[Zope3-checkins] CVS: Zope3/src/zope/app/security -
basicauthadapter.py:1.3 configure.zcml:1.13 ftpauth.py:1.2
loginpassword.py:1.4 permission.py:1.11 principal.py:1.6
principallogging.py:1.2 protectclass.py:1.4 settings.py:1.4
Stephan Richter
srichter at cosmos.phy.tufts.edu
Mon Mar 8 07:06:34 EST 2004
Update of /cvs-repository/Zope3/src/zope/app/security
In directory cvs.zope.org:/tmp/cvs-serv13053/src/zope/app/security
Modified Files:
basicauthadapter.py configure.zcml ftpauth.py loginpassword.py
permission.py principal.py principallogging.py protectclass.py
settings.py
Log Message:
Adjusted code to use the new APIs for permissions and principals. Also, use
the utility service instead of the permission registry to look up permissions.
=== Zope3/src/zope/app/security/basicauthadapter.py 1.2 => 1.3 ===
--- Zope3/src/zope/app/security/basicauthadapter.py:1.2 Wed Dec 25 09:13:15 2002
+++ Zope3/src/zope/app/security/basicauthadapter.py Mon Mar 8 07:06:01 2004
@@ -11,12 +11,15 @@
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
-# HTTP Basic Authentication adapter
+"""HTTP Basic Authentication adapter
+$Id$
+"""
from zope.publisher.interfaces.http import IHTTPCredentials
-from zope.app.security.loginpassword import LoginPassword
+from loginpassword import LoginPassword
class BasicAuthAdapter(LoginPassword):
+ """Adapter for handling HTTP Basic Auth."""
__used_for__ = IHTTPCredentials
=== Zope3/src/zope/app/security/configure.zcml 1.12 => 1.13 ===
--- Zope3/src/zope/app/security/configure.zcml:1.12 Sat Feb 21 07:28:55 2004
+++ Zope3/src/zope/app/security/configure.zcml Mon Mar 8 07:06:01 2004
@@ -3,9 +3,27 @@
i18n_domain="zope"
>
- <include package=".registries" />
<include file="globalmodules.zcml" />
<include file="_protections.zcml" />
+ <include package=".browser" />
+
+
+ <serviceType
+ id="Authentication"
+ interface=".interfaces.IAuthenticationService" />
+
+ <service
+ serviceType="Authentication"
+ component=".principalregistry.principalRegistry" />
+
+ <content class=".permission.Permission">
+ <allow interface=".interfaces.IPermission" />
+ </content>
+
+ <content class=".principalregistry.Principal">
+ <allow interface=".interfaces.IPrincipal" />
+ </content>
+
<!-- Standard Permissions -->
@@ -51,23 +69,22 @@
packing the ZODB."
/>
-
<adapter
- factory="zope.app.security.basicauthadapter.BasicAuthAdapter"
- provides="zope.app.interfaces.security.ILoginPassword"
+ factory=".basicauthadapter.BasicAuthAdapter"
+ provides=".interfaces.ILoginPassword"
for="zope.publisher.interfaces.http.IHTTPCredentials"
/>
<adapter
- factory="zope.app.security.ftpauth.FTPAuth"
- provides="zope.app.interfaces.security.ILoginPassword"
+ factory=".ftpauth.FTPAuth"
+ provides=".interfaces.ILoginPassword"
for="zope.publisher.interfaces.ftp.IFTPCredentials"
/>
<adapter
- factory="zope.app.security.principallogging.PrincipalLogging"
+ factory=".principallogging.PrincipalLogging"
provides="zope.publisher.interfaces.logginginfo.ILoggingInfo"
- for="zope.app.interfaces.security.IPrincipal"
+ for=".interfaces.IPrincipal"
/>
</configure>
=== Zope3/src/zope/app/security/ftpauth.py 1.1 => 1.2 ===
--- Zope3/src/zope/app/security/ftpauth.py:1.1 Mon Feb 3 10:08:44 2003
+++ Zope3/src/zope/app/security/ftpauth.py Mon Mar 8 07:06:01 2004
@@ -11,13 +11,15 @@
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
-# HTTP Basic Authentication adapter
+"""FTP Standard Authentication adapter
+$Id$
+"""
from zope.publisher.interfaces.ftp import IFTPCredentials
-from zope.app.security.loginpassword import LoginPassword
+from loginpassword import LoginPassword
class FTPAuth(LoginPassword):
-
+ """Adapter for handling common FTP authentication."""
__used_for__ = IFTPCredentials
__request = None
=== Zope3/src/zope/app/security/loginpassword.py 1.3 => 1.4 ===
--- Zope3/src/zope/app/security/loginpassword.py:1.3 Tue Jun 3 11:45:10 2003
+++ Zope3/src/zope/app/security/loginpassword.py Mon Mar 8 07:06:01 2004
@@ -11,8 +11,12 @@
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
-from zope.app.interfaces.security import ILoginPassword
+"""Login/Password provider
+
+$Id$
+"""
from zope.interface import implements
+from interfaces import ILoginPassword
class LoginPassword:
=== Zope3/src/zope/app/security/permission.py 1.10 => 1.11 ===
--- Zope3/src/zope/app/security/permission.py:1.10 Tue Feb 24 09:12:11 2004
+++ Zope3/src/zope/app/security/permission.py Mon Mar 8 07:06:01 2004
@@ -15,18 +15,28 @@
$Id$
"""
+from zope.interface import implements
from zope.schema import Enumerated, Field
from zope.schema.interfaces import ValidationError
-from zope.component import getService
-from zope.app.services.servicenames import Permissions
-from zope.app.interfaces.security import IPermissionField
from zope.security.checker import CheckerPublic
-from zope.interface import implements
+from zope.app import zapi
+from interfaces import IPermission, IPermissionField
+
+
+class Permission(object):
+ implements(IPermission)
+
+ def __init__(self, id, title="", description=""):
+ self.id = id
+ self.title = title
+ self.description = description
def checkPermission(context, permission_id):
"""Check whether a given permission exists in the provided context."""
- if not getService(context, Permissions).getPermission(permission_id):
+ if permission_id == CheckerPublic:
+ return
+ if not zapi.queryUtility(context, IPermission, name=permission_id):
raise ValueError("Undefined permission id", permission_id)
@@ -38,6 +48,25 @@
if value is CheckerPublic:
return
super(PermissionField, self)._validate(value)
- service = getService(self.context, Permissions)
- if service.getPermission(value) is None:
+ if zapi.queryUtility(self.context, IPermission, name=value) is None:
raise ValidationError("Unknown permission", value)
+
+
+def _addCheckerPublic():
+ """Add the CheckerPublic permission as 'zope.Public'"""
+ from zope.component.utility import utilityService
+ perm = Permission('zope.Public', 'Public',
+ """Special permission used for resources that are always public
+
+ The public permission is effectively an optimization, sine
+ it allows security computation to be bypassed.
+ """
+ )
+ utilityService.provideUtility(IPermission, perm, perm.id)
+
+_addCheckerPublic()
+
+# Register our cleanup with Testing.CleanUp to make writing unit tests simpler.
+from zope.testing.cleanup import addCleanUp
+addCleanUp(_addCheckerPublic)
+del addCleanUp
=== Zope3/src/zope/app/security/principal.py 1.5 => 1.6 ===
--- Zope3/src/zope/app/security/principal.py:1.5 Mon Jan 5 03:06:12 2004
+++ Zope3/src/zope/app/security/principal.py Mon Mar 8 07:06:01 2004
@@ -15,15 +15,14 @@
$Id$
"""
-
from zope.exceptions import NotFoundError
-from zope.component import getService
+from zope.app import zapi
from zope.app.services.servicenames import Authentication
def checkPrincipal(context, principal_id):
try:
- if getService(context, Authentication).getPrincipal(principal_id):
+ if zapi.getService(context, Authentication).getPrincipal(principal_id):
return
except NotFoundError:
pass
=== Zope3/src/zope/app/security/principallogging.py 1.1 => 1.2 ===
--- Zope3/src/zope/app/security/principallogging.py:1.1 Tue Jul 22 11:09:35 2003
+++ Zope3/src/zope/app/security/principallogging.py Mon Mar 8 07:06:01 2004
@@ -15,7 +15,6 @@
$Id$
"""
-
from zope.interface import implements
from zope.publisher.interfaces.logginginfo import ILoggingInfo
@@ -27,4 +26,4 @@
self.principal = principal
def getLogMessage(self):
- return str(self.principal.getId())
+ return str(self.principal.id)
=== Zope3/src/zope/app/security/protectclass.py 1.3 => 1.4 ===
--- Zope3/src/zope/app/security/protectclass.py:1.3 Fri Aug 15 20:44:01 2003
+++ Zope3/src/zope/app/security/protectclass.py Mon Mar 8 07:06:01 2004
@@ -11,25 +11,20 @@
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
-"""Make assertions about permissions needed to access class instances attributes
-"""
-
-from zope.app.security.exceptions import UndefinedPermissionError
-from zope.app.security.registries.permissionregistry import permissionRegistry
+"""Make assertions about permissions needed to access class instances
+attributes
+$Id$
+"""
from zope.security.checker import defineChecker, getCheckerForInstancesOf
from zope.security.checker import Checker, CheckerPublic
-def checkPermission(permission):
- """Check to make sure that the permission is valid.
- """
- if not permissionRegistry.definedPermission(permission):
- raise UndefinedPermissionError(permission)
+from permission import checkPermission
-def protectName(class_, name, permission):
- "Set a permission on a particular name."
- checkPermission(permission)
+def protectName(class_, name, permission):
+ """Set a permission on a particular name."""
+ checkPermission(None, permission)
checker = getCheckerForInstancesOf(class_)
if checker is None:
@@ -45,9 +40,8 @@
protections[name] = permission
def protectSetAttribute(class_, name, permission):
- "Set a permission on a particular name."
-
- checkPermission(permission)
+ """Set a permission on a particular name."""
+ checkPermission(None, permission)
checker = getCheckerForInstancesOf(class_)
if checker is None:
@@ -63,8 +57,7 @@
protections[name] = permission
def protectLikeUnto(class_, like_unto):
- """Use the protections from like_unto for class_
- """
+ """Use the protections from like_unto for class_"""
unto_checker = getCheckerForInstancesOf(like_unto)
if unto_checker is None:
=== Zope3/src/zope/app/security/settings.py 1.3 => 1.4 ===
--- Zope3/src/zope/app/security/settings.py:1.3 Wed Jan 14 17:55:23 2004
+++ Zope3/src/zope/app/security/settings.py Mon Mar 8 07:06:01 2004
@@ -11,8 +11,10 @@
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
-""" Security setting constants """
+"""Security setting constants
+$Id$
+"""
class PermissionSetting(object):
"""PermissionSettings should be considered as immutable.
More information about the Zope3-Checkins
mailing list