[Zope3-checkins] CVS: Zope3/src/zope/app/security/grants - __init__.py:1.1.2.1 annotationprincipalpermissionmanager.py:1.1.2.1 annotationprincipalrolemanager.py:1.1.2.1 annotationrolepermissionmanager.py:1.1.2.1 configure.zcml:1.1.2.1 localsecuritymap.py:1.1.2.1 permissionroles.py:1.1.2.1 persistentlocalsecuritymap.py:1.1.2.1 rolepermissions.py:1.1.2.1
Jim Fulton
jim@zope.com
Mon, 23 Dec 2002 14:32:18 -0500
Update of /cvs-repository/Zope3/src/zope/app/security/grants
In directory cvs.zope.org:/tmp/cvs-serv19908/zope/app/security/grants
Added Files:
Tag: NameGeddon-branch
__init__.py annotationprincipalpermissionmanager.py
annotationprincipalrolemanager.py
annotationrolepermissionmanager.py configure.zcml
localsecuritymap.py permissionroles.py
persistentlocalsecuritymap.py rolepermissions.py
Log Message:
Initial renaming before debugging
=== Added File Zope3/src/zope/app/security/grants/__init__.py ===
#
# This file is necessary to make this directory a package.
=== Added File Zope3/src/zope/app/security/grants/annotationprincipalpermissionmanager.py ===
##############################################################################
#
# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
# All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.0 (ZPL). A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
"""Mappings between principals and permissions, stored in an object locally."""
from zope.component import getAdapter
from zope.app.interfaces.annotation import IAnnotations
from zope.app.interfaces.security \
import IPrincipalPermissionManager
from zope.app.security.grants.localsecuritymap import LocalSecurityMap
from zope.app.security.settings import Allow, Deny, Unset
annotation_key = 'Zope.App.Security.AnnotationPrincipalPermissionManager'
class AnnotationPrincipalPermissionManager:
"""Mappings between principals and permissions."""
__implements__ = IPrincipalPermissionManager
def __init__(self, context):
self._context = context
def grantPermissionToPrincipal(self, permission_id, principal_id):
''' See the interface IPrincipalPermissionManager '''
pp = self._getPrincipalPermissions(create=1)
pp.addCell(permission_id, principal_id, Allow)
self._context._p_changed = 1
def denyPermissionToPrincipal(self, permission_id, principal_id):
''' See the interface IPrincipalPermissionManager '''
pp = self._getPrincipalPermissions(create=1)
pp.addCell(permission_id, principal_id, Deny)
self._context._p_changed = 1
def unsetPermissionForPrincipal(self, permission_id, principal_id):
''' See the interface IPrincipalPermissionManager '''
pp = self._getPrincipalPermissions()
# Only unset if there is a security map, otherwise, we're done
if pp:
pp.delCell(permission_id, principal_id)
self._context._p_changed = 1
def getPrincipalsForPermission(self, permission_id):
''' See the interface IPrincipalPermissionManager '''
pp = self._getPrincipalPermissions()
if pp:
return pp.getRow(permission_id)
return []
def getPermissionsForPrincipal(self, principal_id):
''' See the interface IPrincipalPermissionManager '''
pp = self._getPrincipalPermissions()
if pp:
return pp.getCol(principal_id)
return []
def getSetting(self, permission_id, principal_id):
''' See the interface IPrincipalPermissionManager '''
pp = self._getPrincipalPermissions()
if pp:
return pp.getCell(permission_id, principal_id, default=Unset)
return []
def getPrincipalsAndPermissions(self):
''' See the interface IPrincipalPermissionManager '''
pp = self._getPrincipalPermissions()
if pp:
return pp.getAllCells()
return []
# Implementation helpers
def _getPrincipalPermissions(self, create=0):
""" Get the principal permission map stored in the context, optionally
creating one if necessary """
# need to remove security proxies here, otherwise we enter
# an infinite loop, becuase checking security depends on
# getting PrincipalPermissions.
from zope.proxy.introspection import removeAllProxies
context = removeAllProxies(self._context)
annotations = getAdapter(context, IAnnotations)
try:
return annotations[annotation_key]
except KeyError:
if create:
rp = annotations[annotation_key] = LocalSecurityMap()
return rp
return None
=== Added File Zope3/src/zope/app/security/grants/annotationprincipalrolemanager.py ===
##############################################################################
#
# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
# All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.0 (ZPL). A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
"""Mappings between principals and roles, stored in an object locally."""
from zope.component import getAdapter
from zope.app.interfaces.annotation import IAnnotations
from zope.app.interfaces.security \
import IPrincipalRoleManager
from zope.app.security.grants.persistentlocalsecuritymap import \
PersistentLocalSecurityMap
from zope.app.security.settings import Allow, Deny, Unset
annotation_key = 'Zope.App.Security.AnnotationPrincipalRoleManager'
class AnnotationPrincipalRoleManager:
"""Mappings between principals and roles."""
__implements__ = IPrincipalRoleManager
def __init__(self, context):
self._context = context
def assignRoleToPrincipal(self, role_id, principal_id):
''' See the interface IPrincipalRoleManager '''
pp = self._getPrincipalRoles(create=1)
pp.addCell(role_id, principal_id, Allow)
def removeRoleFromPrincipal(self, role_id, principal_id):
''' See the interface IPrincipalRoleManager '''
pp = self._getPrincipalRoles(create=1)
pp.addCell(role_id, principal_id, Deny)
def unsetRoleForPrincipal(self, role_id, principal_id):
''' See the interface IPrincipalRoleManager '''
pp = self._getPrincipalRoles()
# Only unset if there is a security map, otherwise, we're done
if pp:
pp.delCell(role_id, principal_id)
def getPrincipalsForRole(self, role_id):
''' See the interface IPrincipalRoleManager '''
pp = self._getPrincipalRoles()
if pp:
return pp.getRow(role_id)
return []
def getRolesForPrincipal(self, principal_id):
''' See the interface IPrincipalRoleManager '''
pp = self._getPrincipalRoles()
if pp:
return pp.getCol(principal_id)
return []
def getSetting(self, role_id, principal_id):
''' See the interface IPrincipalRoleManager '''
pp = self._getPrincipalRoles()
if pp:
return pp.getCell(role_id, principal_id, default=Unset)
return Unset
def getPrincipalsAndRoles(self):
''' See the interface IPrincipalRoleManager '''
pp = self._getPrincipalRoles()
if pp:
return pp.getAllCells()
return []
# Implementation helpers
def _getPrincipalRoles(self, create=0):
""" Get the principal role map stored in the context, optionally
creating one if necessary """
annotations = getAdapter(self._context, IAnnotations)
try:
return annotations[annotation_key]
except KeyError:
if create:
rp = annotations[annotation_key] = PersistentLocalSecurityMap()
return rp
return None
=== Added File Zope3/src/zope/app/security/grants/annotationrolepermissionmanager.py ===
##############################################################################
#
# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
# All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.0 (ZPL). A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
"""
$Id: annotationrolepermissionmanager.py,v 1.1.2.1 2002/12/23 19:32:17 jim Exp $
"""
from zope.component import getAdapter
from zope.app.interfaces.annotation import IAnnotations
from zope.app.interfaces.security import IRolePermissionManager
from zope.app.interfaces.security import IRolePermissionMap
from zope.app.security.grants.persistentlocalsecuritymap import \
PersistentLocalSecurityMap
from zope.app.security.settings import Allow, Deny, Unset
annotation_key = 'Zope.App.Security.AnnotationRolePermissionManager'
class AnnotationRolePermissionManager:
"""
provide adapter that manages role permission data in an object attribute
"""
__implements__ = IRolePermissionManager, IRolePermissionMap
def __init__(self, context):
self._context = context
def grantPermissionToRole(self, permission_id, role_id):
''' See the interface IRolePermissionManager '''
rp = self._getRolePermissions(create=1)
rp.addCell(permission_id, role_id, Allow)
# probably not needed, as annotations should manage
# their own persistence
#self._context._p_changed = 1
def denyPermissionToRole(self, permission_id, role_id):
''' See the interface IRolePermissionManager '''
rp = self._getRolePermissions(create=1)
rp.addCell(permission_id, role_id, Deny)
# probably not needed, as annotations should manage
# their own persistence
#self._context._p_changed = 1
def unsetPermissionFromRole(self, permission_id, role_id):
''' See the interface IRolePermissionManager '''
rp = self._getRolePermissions()
# Only unset if there is a security map, otherwise, we're done
if rp:
rp.delCell(permission_id, role_id)
# probably not needed, as annotations should manage
# their own persistence
#self._context._p_changed = 1
def getRolesForPermission(self, permission_id):
'''See interface IRolePermissionMap'''
rp = self._getRolePermissions()
if rp:
return rp.getRow(permission_id)
else:
return []
def getPermissionsForRole(self, role_id):
'''See interface IRolePermissionMap'''
rp = self._getRolePermissions()
if rp:
return rp.getCol(role_id)
else:
return []
def getRolesAndPermissions(self):
'''See interface IRolePermissionMap'''
rp = self._getRolePermissions()
if rp:
return rp.getAllCells()
else:
return []
def getSetting(self, permission_id, role_id):
'''See interface IRolePermissionMap'''
rp = self._getRolePermissions()
if rp:
return rp.getCell(permission_id, role_id)
else:
return Unset
def _getRolePermissions(self, create=0):
"""Get the role permission map stored in the context, optionally
creating one if necessary"""
# need to remove security proxies here, otherwise we enter
# an infinite loop, becuase checking security depends on
# getting RolePermissions.
from zope.proxy.introspection import removeAllProxies
context = removeAllProxies(self._context)
annotations = getAdapter(context, IAnnotations)
try:
return annotations[annotation_key]
except KeyError:
if create:
rp = annotations[annotation_key] = PersistentLocalSecurityMap()
return rp
return None
=== Added File Zope3/src/zope/app/security/grants/configure.zcml ===
<zopeConfigure
xmlns='http://namespaces.zope.org/zope'
xmlns:browser='http://namespaces.zope.org/browser'
package="Zope.App.Security"
>
<include package=".Grants.Views" />
<content class="zope.app.security.grants.permissionroles.PermissionRoles">
<require
permission="Zope.Security"
attributes="roles rolesInfo"
interface="zope.app.interfaces.security.IRegisteredObject" />
</content>
<content class="zope.app.security.grants.rolepermissions.RolePermissions">
<require
permission="Zope.Security"
attributes="permissions permissionsInfo"
interface="zope.app.interfaces.security.IRegisteredObject" />
</content>
<adapter factory="zope.app.security.grants.annotationrolepermissionmanager.AnnotationRolePermissionManager"
provides="zope.app.interfaces.security.IRolePermissionManager"
for="zope.app.interfaces.annotation.IAnnotatable" />
<adapter factory="zope.app.security.grants.annotationprincipalrolemanager.AnnotationPrincipalRoleManager"
provides="zope.app.interfaces.security.IPrincipalRoleManager"
for="zope.app.interfaces.annotation.IAnnotatable" />
<adapter factory="zope.app.security.grants.annotationprincipalpermissionmanager.AnnotationPrincipalPermissionManager"
provides="zope.app.interfaces.security.IPrincipalPermissionManager"
for="zope.app.interfaces.annotation.IAnnotatable" />
</zopeConfigure>
=== Added File Zope3/src/zope/app/security/grants/localsecuritymap.py ===
##############################################################################
#
# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
# All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.0 (ZPL). A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
""" Generic two-dimensional array type """
from zope.app.interfaces.security.grants.localsecuritymap import ILocalSecurityMap
class LocalSecurityMap(object):
__implements__ = ILocalSecurityMap
def __init__(self):
self._clear()
def _clear(self):
self._byrow = {}
self._bycol = {}
def _empty_mapping(self):
return {}
def addCell(self, rowentry, colentry, value):
# setdefault may get expensive if an empty mapping is
# expensive to create, for PersistentDict for instance.
row = self._byrow.setdefault(rowentry, self._empty_mapping())
row[colentry] = value
col = self._bycol.setdefault(colentry, self._empty_mapping())
col[rowentry] = value
def delCell(self, rowentry, colentry):
row = self._byrow.get(rowentry)
if row and (colentry in row):
del self._byrow[rowentry][colentry]
del self._bycol[colentry][rowentry]
def getCell(self, rowentry, colentry, default=None):
" return the value of a cell by row, entry "
row = self._byrow.get(rowentry)
if row: return row.get(colentry, default)
else: return default
def getRow(self, rowentry):
" return a list of (colentry, value) tuples from a row "
row = self._byrow.get(rowentry)
if row:
return row.items()
else: return []
def getCol(self, colentry):
" return a list of (rowentry, value) tuples from a col "
col = self._bycol.get(colentry)
if col:
return col.items()
else: return []
def getAllCells(self):
" return a list of (rowentry, colentry, value) "
res = []
for r in self._byrow.keys():
for c in self._byrow[r].items():
res.append((r,) + c)
return res
=== Added File Zope3/src/zope/app/security/grants/permissionroles.py ===
##############################################################################
#
# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
# All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.0 (ZPL). A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
"""
$Id: permissionroles.py,v 1.1.2.1 2002/12/23 19:32:17 jim Exp $
"""
from zope.component import getAdapter
from zope.app.interfaces.security import IRolePermissionManager
from zope.app.interfaces.security import IPermission
from zope.app.security.settings import Unset, Allow, Deny
class PermissionRoles:
__implements__ = IPermission
def __init__(self, permission, context, roles):
self._permission = permission
self._context = context
self._roles = roles
def getId(self):
return self._permission.getId()
def getTitle(self):
return self._permission.getTitle()
def getDescription(self):
return self._permission.getDescription()
def roleSettings(self):
"""
Returns the list of setting names of each role for this permission.
"""
prm = getAdapter(self._context, IRolePermissionManager)
proles = prm.getRolesForPermission(self._permission.getId())
settings = {}
for role, setting in proles:
settings[role] = setting.getName()
nosetting = Unset.getName()
return [settings.get(role.getId(), nosetting) for role in self._roles]
=== Added File Zope3/src/zope/app/security/grants/persistentlocalsecuritymap.py ===
##############################################################################
#
# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
# All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.0 (ZPL). A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
""" Generic two-dimensional array type """
from persistence import Persistent
from persistence.dict import PersistentDict
from zope.app.interfaces.security.grants.localsecuritymap import ILocalSecurityMap
from zope.app.security.grants.localsecuritymap import LocalSecurityMap
class PersistentLocalSecurityMap(LocalSecurityMap, Persistent):
__implements__ = ILocalSecurityMap
def _clear(self):
self._byrow = PersistentDict()
self._bycol = PersistentDict()
def _empty_mapping(self):
return PersistentDict()
=== Added File Zope3/src/zope/app/security/grants/rolepermissions.py ===
##############################################################################
#
# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
# All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.0 (ZPL). A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
"""
$Id: rolepermissions.py,v 1.1.2.1 2002/12/23 19:32:17 jim Exp $
"""
from zope.component import getAdapter
from zope.app.interfaces.security import IRolePermissionManager
from zope.app.interfaces.security import IRole
from zope.app.security.settings import Unset
class RolePermissions:
__implements__ = IRole
def __init__(self, role, context, permissions):
self._role = role
self._context = context
self._permissions = permissions
def getId(self):
return self._role.getId()
def getTitle(self):
return self._role.getTitle()
def getDescription(self):
return self._role.getDescription()
def permissionsInfo(self):
prm = getAdapter(self._context, IRolePermissionManager)
rperms = prm.getPermissionsForRole(self._role.getId())
settings = {}
for permission, setting in rperms:
settings[permission] = setting.getName()
nosetting = Unset.getName()
return [{'id': permission.getId(),
'title': permission.getTitle(),
'setting': settings.get(permission.getId(), nosetting)}
for permission in self._permissions]