[Zope-dev] [Zope Enhancement Proposal] Sanitizing local roles

Richard Jones richard at commonground.com.au
Fri Jul 23 02:07:08 EDT 2004


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Fri, 23 Jul 2004 03:30 am, Dieter Maurer wrote:
> Moreover, I propose to change the local role management pages.
> When setting local roles, information about "acquired"
> local role definitions is very helpful.
> I therefore propose to display this information on the local
> role edit page.

I have implemented a "security information" page that details this and more
info. I've always found the default security edit pages to be less than
useful since they inherently use acquisition, but don't tell you what would
be or is currently acquired.

The code is attached. We mix it in with every object. A sample output is also
attached.

I have found it invaluable when debugging permissions problems.

Would this be a useful thing to add to 2.8?


    Richard
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFBAKsMrGisBEHG6TARAiwuAJ9n7wLGWzhDa7kGyr/5q8zwi3SV0QCfXX1f
JAcHE9s71y9N/4oyNgRiRg4=
=ATJ2
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ManageViewAccess.py
Type: application/x-python
Size: 2838 bytes
Desc: not available
Url : http://mail.zope.org/pipermail/zope-dev/attachments/20040723/40dca8b8/ManageViewAccess.bin
-------------- next part --------------
<dtml-var manage_page_header>
<dtml-var manage_tabs>

<h2>Access permissions dump</h2>


<dl>
<dt><strong>Valid Roles:</strong>
<dd><dtml-var "', '.join(valid_roles())">
<dt><strong>User Defined Roles:</strong>
<dd><dtml-var "', '.join(userdefined_roles())">
<dt><strong>Local Roles:</strong>
<dd>
<table class="listing">
<tbody>
<tr><th>At Object</th><th>Local Roles Defined</th></tr>
<dtml-in list_local_roles>
<tr><td>
<dtml-var sequence-key>
</td><td>
<dtml-var "'<br>'.join(['%s: %s'%(i[0], ', '.join(i[1])) for i in _['sequence-item']])">
</td></tr>
</dtml-in>
</tbody>
</table>

<dt><strong>Permission Usage:</strong>
<dd>
<table class="listing">
<tbody>
<tr><th>Permission</th><th>Assigned To</th></tr>
<dtml-in list_permission_use mapping>
<tr><td>
&dtml-sequence-key;
</td><td>
&dtml-perm; from &dtml-from;
</td></tr>
</dtml-in>
</tbody>
</table>

<dt><strong>Permission Settings:</strong>
<dd>
<table class="listing">
<tbody>
<tr><th>Permission</th><th>Has Roles Assigned</th></tr>
<dtml-in list_permission_roles>
<tr><td>
<dtml-var sequence-key>
</td><td>
<dtml-var "'<br>'.join([', '.join(d['roles']) + ' from %(from)s'%d for d in _['sequence-item']])"><br>
</td></tr>
</dtml-in>
</tbody>
</table>

</dl>

<dtml-var manage_page_footer>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.zope.org/pipermail/zope-dev/attachments/20040723/40dca8b8/sample_manage_view_access.html


More information about the Zope-Dev mailing list