[Zope-dev] ZDebug patch for 2.3.0
Shane Hathaway
shane@digicool.com
Mon, 29 Jan 2001 10:56:25 -0500
Chris Withers wrote:
>
> The patch below got ZDebug working with Zope 2.3.0 for me. Hope I didn't
> miss anything ;-)
Good job, Chris! I patched it in a similar way. I planned to release a
new version as soon as I was sure it worked well with 2.3.
Shane
> --- debugsecuritypolicy.py.old Sun Jan 28 21:59:23 2001
> +++ debugsecuritypolicy.py Sun Jan 28 22:07:21 2001
> @@ -89,7 +89,7 @@
> __version__='$Revision: 1.4 $'[11:-2]
>
> from AccessControl import SimpleObjectPolicies
> -_noroles=[]
> +_noroles=SimpleObjectPolicies._noroles
>
> from AccessControl.PermissionRole import \
> _what_not_even_god_should_do, rolesForPermissionOn
> @@ -99,7 +99,7 @@
> class DebugSecurityPolicy:
>
> def validate(self, accessed, container, name, value, context,
> - None=None, type=type, IntType=type(0), DictType=type({}),
> + roles=_noroles, None=None, type=type, IntType=type(0),
> DictType=type({}),
> getattr=getattr, _noroles=_noroles, StringType=type(''),
> Containers=SimpleObjectPolicies.Containers,
> valid_aq_=('aq_parent','aq_explicit')):
> @@ -116,7 +116,8 @@
>
> ############################################################
> # Try to get roles
> - roles=getattr(value, '__roles__', _noroles)
> + if roles is _noroles:
> + roles=getattr(value, '__roles__', _noroles)
>
> if roles is _noroles:
>
> @@ -174,7 +175,14 @@
> value=container
>
> # Short-circuit tests if we can:
> - if roles is None or 'Anonymous' in roles: return 1
> + try:
> + if roles is None or 'Anonymous' in roles: return 1
> + except TypeError:
> + # 'roles' isn't a sequence
> + LOG('Zope Security Policy', PROBLEM, "'%s' passed as roles"
> + " during validation of '%s' is not a sequence." % (
> + `roles`, name))
> + raise
>
> # Check executable security
> stack=context.stack