[Zope3-checkins] CVS: Zope3/src/zope/security - checker.py:1.22.2.2

Steve Alexander steve@cat-box.net
Wed, 14 May 2003 09:54:43 -0400 

Update of /cvs-repository/Zope3/src/zope/security
In directory cvs.zope.org:/tmp/cvs-serv32758/src/zope/security

Modified Files:
      Tag: stevea-decorators-branch
	checker.py 
Log Message:
Wrote tests for ProxyFactory (there were none), and made its semantics
clearer.
Implemented more decorator factory functionality.


=== Zope3/src/zope/security/checker.py 1.22.2.1 => 1.22.2.2 ===
--- Zope3/src/zope/security/checker.py:1.22.2.1	Wed May 14 06:39:05 2003
+++ Zope3/src/zope/security/checker.py	Wed May 14 09:54:12 2003
@@ -30,9 +30,8 @@
 from zope.security.interfaces import IChecker
 from zope.security.interfaces import ISecurityProxyFactory
 from zope.security.management import getSecurityManager
-from zope.security._proxy import _Proxy as Proxy
-from zope.exceptions \
-     import Unauthorized, ForbiddenAttribute, DuplicationError
+from zope.security._proxy import _Proxy as Proxy, getChecker
+from zope.exceptions import Unauthorized, ForbiddenAttribute, DuplicationError
 
 __metaclass__ = type
 
@@ -47,21 +46,26 @@
 
     The proxy checker is looked up if not provided.
     """
-
+    if type(object) is Proxy:
+        if checker is None or checker is getChecker(object):
+            return object
+        else:
+            # We have a proxy, but someone asked us to change its checker.
+            # Let's raise an exception.
+            #
+            # Other reasonable actions would be to either keep the existing
+            # proxy, or to create a new one with the given checker.
+            # The latter might be a security hole though, if untrusted code
+            # can call ProxyFactory.
+            raise TypeError("Tried to use ProxyFactory to change a Proxy's"
+                            " checker.")
     if checker is None:
         checker = getattr(object, '__Security_checker__', None)
 
-    if checker is None:
-
-        checker = selectChecker(object)
         if checker is None:
-            return object
-
-    else:
-        # Maybe someone passed us a proxy and a checker
-        if type(object) is Proxy:
-            # XXX should we keep the existing proxy or create a new one.
-            return object
+            checker = selectChecker(object)
+            if checker is None:
+                return object
 
     return Proxy(object, checker)