Return the list of role names which have been given
# this permission for the object in question. To do
# this, we try to get __roles__ from all of the object
# attributes that this permission represents.
- obj=self.obj
- name=self._p
- if hasattr(obj, name): return getattr(obj, name)
- roles=default
+ obj = self.obj
+ name = self._p
+ if hasattr(obj, name):
+ return getattr(obj, name)
+ roles = default
for name in self.data:
if name:
if hasattr(obj, name):
- attr=getattr(obj, name)
- if hasattr(attr,'im_self'):
- attr=attr.im_self
+ attr = getattr(obj, name)
+ if hasattr(attr, 'im_self'):
+ attr = attr.im_self
if hasattr(attr, '__dict__'):
- attr=attr.__dict__
- name=name+'__roles__'
- if attr.has_key(name):
- roles=attr[name]
+ attr = attr.__dict__
+ name = name + '__roles__'
+ if name in attr:
+ roles = attr[name]
break
elif hasattr(obj, '__dict__'):
- attr=obj.__dict__
- if attr.has_key('__roles__'):
- roles=attr['__roles__']
+ attr = obj.__dict__
+ if '__roles__' in attr:
+ roles = attr['__roles__']
break
if roles:
try:
- if 'Shared' not in roles: return tuple(roles)
- roles=list(roles)
+ if 'Shared' not in roles:
+ return tuple(roles)
+ roles = list(roles)
roles.remove('Shared')
return roles
- except: return []
+ except:
+ return []
- if roles is None: return ['Manager','Anonymous']
- if roles is _marker: return ['Manager']
+ if roles is None:
+ return ['Manager', 'Anonymous']
+ if roles is _marker:
+ return ['Manager']
return roles
def setRoles(self, roles):
- obj=self.obj
+ obj = self.obj
if isinstance(roles, list) and not roles:
- if hasattr(obj, self._p): delattr(obj, self._p)
+ if hasattr(obj, self._p):
+ delattr(obj, self._p)
else:
setattr(obj, self._p, roles)
for name in self.data:
- if name=='': attr=obj
- else: attr=getattr(obj, name)
- try: del attr.__roles__
- except: pass
- try: delattr(obj,name+'__roles__')
- except: pass
+ if name=='':
+ attr = obj
+ else:
+ attr = getattr(obj, name)
+ try:
+ del attr.__roles__
+ except:
+ pass
+ try:
+ delattr(obj, name + '__roles__')
+ except:
+ pass
def setRole(self, role, present):
- roles=self.getRoles()
+ roles = self.getRoles()
if role in roles:
- if present: return
- if isinstance(roles, list): roles.remove(role)
+ if present:
+ return
+ if isinstance(roles, list):
+ roles.remove(role)
else:
- roles=list(roles)
+ roles = list(roles)
roles.remove(role)
- roles=tuple(roles)
- elif not present: return
+ roles = tuple(roles)
+ elif not present:
+ return
else:
- if isinstance(roles, list): roles.append(role)
- else: roles=roles+(role,)
+ if isinstance(roles, list):
+ roles.append(role)
+ else:
+ roles=roles + (role, )
self.setRoles(roles)
- def __len__(self): return 1
- def __str__(self): return self.name
+ def __len__(self):
+ return 1
+ def __str__(self):
+ return self.name
+
_registeredPermissions={}
_registerdPermission=_registeredPermissions.has_key
-def registerPermissions(permissions, defaultDefault=('Manager',)):
+
+def registerPermissions(permissions, defaultDefault=('Manager', )):
"""Register an __ac_permissions__ sequence.
"""
import Products
for setting in permissions:
- if _registerdPermission(setting[0]): continue
+ if _registerdPermission(setting[0]):
+ continue
if len(setting)==2:
perm, methods = setting
default = defaultDefault
@@ -132,12 +157,13 @@
_registeredPermissions[perm]=1
Products_permissions = getattr(Products, '__ac_permissions__', ())
Products.__ac_permissions__=(
- Products_permissions + ((perm, (), default),))
+ Products_permissions + ((perm, (), default), ))
mangled=pname(perm) # get mangled permission name
if not hasattr(ApplicationDefaultPermissions, mangled):
setattr(ApplicationDefaultPermissions,
mangled, default)
+
class ApplicationDefaultPermissions:
_View_Permission = ('Manager', 'Anonymous')
_Access_contents_information_Permission = ('Manager', 'Anonymous')
Modified: Zope/trunk/src/AccessControl/Role.py
===================================================================
--- Zope/trunk/src/AccessControl/Role.py 2010-06-05 19:07:49 UTC (rev 113165)
+++ Zope/trunk/src/AccessControl/Role.py 2010-06-05 19:22:38 UTC (rev 113166)
@@ -19,25 +19,27 @@
from Acquisition import Acquired
from Acquisition import aq_base
from Acquisition import aq_get
-from AccessControl import ClassSecurityInfo
-from AccessControl.SecurityManagement import newSecurityManager
-from AccessControl.Permissions import change_permissions
from App.Dialogs import MessageDialog
from App.special_dtml import DTMLFile
from ExtensionClass import Base
from PermissionMapping import RoleManager
from zope.interface import implements
+from AccessControl import ClassSecurityInfo
from AccessControl.class_init import InitializeClass
from AccessControl.interfaces import IRoleManager
from AccessControl.Permission import Permission
+from AccessControl.Permissions import change_permissions
from AccessControl.requestmethod import requestmethod
+from AccessControl.SecurityManagement import newSecurityManager
-DEFAULTMAXLISTUSERS=250
+DEFAULTMAXLISTUSERS = 250
+
def _isBeingUsedAsAMethod(self):
return aq_get(self, '_isBeingUsedAsAMethod_', 0)
+
def _isNotBeingUsedAsAMethod(self):
return not aq_get(self, '_isBeingUsedAsAMethod_', 0)
@@ -51,8 +53,8 @@
security = ClassSecurityInfo()
manage_options=(
- {'label':'Security', 'action':'manage_access',
- 'help':('OFSP','Security.stx'),
+ {'label': 'Security', 'action': 'manage_access',
+ 'help': ('OFSP', 'Security.stx'),
},
)
@@ -67,20 +69,21 @@
# Get all permissions not defined in ourself that are inherited
# This will be a sequence of tuples with a name as the first item and
# an empty tuple as the second.
- d={}
- perms=self.__ac_permissions__
- for p in perms: d[p[0]]=None
+ d = {}
+ perms = self.__ac_permissions__
+ for p in perms:
+ d[p[0]] = None
- r=gather_permissions(self.__class__, [], d)
+ r = gather_permissions(self.__class__, [], d)
if all:
if hasattr(self, '_subobject_permissions'):
for p in self._subobject_permissions():
pname=p[0]
- if not d.has_key(pname):
- d[pname]=1
+ if not pname in d:
+ d[pname] = 1
r.append(p)
- r=list(perms)+r
+ r = list(perms) + r
r.sort()
return tuple(r)
@@ -104,19 +107,19 @@
for p in permissions:
name, value = p[:2]
- p=Permission(name,value,self)
- roles=p.getRoles(default=[])
+ p=Permission(name, value, self)
+ roles = p.getRoles(default=[])
d={'name': name,
'acquire': isinstance(roles, list) and 'CHECKED' or '',
'roles': map(
lambda ir, roles=roles, valid=valid, ip=ip:
{
- 'name': "p%dr%d" % (ip,ir),
+ 'name': "p%dr%d" % (ip, ir),
'checked': (valid[ir] in roles) and 'CHECKED' or '',
},
indexes)
}
- ip=ip+1
+ ip = ip + 1
result.append(d)
return result
@@ -133,10 +136,11 @@
"""
for p in self.ac_inherited_permissions(1):
name, value = p[:2]
- p=Permission(name,value,self)
+ p=Permission(name, value, self)
p.setRole(role_to_manage, name in permissions)
- if REQUEST is not None: return self.manage_access(REQUEST)
+ if REQUEST is not None:
+ return self.manage_access(REQUEST)
security.declareProtected(change_permissions, 'manage_acquiredForm')
manage_acquiredForm=DTMLFile('dtml/acquiredEdit', globals(),
@@ -151,13 +155,17 @@
"""
for p in self.ac_inherited_permissions(1):
name, value = p[:2]
- p=Permission(name,value,self)
- roles=p.getRoles()
- if roles is None: continue
- if name in permissions: p.setRoles(list(roles))
- else: p.setRoles(tuple(roles))
+ p = Permission(name, value, self)
+ roles = p.getRoles()
+ if roles is None:
+ continue
+ if name in permissions:
+ p.setRoles(list(roles))
+ else:
+ p.setRoles(tuple(roles))
- if REQUEST is not None: return self.manage_access(REQUEST)
+ if REQUEST is not None:
+ return self.manage_access(REQUEST)
def manage_getUserRolesAndPermissions(self, user_id):
""" Used for permission/role reporting for a given user_id.
@@ -167,9 +175,9 @@
'roles' -> global roles,
'roles_in_context' -> roles in context of the current object,
'allowed_permissions' -> permissions allowed for the user,
- 'disallowed_permissions' -> all other permissions
+ 'disallowed_permissions' -> all other permissions
"""
-
+
d = {}
current = self
@@ -189,7 +197,7 @@
newSecurityManager(None, userObj) # necessary?
userObj = userObj.__of__(uf)
- d = {'user_defined_in' : '/' + uf.absolute_url(1)}
+ d = {'user_defined_in': '/' + uf.absolute_url(1)}
# roles
roles = list(userObj.getRoles())
@@ -237,26 +245,30 @@
"""
for p in self.ac_inherited_permissions(1):
name, value = p[:2]
- if name==permission_to_manage:
- p=Permission(name,value,self)
- if acquire: roles=list(roles)
- else: roles=tuple(roles)
+ if name == permission_to_manage:
+ p = Permission(name, value, self)
+ if acquire:
+ roles=list(roles)
+ else:
+ roles=tuple(roles)
p.setRoles(roles)
- if REQUEST is not None: return self.manage_access(REQUEST)
+ if REQUEST is not None:
+ return self.manage_access(REQUEST)
return
- raise ValueError, (
+ raise ValueError(
"The permission <em>%s</em> is invalid." %
escape(permission_to_manage))
_normal_manage_access=DTMLFile('dtml/access', globals())
- manage_reportUserPermissions=DTMLFile('dtml/reportUserPermissions', globals())
+ manage_reportUserPermissions=DTMLFile(
+ 'dtml/reportUserPermissions', globals())
security.declareProtected(change_permissions, 'manage_access')
def manage_access(self, REQUEST, **kw):
"""Return an interface for making permissions settings.
"""
- return apply(self._normal_manage_access,(), kw)
+ return apply(self._normal_manage_access, (), kw)
security.declareProtected(change_permissions, 'manage_changePermissions')
@requestmethod('POST')
@@ -269,13 +281,15 @@
permissions=self.ac_inherited_permissions(1)
fails = []
for ip in range(len(permissions)):
- roles=[]
+ roles = []
for ir in indexes:
- if have("p%dr%d" % (ip,ir)): roles.append(valid_roles[ir])
+ if have("p%dr%d" % (ip, ir)):
+ roles.append(valid_roles[ir])
name, value = permissions[ip][:2]
try:
- p=Permission(name,value,self)
- if not have('a%d' % ip): roles=tuple(roles)
+ p = Permission(name, value, self)
+ if not have('a%d' % ip):
+ roles=tuple(roles)
p.setRoles(roles)
except:
fails.append(name)
@@ -286,19 +300,19 @@
+ escape(', '.join(fails)),
action='manage_access')
return MessageDialog(
- title ='Success!',
- message='Your changes have been saved',
- action ='manage_access')
+ title = 'Success!',
+ message = 'Your changes have been saved',
+ action = 'manage_access')
security.declareProtected(change_permissions, 'permissionsOfRole')
def permissionsOfRole(self, role):
"""Used by management screen.
"""
- r=[]
+ r = []
for p in self.ac_inherited_permissions(1):
name, value = p[:2]
- p=Permission(name,value,self)
- roles=p.getRoles()
+ p = Permission(name, value, self)
+ roles = p.getRoles()
r.append({'name': name,
'selected': role in roles and 'SELECTED' or '',
})
@@ -308,12 +322,12 @@
def rolesOfPermission(self, permission):
"""Used by management screen.
"""
- valid_roles=self.valid_roles()
+ valid_roles = self.valid_roles()
for p in self.ac_inherited_permissions(1):
name, value = p[:2]
if name==permission:
- p=Permission(name,value,self)
- roles=p.getRoles()
+ p = Permission(name, value, self)
+ roles = p.getRoles()
return map(
lambda role, roles=roles:
{'name': role,
@@ -321,7 +335,7 @@
},
valid_roles)
- raise ValueError, (
+ raise ValueError(
"The permission <em>%s</em> is invalid." % escape(permission))
security.declareProtected(change_permissions, 'acquiredRolesAreUsedBy')
@@ -331,14 +345,13 @@
for p in self.ac_inherited_permissions(1):
name, value = p[:2]
if name==permission:
- p=Permission(name,value,self)
- roles=p.getRoles()
+ p=Permission(name, value, self)
+ roles = p.getRoles()
return isinstance(roles, list) and 'CHECKED' or ''
- raise ValueError, (
+ raise ValueError(
"The permission <em>%s</em> is invalid." % escape(permission))
-
# Local roles support
# -------------------
#
@@ -390,8 +403,10 @@
aclu = getattr(aq_base(item), '__allow_groups__', _notfound)
if aclu is not _notfound:
mlu = getattr(aclu, 'maxlistusers', _notfound)
- if not isinstance(mlu, int): mlu = DEFAULTMAXLISTUSERS
- if mlu < 0: raise OverflowError
+ if not isinstance(mlu, int):
+ mlu = DEFAULTMAXLISTUSERS
+ if mlu < 0:
+ raise OverflowError
un = getattr(aclu, 'user_names', _notfound)
if un is not _notfound:
un = aclu.__of__(item).user_names # rewrap
@@ -417,8 +432,8 @@
def manage_addLocalRoles(self, userid, roles, REQUEST=None):
"""Set local roles for a user."""
if not roles:
- raise ValueError, 'One or more roles must be given!'
- dict=self.__ac_local_roles__
+ raise ValueError('One or more roles must be given!')
+ dict = self.__ac_local_roles__
if dict is None:
self.__ac_local_roles__ = dict = {}
local_roles = list(dict.get(userid, []))
@@ -436,12 +451,12 @@
def manage_setLocalRoles(self, userid, roles, REQUEST=None):
"""Set local roles for a user."""
if not roles:
- raise ValueError, 'One or more roles must be given!'
- dict=self.__ac_local_roles__
+ raise ValueError('One or more roles must be given!')
+ dict = self.__ac_local_roles__
if dict is None:
self.__ac_local_roles__ = dict = {}
dict[userid]=roles
- self._p_changed=True
+ self._p_changed = True
if REQUEST is not None:
stat='Your changes have been saved.'
return self.manage_listLocalRoles(self, REQUEST, stat=stat)
@@ -450,11 +465,11 @@
@requestmethod('POST')
def manage_delLocalRoles(self, userids, REQUEST=None):
"""Remove all local roles for a user."""
- dict=self.__ac_local_roles__
+ dict = self.__ac_local_roles__
if dict is None:
self.__ac_local_roles__ = dict = {}
for userid in userids:
- if dict.has_key(userid):
+ if userid in dict:
del dict[userid]
self._p_changed=True
if REQUEST is not None:
@@ -479,7 +494,7 @@
'class': 0})
for key, value in clas.items():
if key.find('__roles__') >= 0:
- _add({'name': key, 'value': value, 'class' : 1})
+ _add({'name': key, 'value': value, 'class': 1})
if hasattr(value, '__roles__'):
_add({'name': '%s.__roles__' % key, 'value': value.__roles__,
'class': 1})
@@ -519,10 +534,12 @@
def userdefined_roles(self):
"""Return list of user-defined roles.
"""
- roles=list(self.__ac_roles__)
- for role in classattr(self.__class__,'__ac_roles__'):
- try: roles.remove(role)
- except: pass
+ roles = list(self.__ac_roles__)
+ for role in classattr(self.__class__, '__ac_roles__'):
+ try:
+ roles.remove(role)
+ except:
+ pass
return tuple(roles)
security.declareProtected(change_permissions, 'manage_defined_roles')
@@ -544,15 +561,15 @@
def _addRole(self, role, REQUEST=None):
if not role:
return MessageDialog(
- title ='Incomplete',
+ title='Incomplete',
message='You must specify a role name',
- action ='manage_access')
+ action='manage_access')
if role in self.__ac_roles__:
return MessageDialog(
- title ='Role Exists',
+ title='Role Exists',
message='The given role is already defined',
- action ='manage_access')
- data=list(self.__ac_roles__)
+ action='manage_access')
+ data = list(self.__ac_roles__)
data.append(role)
self.__ac_roles__=tuple(data)
if REQUEST is not None:
@@ -562,14 +579,16 @@
def _delRoles(self, roles, REQUEST=None):
if not roles:
return MessageDialog(
- title ='Incomplete',
+ title='Incomplete',
message='You must specify a role name',
- action ='manage_access')
- data=list(self.__ac_roles__)
+ action='manage_access')
+ data = list(self.__ac_roles__)
for role in roles:
- try: data.remove(role)
- except: pass
- self.__ac_roles__=tuple(data)
+ try:
+ data.remove(role)
+ except:
+ pass
+ self.__ac_roles__ = tuple(data)
if REQUEST is not None:
return self.manage_access(REQUEST)
@@ -606,30 +625,43 @@
def reqattr(request, attr):
- try: return request[attr]
- except: return None
+ try:
+ return request[attr]
+ except:
+ return None
+
def classattr(cls, attr):
if hasattr(cls, attr):
return getattr(cls, attr)
- try: bases=cls.__bases__
- except: bases=()
+ try:
+ bases = cls.__bases__
+ except:
+ bases = ()
for base in bases:
if classattr(base, attr):
return attr
return None
+
def instance_dict(inst):
- try: return inst.__dict__
- except: return {}
+ try:
+ return inst.__dict__
+ except:
+ return {}
+
def class_dict(_class):
- try: return _class.__dict__
- except: return {}
+ try:
+ return _class.__dict__
+ except:
+ return {}
+
def instance_attrs(inst):
return instance_dict(inst)
+
def class_attrs(inst, _class=None, data=None):
if _class is None:
_class=inst.__class__
@@ -645,13 +677,15 @@
data=class_attrs(inst, base, data)
return data
+
def gather_permissions(klass, result, seen):
for base in klass.__bases__:
- if base.__dict__.has_key('__ac_permissions__'):
+ if '__ac_permissions__' in base.__dict__:
for p in base.__ac_permissions__:
name=p[0]
- if seen.has_key(name): continue
+ if name in seen:
+ continue
result.append((name, ()))
- seen[name]=None
+ seen[name] = None
gather_permissions(base, result, seen)
return result
More information about the Zope-Checkins
mailing list