[Zope3-checkins] CVS: Zope3/src/zope/app/security - loginpassword.py:1.2.26.1 permission.py:1.7.14.1 zopepolicy.py:1.8.10.1
Grégoire Weber
zope@i-con.ch
Sun, 22 Jun 2003 10:24:27 -0400
Update of /cvs-repository/Zope3/src/zope/app/security
In directory cvs.zope.org:/tmp/cvs-serv24874/src/zope/app/security
Modified Files:
Tag: cw-mail-branch
loginpassword.py permission.py zopepolicy.py
Log Message:
Synced up with HEAD
=== Zope3/src/zope/app/security/loginpassword.py 1.2 => 1.2.26.1 ===
--- Zope3/src/zope/app/security/loginpassword.py:1.2 Wed Dec 25 09:13:15 2002
+++ Zope3/src/zope/app/security/loginpassword.py Sun Jun 22 10:23:23 2003
@@ -12,10 +12,11 @@
#
##############################################################################
from zope.app.interfaces.security import ILoginPassword
+from zope.interface import implements
class LoginPassword:
- __implements__ = ILoginPassword
+ implements(ILoginPassword)
def __init__(self, login, password):
self.__login = login
=== Zope3/src/zope/app/security/permission.py 1.7 => 1.7.14.1 ===
--- Zope3/src/zope/app/security/permission.py:1.7 Mon Apr 14 14:21:36 2003
+++ Zope3/src/zope/app/security/permission.py Sun Jun 22 10:23:23 2003
@@ -22,16 +22,17 @@
from zope.app.services.servicenames import Permissions
from zope.app.interfaces.security import IPermissionField
from zope.security.checker import CheckerPublic
+from zope.interface import implements
def checkPermission(context, permission_id):
-
+
if not getService(context, Permissions).getPermission(permission_id):
raise ValueError("Undefined permission id", permission_id)
class PermissionField(Enumerated, Field):
__doc__ = IPermissionField.__doc__
- __implements__ = IPermissionField
+ implements(IPermissionField)
def _validate(self, value):
if value is CheckerPublic:
=== Zope3/src/zope/app/security/zopepolicy.py 1.8 => 1.8.10.1 ===
--- Zope3/src/zope/app/security/zopepolicy.py:1.8 Thu May 1 15:35:31 2003
+++ Zope3/src/zope/app/security/zopepolicy.py Sun Jun 22 10:23:23 2003
@@ -18,7 +18,7 @@
__version__='$Revision$'[11:-2]
from zope.component import queryAdapter
-from zope.proxy.context import ContainmentIterator
+from zope.context import ContainmentIterator
from zope.security.interfaces import ISecurityPolicy
from zope.security.management import system_user
@@ -30,6 +30,7 @@
from zope.app.security.grants.rolepermission import rolePermissionManager
from zope.app.security.grants.principalrole import principalRoleManager
from zope.app.security.settings import Allow, Deny
+from zope.interface import implements
getPermissionsForPrincipal = \
principalPermissionManager.getPermissionsForPrincipal
@@ -39,19 +40,11 @@
globalContext = object()
-def _computeBasePrincipalRoles(principal, object):
- roles = tuple(principal.getRoles()) + ('Anonymous',)
- roledict = {}
- for role in roles:
- roledict[role] = Allow
- return roledict
-
-
class ZopeSecurityPolicy:
- __implements__ = ISecurityPolicy
+ implements(ISecurityPolicy)
- def __init__(self, ownerous=1, authenticated=1):
+ def __init__(self, ownerous=True, authenticated=True):
"""
Two optional keyword arguments may be provided:
@@ -83,8 +76,9 @@
# mapping from principal to set of roles
user = context.user
if user is system_user:
- return 1
- roledict = _computeBasePrincipalRoles(user, object)
+ return True
+
+ roledict = {'Anonymous': Allow}
principals = {user.getId() : roledict}
role_permissions = {}
@@ -98,9 +92,9 @@
getPermissionsForPrincipal(principal)):
if principal_permission == permission:
if setting is Deny:
- return 0
+ return False
assert setting is Allow
- remove[principal] = 1
+ remove[principal] = True
# Clean out removed principals
if remove:
@@ -111,8 +105,7 @@
remove.clear()
else:
# we've eliminated all the principals
- return 1
-
+ return True
# get placeless principal roles
for principal in principals:
@@ -139,8 +132,8 @@
if permission in role_permissions[role]:
setting = role_permissions[role][permission]
if setting is Deny:
- return 0
- remove[principal] = 1
+ return False
+ remove[principal] = True
# Clean out removed principals
@@ -152,7 +145,7 @@
remove.clear()
else:
# we've eliminated all the principals
- return 1
+ return True
# Look for placeful grants
for place in ContainmentIterator(object):
@@ -165,10 +158,10 @@
prinper.getPermissionsForPrincipal(principal)):
if principal_permission == permission:
if setting is Deny:
- return 0
+ return False
assert setting is Allow
- remove[principal] = 1
+ remove[principal] = True
# Clean out removed principals
if remove:
@@ -179,7 +172,7 @@
remove.clear()
else:
# we've eliminated all the principals
- return 1
+ return True
# Collect principal roles
prinrole = queryAdapter(place, IPrincipalRoleMap)
@@ -211,8 +204,8 @@
if permission in role_permissions[role]:
setting = role_permissions[role][permission]
if setting is Deny:
- return 0
- remove[principal] = 1
+ return False
+ remove[principal] = True
# Clean out removed principals
if remove:
@@ -223,14 +216,15 @@
remove.clear()
else:
# we've eliminated all the principals
- return 1
+ return True
- return 0 # deny by default
+ return False # deny by default
def permissionsOfPrincipal(principal, object):
permissions = {}
- roles = _computeBasePrincipalRoles(principal, object)
+
+ roles = {'Anonymous': Allow}
role_permissions = {}
principalid = principal.getId()