[Zope3-checkins] CVS: Zope3/src/zope/app/security - zopepolicy.py:1.10

Mon, 2 Jun 2003 12:56:18 -0400

Update of /cvs-repository/Zope3/src/zope/app/security
In directory cvs.zope.org:/tmp/cvs-serv3969/src/zope/app/security

Modified Files:
	zopepolicy.py 
Log Message:
Removed getRolese from IPrincipal and from carious other code.

Principals don't have integral roles.  In Zope 3, all grants,
including role grants are local.  In the future, we'll probably
provide a way for local grants to be found from an auth service to
allow some principal grants to be stored centrally.



=== Zope3/src/zope/app/security/zopepolicy.py 1.9 => 1.10 ===

--- Zope3/src/zope/app/security/zopepolicy.py:1.9	Tue May 27 10:18:23 2003
+++ Zope3/src/zope/app/security/zopepolicy.py	Mon Jun  2 12:55:47 2003
@@ -39,13 +39,6 @@
 globalContext = object()
 
 
-def _computeBasePrincipalRoles(principal, object):
-    roles = tuple(principal.getRoles()) + ('Anonymous',)
-    roledict = {}
-    for role in roles:
-        roledict[role] = Allow
-    return roledict
-
 
 class ZopeSecurityPolicy:
 
@@ -84,7 +77,8 @@
         user = context.user
         if user is system_user:
             return 1
-        roledict = _computeBasePrincipalRoles(user, object)
+
+        roledict = {'Anonymous': Allow}
         principals = {user.getId() : roledict}
 
         role_permissions = {}
@@ -230,7 +224,8 @@
 
 def permissionsOfPrincipal(principal, object):
     permissions = {}
-    roles = _computeBasePrincipalRoles(principal, object)
+
+    roles = {'Anonymous': Allow}
     role_permissions = {}
     principalid = principal.getId()
 



