[Zope3-checkins] CVS: Zope3/src/zope/security - management.py:1.5.2.2 simplepolicies.py:1.6.2.2

[Marius Gedminas]

Update of /cvs-repository/Zope3/src/zope/security
In directory cvs.zope.org:/tmp/cvs-serv26336/src/zope/security

Modified Files:
      Tag: mgedmin-events2-branch
	management.py simplepolicies.py 
Log Message:
I've decided that the interaction on security proxies is just a cache, and
therefore security policies should cope with it being None and should use
getInteraction() in that case.  (This policy can become problematic if a
security proxy created in one interaction survives it.  However, if this
policy is changed, then storing interactions in security proxies makes
no sense.)

Also added a missing call to endInteraction in the functional test mechanism.
(I'm really starting to think that endInteraction should never throw) and
some debugging code in newInteraction that helps finding the place where
a "leaked" interaction was created.



=== Zope3/src/zope/security/management.py 1.5.2.1 => 1.5.2.2 ===
--- Zope3/src/zope/security/management.py:1.5.2.1	Mon Mar  8 13:43:44 2004
+++ Zope3/src/zope/security/management.py	Mon Mar  8 14:28:44 2004
@@ -20,18 +20,17 @@
 # zope.security.simplepolicies needs it
 system_user = object()
 
+import traceback
+
 from zope.interface import moduleProvides
 from zope.security.interfaces import ISecurityManagement
 from zope.security.interfaces import IInteractionManagement
-from zope.security.simplepolicies import ParanoidSecurityPolicy
 from zope.testing.cleanup import addCleanUp
 from zope.thread import thread_globals
 
 moduleProvides(ISecurityManagement, IInteractionManagement)
 
 
-_defaultPolicy = ParanoidSecurityPolicy()
-
 def _clear():
     global _defaultPolicy
     _defaultPolicy = ParanoidSecurityPolicy()
@@ -72,9 +71,12 @@
 def newInteraction(request, _thread=None, _policy=None):
     """Start a new interaction."""
     if getInteraction(_thread) is not None:
+        stack = getInteraction(_thread)._newInteraction_called_from
         raise AssertionError("newInteraction called"
-                             " while another interaction is active")
+                             " while another interaction is active:\n%s"
+                             % "".join(traceback.format_list(stack)))
     interaction = _defaultPolicy.createInteraction(request)
+    interaction._newInteraction_called_from = traceback.extract_stack()
     thread_globals(_thread).interaction = interaction
 
 def endInteraction(_thread=None):
@@ -90,3 +92,8 @@
 
 addCleanUp(_cleanUp)
 
+
+# circular imports are not fun
+
+from zope.security.simplepolicies import ParanoidSecurityPolicy
+_defaultPolicy = ParanoidSecurityPolicy()


=== Zope3/src/zope/security/simplepolicies.py 1.6.2.1 => 1.6.2.2 ===
--- Zope3/src/zope/security/simplepolicies.py:1.6.2.1	Mon Mar  8 13:43:44 2004
+++ Zope3/src/zope/security/simplepolicies.py	Mon Mar  8 14:28:44 2004
@@ -18,7 +18,7 @@
 
 from zope.interface import implements
 from zope.security.interfaces import ISecurityPolicy
-from zope.security.management import system_user
+from zope.security.management import system_user, getInteraction
 from zope.security.simpleinteraction import createInteraction \
                                             as _createInteraction
 import zope.security.checker
@@ -33,6 +33,8 @@
         if permission is zope.security.checker.CheckerPublic:
             return True
 
+        if interaction is None:
+            interaction = getInteraction()
         users = list(interaction.principals)
         if len(users) == 1 and users[0] is system_user:
             return True # Nobody not to trust!