[Zope-CVS] CVS: Products/RecentItemsIndex - README.txt:1.2 index.py:1.2 test.py:1.2

[Casey Duncan]

Update of /cvs-repository/Products/RecentItemsIndex
In directory cvs.zope.org:/tmp/cvs-serv15367

Modified Files:
	README.txt index.py test.py 
Log Message:
Add role/permission guard functionality to pre-filter index objects


=== Products/RecentItemsIndex/README.txt 1.1.1.1 => 1.2 ===
--- Products/RecentItemsIndex/README.txt:1.1.1.1	Mon Jul 19 13:46:21 2004
+++ Products/RecentItemsIndex/README.txt	Mon Jul 19 17:16:56 2004
@@ -12,5 +12,10 @@
   The index also has a custom query interface so that applications
   may query it directly for greatest efficiency since it handles both
   the result selection and sorting simultaneously.
+  
+  At the moment the index is not searchable through the standard ZCatalog
+  'searchResults()' API. This is because the catalog does not yet support
+  indexes that can do searching and sorting simultaneously as this one
+  does.
 
   


=== Products/RecentItemsIndex/index.py 1.1.1.1 => 1.2 ===
--- Products/RecentItemsIndex/index.py:1.1.1.1	Mon Jul 19 13:46:21 2004
+++ Products/RecentItemsIndex/index.py	Mon Jul 19 17:16:56 2004
@@ -24,6 +24,7 @@
     import PluggableIndexInterface
 from Products.ZCatalog.Lazy import LazyMap
 from AccessControl import Permissions
+from AccessControl.PermissionRole import rolesForPermissionOn
 from AccessControl.SecurityInfo import ClassSecurityInfo
 from BTrees.OOBTree import OOBTree
 from BTrees.IOBTree import IOBTree
@@ -61,7 +62,7 @@
     
     def __init__(
         self, id, field_name=None, date_name=None, max_length=None, 
-        extra=None, caller=None):
+        guard_roles=None, guard_permission=None, extra=None, caller=None):
         """Recent items index constructor
         
         id -- Zope id for index in
@@ -72,6 +73,16 @@
         date_name -- Name of attribute containing a date which specifies the
         object's age.
         
+        max_length -- Maximum length of each recent items list.
+        
+        guard_roles -- A list of one or more roles that must be granted the
+        guard permission in order for an object to be indexed. Ignored if
+        no guard_permission value is given.
+        
+        guard_permission -- The permission that must be granted to the
+        guard roles for an object in order for it to be indexed. Ignored if
+        not guard_roles value is given.
+        
         extra and caller are used by the wonderous ZCatalog addIndex 
         machinery. You can ignore them, unfortunately I can't 8^/
         """
@@ -80,6 +91,15 @@
         self.date_name = date_name or extra.date_name
         self.max_length = max_length or extra.max_length
         assert self.max_length > 0, 'Max item length value must be 1 or greater'
+        if guard_roles is None:
+            guard_roles = getattr(extra, 'guard_roles', None)
+        if guard_permission is None:
+            guard_permission = getattr(extra, 'guard_permission', None)
+        if guard_permission is not None and guard_roles:
+            self.guard_permission = guard_permission
+            self.guard_roles = tuple(guard_roles)
+        else:
+            self.guard_permission = self.guard_roles = None
         self.clear()
     
     ## Index specific methods ##
@@ -127,6 +147,16 @@
     
     def index_object(self, docid, obj, theshold=None):
         """Add document to index"""
+        if self.guard_permission is not None and self.guard_roles:
+            allowed_roles = rolesForPermissionOn(self.guard_permission, obj)
+            for role in allowed_roles:
+                if role in self.guard_roles:
+                    break
+            else:
+                # Object does not have proper permission grant
+                # to be in the index
+                self.unindex_object(docid)
+                return 0
         try:
             fieldvalue = _getSourceValue(obj, self.field_name)
             datevalue = _getSourceValue(obj, self.date_name)


=== Products/RecentItemsIndex/test.py 1.1.1.1 => 1.2 ===
--- Products/RecentItemsIndex/test.py:1.1.1.1	Mon Jul 19 13:46:21 2004
+++ Products/RecentItemsIndex/test.py	Mon Jul 19 17:16:56 2004
@@ -35,6 +35,16 @@
     def __getitem__(self, item):
         return self.docs[item]
 
+class Viewable(SimpleItem):
+    
+    date = DateTime('2/21/2004')
+    type = 'Viewable'
+    
+    def __init__(self, role=None):
+        self._addRole(role)
+        if role is not None:
+            self.manage_permission('View', [role])
+
 class RecentItemsIndexTest(TestCase):
 
     def setUp(self):
@@ -50,11 +60,15 @@
             field_name = 'bruford'
             date_name = 'wakeman'
             max_length = 25
+            guard_roles = ['Anonymous']
+            guard_permission = 'View'
         index = RecentItemsIndex('extra', extra=extra)
         self.assertEqual(index.getId(), 'extra')
         self.assertEqual(index.field_name, 'bruford')
         self.assertEqual(index.date_name, 'wakeman')
         self.assertEqual(index.max_length, 25)
+        self.assertEqual(tuple(index.guard_roles), ('Anonymous',))
+        self.assertEqual(index.guard_permission, 'View')
     
     def test_construct_with_bogus_max_length(self):
         from Products.RecentItemsIndex.index import RecentItemsIndex
@@ -302,9 +316,32 @@
         
     def test_clear(self):
         self.test_index_many()
+        self.failUnless(self.index.numObjects())
         self.index.clear()
         self.assertEqual(self.index.numObjects(), 0)
-
+    
+    def test_role_permission_guard(self):
+        from Products.RecentItemsIndex.index import RecentItemsIndex
+        index = RecentItemsIndex(
+            'test', 'type', 'date', 5, ['NerfHerder', 'Bloke'], 'View')
+        viewable = Viewable('NerfHerder')
+        index.index_object(0, viewable)
+        self.assertEqual(index.numObjects(), 1)
+        notviewable = Viewable()
+        index.index_object(1, notviewable)
+        self.assertEqual(index.numObjects(), 1)
+        bloke = Viewable('Bloke')
+        index.index_object(2, bloke)
+        self.assertEqual(index.numObjects(), 2)
+        bloke.manage_permission('View', [])
+        index.index_object(2, bloke)
+        self.assertEqual(index.numObjects(), 1)
+        dummy = Viewable('Dummy')
+        index.index_object(3, dummy)
+        self.assertEqual(index.numObjects(), 1)        
+        viewable.manage_permission('View', [])
+        index.index_object(0, viewable)
+        self.assertEqual(index.numObjects(), 0)
         
 def test_suite():
     return TestSuite((makeSuite(RecentItemsIndexTest),))