[Zope-dev] Re: Re: PAU question - how to I handle roles on principals

kevin gill kevin at movieextras.ie
Fri Dec 7 08:12:05 EST 2007 

Thanks Christophe

I tried to configure a Principal annotation for 'roles' but I am afraid I
have come up blank. Here is what I did...

# Create a principal Annotations Utility (as recommeded by CC)
from zope.component import provideUtility, provideAdapter
from zope.app.principalannotation import PrincipalAnnotationUtility
from zope.app.principalannotation.interfaces import 
IPrincipalAnnotationUtility
annotationsUtility = PrincipalAnnotationUtility()
provideUtility(annotationsUtility, IPrincipalAnnotationUtility)

# Create a content object for testing
import zope.interface
from zope.annotation.interfaces import IAttributeAnnotatable
class Ob(object):
    zope.interface.implements(IAttributeAnnotatable)

ob = Ob()

# Create a principal

from zope.security.interfaces import IPrincipal
from zope.interface import implements
class Principal:
    implements(IPrincipal)
    def __init__(self, id):
        self.id = id
        self.groups = []

principal = Principal('bob')

# Annotate the Principal with test roles - This my guess at how the
# PrincipalAnnotation utility should be used
import zope.securitypolicy.role
role1=zope.securitypolicy.role.Role('role1', 'Role One')
role2=zope.securitypolicy.role.Role('role2', 'Role Two')
annotations = annotationsUtility.getAnnotations(principal)
annotations.data['roles'] = [role1, role2]


# Create an interaction and use it to link the principal to the object
import zope.securitypolicy.zopepolicy
interaction = zope.securitypolicy.zopepolicy.ZopeSecurityPolicy()

class Participation:
    interaction = None

participation = Participation()
participation.principal = principal
interaction.add(participation)

# Verify that it is configured
interaction.checkPermission('P1', ob)
from zope.security.checker import CheckerPublic
interaction.checkPermission(CheckerPublic, ob)

# Get the RoleManager adapter. This should tell me what roles
# the Principal has in the context of my object
from zope.securitypolicy.interfaces import IRolePermissionManager,
IPrincipalRoleManager, IPrincipalPermissionManager
roleper  = IRolePermissionManager(ob)
prinrole = IPrincipalRoleManager(ob)
prinper  = IPrincipalPermissionManager(ob)

# List the Roles and permissions
print roleper.getRolesAndPermissions()



Unfortunately, this prints [], an empty list of roles and permissions. I
expected to see the two roles I annotated the Principal with.

I could be just using the wrong types or name for the annotation.

Do you have any example I could follow?

Thanks

Kevin

More information about the Zope-Dev mailing list