[Zope-Checkins] SVN: Zope/trunk/src/ Create an API to access Products.__ac_permissions__
Hanno Schlichting
hannosch at hannosch.eu
Sat Jun 5 15:58:01 EDT 2010
Log message for revision 113169:
Create an API to access Products.__ac_permissions__
Changed:
U Zope/trunk/src/AccessControl/Permission.py
U Zope/trunk/src/AccessControl/Role.py
U Zope/trunk/src/AccessControl/security.py
U Zope/trunk/src/AccessControl/tests/testZCML.py
U Zope/trunk/src/HelpSys/HelpSys.py
U Zope/trunk/src/OFS/ObjectManager.py
-=-
Modified: Zope/trunk/src/AccessControl/Permission.py
===================================================================
--- Zope/trunk/src/AccessControl/Permission.py 2010-06-05 19:26:14 UTC (rev 113168)
+++ Zope/trunk/src/AccessControl/Permission.py 2010-06-05 19:58:00 UTC (rev 113169)
@@ -141,10 +141,28 @@
_registeredPermissions = {}
+def getPermissions():
+ import Products
+ return getattr(Products, '__ac_permissions__', ())
+
+
+def addPermission(perm, default_roles=('Manager', )):
+ if perm in _registeredPermissions:
+ return
+
+ entry = ((perm, (), default_roles), )
+ import Products
+ Products_permissions = getPermissions()
+ Products.__ac_permissions__ = Products_permissions + entry
+ _registeredPermissions[perm] = 1
+ mangled = pname(perm) # get mangled permission name
+ if not hasattr(ApplicationDefaultPermissions, mangled):
+ setattr(ApplicationDefaultPermissions, mangled, default_roles)
+
+
def registerPermissions(permissions, defaultDefault=('Manager', )):
"""Register an __ac_permissions__ sequence.
"""
- import Products
for setting in permissions:
if setting[0] in _registeredPermissions:
continue
@@ -153,14 +171,7 @@
default = defaultDefault
else:
perm, methods, default = setting
- _registeredPermissions[perm]=1
- Products_permissions = getattr(Products, '__ac_permissions__', ())
- Products.__ac_permissions__=(
- Products_permissions + ((perm, (), default), ))
- mangled=pname(perm) # get mangled permission name
- if not hasattr(ApplicationDefaultPermissions, mangled):
- setattr(ApplicationDefaultPermissions,
- mangled, default)
+ addPermission(perm, default)
class ApplicationDefaultPermissions:
Modified: Zope/trunk/src/AccessControl/Role.py
===================================================================
--- Zope/trunk/src/AccessControl/Role.py 2010-06-05 19:26:14 UTC (rev 113168)
+++ Zope/trunk/src/AccessControl/Role.py 2010-06-05 19:58:00 UTC (rev 113169)
@@ -28,6 +28,7 @@
from AccessControl import ClassSecurityInfo
from AccessControl.class_init import InitializeClass
from AccessControl.interfaces import IRoleManager
+from AccessControl.Permission import getPermissions
from AccessControl.Permission import Permission
from AccessControl.Permissions import change_permissions
from AccessControl.requestmethod import requestmethod
@@ -608,9 +609,8 @@
pass
def possible_permissions(self):
- import Products
d={}
- Products_permissions = getattr(Products, '__ac_permissions__', ())
+ Products_permissions = getPermissions()
for p in Products_permissions:
d[p[0]]=1
for p in self.ac_inherited_permissions(1):
Modified: Zope/trunk/src/AccessControl/security.py
===================================================================
--- Zope/trunk/src/AccessControl/security.py 2010-06-05 19:26:14 UTC (rev 113168)
+++ Zope/trunk/src/AccessControl/security.py 2010-06-05 19:58:00 UTC (rev 113169)
@@ -27,16 +27,12 @@
from AccessControl.SecurityInfo import ClassSecurityInfo
from AccessControl.SecurityManagement import getSecurityManager
-from AccessControl.Permission import _registeredPermissions
-from AccessControl.Permission import pname
+from AccessControl.Permission import addPermission
-import Products
-
-from AccessControl.Permission import ApplicationDefaultPermissions
-
CheckerPublicId = 'zope.Public'
CheckerPrivateId = 'zope2.Private'
+
def getSecurityInfo(klass):
sec = {}
info = vars(klass)
@@ -47,8 +43,8 @@
sec[k] = v
return sec
+
def clearSecurityInfo(klass):
- sec = {}
info = vars(klass)
if info.has_key('__ac_permissions__'):
delattr(klass, '__ac_permissions__')
@@ -56,6 +52,7 @@
if k.endswith('__roles__'):
delattr(klass, k)
+
def checkPermission(permission, object, interaction=None):
"""Return whether security policy allows permission on object.
@@ -82,6 +79,7 @@
return False
+
class SecurityPolicy(ParanoidSecurityPolicy):
"""Security policy that bridges between zope.security security mechanisms
and Zope 2's security policy.
@@ -94,6 +92,7 @@
def checkPermission(self, permission, object):
return checkPermission(permission, object)
+
def newInteraction():
"""Con zope.security to use Zope 2's checkPermission.
@@ -105,6 +104,7 @@
if getattr(thread_local, 'interaction', None) is None:
thread_local.interaction = SecurityPolicy()
+
def _getSecurity(klass):
# a Zope 2 class can contain some attribute that is an instance
# of ClassSecurityInfo. Zope 2 scans through things looking for
@@ -120,6 +120,7 @@
setattr(klass, '__security__', security)
return security
+
def protectName(klass, name, permission_id):
"""Protect the attribute 'name' on 'klass' using the given
permission"""
@@ -139,6 +140,7 @@
perm = str(permission.title)
security.declareProtected(perm, name)
+
def protectClass(klass, permission_id):
"""Protect the whole class with the given permission"""
security = _getSecurity(klass)
@@ -155,21 +157,11 @@
perm = str(permission.title)
security.declareObjectProtected(perm)
+
def create_permission_from_permission_directive(permission, event):
"""When a new IPermission utility is registered (via the <permission />
directive), create the equivalent Zope2 style permission.
"""
-
- global _registeredPermissions
-
# Zope 2 uses string, not unicode yet
zope2_permission = str(permission.title)
- roles = ('Manager',)
-
- if not _registeredPermissions.has_key(zope2_permission):
- _registeredPermissions[zope2_permission] = 1
-
- Products.__ac_permissions__ += ((zope2_permission, (), roles,),)
-
- mangled = pname(zope2_permission)
- setattr(ApplicationDefaultPermissions, mangled, roles)
+ addPermission(zope2_permission)
Modified: Zope/trunk/src/AccessControl/tests/testZCML.py
===================================================================
--- Zope/trunk/src/AccessControl/tests/testZCML.py 2010-06-05 19:26:14 UTC (rev 113168)
+++ Zope/trunk/src/AccessControl/tests/testZCML.py 2010-06-05 19:58:00 UTC (rev 113169)
@@ -351,8 +351,8 @@
The permission will be made available globally, with default role set
of ('Manager',).
- >>> import Products
- >>> permissions = getattr(Products, '__ac_permissions__', ())
+ >>> from AccessControl.Permission import getPermissions
+ >>> permissions = getPermissions()
>>> [p[2] for p in permissions
... if p[0] == 'AccessControl: Dummy permission']
[('Manager',)]
@@ -360,10 +360,8 @@
Let's also ensure that permissions are not overwritten if they exist
already:
- >>> from AccessControl.Permission import _registeredPermissions
- >>> _registeredPermissions['Dummy: Other dummy'] = 1
- >>> Products.__ac_permissions__ += (
- ... ('Dummy: Other dummy', (), ('Anonymous', ),),)
+ >>> from AccessControl.Permission import addPermission
+ >>> addPermission('Dummy: Other dummy', ('Anonymous', ))
>>> from StringIO import StringIO
>>> configure_zcml = StringIO('''
@@ -380,9 +378,8 @@
>>> from zope.configuration.xmlconfig import xmlconfig
>>> xmlconfig(configure_zcml)
- >>> permissions = getattr(Products, '__ac_permissions__', ())
- >>> [p[2] for p in permissions
- ... if p[0] == 'Dummy: Other dummy']
+ >>> permissions = getPermissions()
+ >>> [p[2] for p in permissions if p[0] == 'Dummy: Other dummy']
[('Anonymous',)]
>>> tearDown()
Modified: Zope/trunk/src/HelpSys/HelpSys.py
===================================================================
--- Zope/trunk/src/HelpSys/HelpSys.py 2010-06-05 19:26:14 UTC (rev 113168)
+++ Zope/trunk/src/HelpSys/HelpSys.py 2010-06-05 19:58:00 UTC (rev 113169)
@@ -56,7 +56,6 @@
security.declareProtected(access_contents_information, 'helpValues')
def helpValues(self, spec=None):
"ProductHelp objects of all Products that have help"
- import Products
hv=[]
for product in self.Control_Panel.Products.objectValues():
productHelp=product.getProductHelp()
Modified: Zope/trunk/src/OFS/ObjectManager.py
===================================================================
--- Zope/trunk/src/OFS/ObjectManager.py 2010-06-05 19:26:14 UTC (rev 113168)
+++ Zope/trunk/src/OFS/ObjectManager.py 2010-06-05 19:58:00 UTC (rev 113169)
@@ -26,6 +26,7 @@
import sys
from AccessControl import ClassSecurityInfo
+from AccessControl.Permission import getPermissions
from AccessControl.Permissions import view_management_screens
from AccessControl.Permissions import access_contents_information
from AccessControl.Permissions import delete_objects
@@ -263,9 +264,7 @@
return meta_types
def _subobject_permissions(self):
- import Products
- Products_permissions = getattr(Products, '__ac_permissions__', ())
- return Products_permissions
+ return getPermissions()
def filtered_meta_types(self, user=None):
# Return a list of the types for which the user has
More information about the Zope-Checkins
mailing list