[Zope3-checkins] CVS: Zope3/lib/python/Zope/Security - SecurityManagement.py:1.3 SimpleSecurityPolicies.py:1.3
Jim Fulton
jim@zope.com
Tue, 13 Aug 2002 13:46:13 -0400
Update of /cvs-repository/Zope3/lib/python/Zope/Security
In directory cvs.zope.org:/tmp/cvs-serv18338/lib/python/Zope/Security
Modified Files:
SecurityManagement.py SimpleSecurityPolicies.py
Log Message:
Introduced a system user
(Zope.Security.SecurityManagement.system_user)
that has all permissions. This was necessary so startup code and
testing code can avoid authorization failures.
=== Zope3/lib/python/Zope/Security/SecurityManagement.py 1.2 => 1.3 ===
--- Zope3/lib/python/Zope/Security/SecurityManagement.py:1.2 Mon Jun 10 19:29:34 2002
+++ Zope3/lib/python/Zope/Security/SecurityManagement.py Tue Aug 13 13:46:12 2002
@@ -13,6 +13,9 @@
##############################################################################
""" Default ISecurityManagement implementation """
+system_user = object() # Special system user that has all permissions
+
+
from ISecurityManagement import ISecurityManagement, ISecurityManagementSetup
from SecurityManager import SecurityManager
from SecurityManager import setSecurityPolicy as _setSecurityPolicy
=== Zope3/lib/python/Zope/Security/SimpleSecurityPolicies.py 1.2 => 1.3 ===
--- Zope3/lib/python/Zope/Security/SimpleSecurityPolicies.py:1.2 Mon Jun 10 19:29:34 2002
+++ Zope3/lib/python/Zope/Security/SimpleSecurityPolicies.py Tue Aug 13 13:46:12 2002
@@ -15,6 +15,7 @@
from ISecurityPolicy import ISecurityPolicy
from Zope.Exceptions import Unauthorized
+from SecurityManagement import system_user
class ParanoidSecurityPolicy:
"""
@@ -23,7 +24,7 @@
__implements__ = ISecurityPolicy
def checkPermission( sel, permission, object, context ):
- if (context.user is None # no user
+ if (context.user is system_user # no user
and not context.stack # no untrusted code
):
return 1 # Nobody not to trust!