[Zope3-checkins] CVS: Zope3/src/zope/security - interfaces.py:1.8.2.4 management.py:1.5.2.3 readme.txt:1.5.12.3 simpleinteraction.py:1.1.2.2 simplepolicies.py:1.6.2.3

Marius Gedminas marius at pov.lt
Fri Mar 19 13:51:30 EST 2004


Update of /cvs-repository/Zope3/src/zope/security
In directory cvs.zope.org:/tmp/cvs-serv26650/src/zope/security

Modified Files:
      Tag: mgedmin-events2-branch
	interfaces.py management.py readme.txt simpleinteraction.py 
	simplepolicies.py 
Log Message:
Added IParticipation and replaced the lists of principals in IInteraction with
a list of participations.  Made BaseRequest an IParticipation and replaced
request.user with request.principal everywhere.



=== Zope3/src/zope/security/interfaces.py 1.8.2.3 => 1.8.2.4 ===
--- Zope3/src/zope/security/interfaces.py:1.8.2.3	Mon Mar  8 16:50:58 2004
+++ Zope3/src/zope/security/interfaces.py	Fri Mar 19 13:50:56 2004
@@ -114,9 +114,11 @@
 
 class ISecurityPolicy(Interface):
 
-    def createInteraction(request):
+    def createInteraction(participation=None):
         """Creates a new interaction for a given request.
 
+        If participation is not None, it is added to the new interaction.
+
         XXX perhaps this should be a separate interface IInteractionFactory,
             and the factory registered by calling
             ISecurityManagement.global setInteractionFactory(factory).
@@ -137,20 +139,29 @@
     """A representation of an interaction between some actors and the system.
     """
 
-    principals = Attribute("""An iterable of principals.""")
+    participations = Attribute("""An iterable of participations.""")
+
+    def add(participation):
+        """Add a participation."""
+
+    def remove(participation):
+        """Remove a participation."""
 
-    def add(principal):
-        """Add a participant."""
 
-    def remove(principal):
-        """Remove a participant."""
+class IParticipation(Interface):
+
+    interaction = Attribute("The interaction")
+    principal = Attribute("The authenticated principal")
 
 
 class IInteractionManagement(Interface):
     """Interaction management API."""
 
-    def newInteraction(request):
-        """Start a new interaction."""
+    def newInteraction(participation=None):
+        """Start a new interaction.
+
+        If participation is not None, it is added to the new interaction.
+        """
 
     def getInteraction():
         """Return the current interaction.
@@ -160,5 +171,5 @@
         """
 
     def endInteraction():
-        """Finish the current interaction."""
+        """End the current interaction."""
 


=== Zope3/src/zope/security/management.py 1.5.2.2 => 1.5.2.3 ===
--- Zope3/src/zope/security/management.py:1.5.2.2	Mon Mar  8 14:28:44 2004
+++ Zope3/src/zope/security/management.py	Fri Mar 19 13:50:56 2004
@@ -68,14 +68,14 @@
     """Get the current interaction."""
     return thread_globals(_thread).interaction
 
-def newInteraction(request, _thread=None, _policy=None):
+def newInteraction(participation=None, _thread=None, _policy=None):
     """Start a new interaction."""
     if getInteraction(_thread) is not None:
         stack = getInteraction(_thread)._newInteraction_called_from
         raise AssertionError("newInteraction called"
                              " while another interaction is active:\n%s"
                              % "".join(traceback.format_list(stack)))
-    interaction = _defaultPolicy.createInteraction(request)
+    interaction = _defaultPolicy.createInteraction(participation)
     interaction._newInteraction_called_from = traceback.extract_stack()
     thread_globals(_thread).interaction = interaction
 


=== Zope3/src/zope/security/readme.txt 1.5.12.2 => 1.5.12.3 ===
--- Zope3/src/zope/security/readme.txt:1.5.12.2	Mon Mar  8 13:43:44 2004
+++ Zope3/src/zope/security/readme.txt	Fri Mar 19 13:50:56 2004
@@ -31,7 +31,7 @@
     permission name, and an interaction.
 
     Interactions are containers of transient information such as the
-    list of authenticated principals.
+    list of participations.
 
     XXX this needs some rewrite since security contexts were replaced
         with interactions
@@ -235,7 +235,7 @@
 
         def checkPermission(self, permission, object, interaction):
 
-            user = interaction.principals[0] # XXX
+            user = interaction.participations[0].principal # XXX
             token = user.getAuthenticationToken()
             home = object.getHome()
             db = getattr(SimulationSecurityDatabase, home.getId(), None)


=== Zope3/src/zope/security/simpleinteraction.py 1.1.2.1 => 1.1.2.2 ===
--- Zope3/src/zope/security/simpleinteraction.py:1.1.2.1	Mon Mar  8 13:43:44 2004
+++ Zope3/src/zope/security/simpleinteraction.py	Fri Mar 19 13:50:56 2004
@@ -28,19 +28,27 @@
     implements(IInteraction)
 
     def __init__(self):
-        self.principals = []
+        self.participations = []
 
-    def add(self, principal):
-        self.principals.append(principal)
+    def add(self, participation):
+        if participation.interaction is not None:
+            raise ValueError("%r already belongs to an interaction"
+                             % participation)
+        participation.interaction = self
+        self.participations.append(participation)
 
-    def remove(self, principal):
-        self.principals.remove(principal)
+    def remove(self, participation):
+        if participation.interaction is not self:
+            raise ValueError("%r does not belong to this interaction"
+                             % participation)
+        self.participations.remove(participation)
+        participation.interaction = None
 
 
-def createInteraction(request):
+def createInteraction(participation=None):
     """A helper for implementing ISecurityPolicy.createInteraction"""
     interaction = Interaction()
-    if request is not None:
-        interaction.add(request.user)
+    if participation is not None:
+        interaction.add(participation)
     return interaction
 


=== Zope3/src/zope/security/simplepolicies.py 1.6.2.2 => 1.6.2.3 ===
--- Zope3/src/zope/security/simplepolicies.py:1.6.2.2	Mon Mar  8 14:28:44 2004
+++ Zope3/src/zope/security/simplepolicies.py	Fri Mar 19 13:50:56 2004
@@ -35,7 +35,7 @@
 
         if interaction is None:
             interaction = getInteraction()
-        users = list(interaction.principals)
+        users = [p.principal for p in interaction.participations]
         if len(users) == 1 and users[0] is system_user:
             return True # Nobody not to trust!
 




More information about the Zope3-Checkins mailing list