[Zope3-checkins] CVS: Zope3/src/zope/security -
interfaces.py:1.8.2.4 management.py:1.5.2.3
readme.txt:1.5.12.3 simpleinteraction.py:1.1.2.2
simplepolicies.py:1.6.2.3
Marius Gedminas
marius at pov.lt
Fri Mar 19 13:51:30 EST 2004
Update of /cvs-repository/Zope3/src/zope/security
In directory cvs.zope.org:/tmp/cvs-serv26650/src/zope/security
Modified Files:
Tag: mgedmin-events2-branch
interfaces.py management.py readme.txt simpleinteraction.py
simplepolicies.py
Log Message:
Added IParticipation and replaced the lists of principals in IInteraction with
a list of participations. Made BaseRequest an IParticipation and replaced
request.user with request.principal everywhere.
=== Zope3/src/zope/security/interfaces.py 1.8.2.3 => 1.8.2.4 ===
--- Zope3/src/zope/security/interfaces.py:1.8.2.3 Mon Mar 8 16:50:58 2004
+++ Zope3/src/zope/security/interfaces.py Fri Mar 19 13:50:56 2004
@@ -114,9 +114,11 @@
class ISecurityPolicy(Interface):
- def createInteraction(request):
+ def createInteraction(participation=None):
"""Creates a new interaction for a given request.
+ If participation is not None, it is added to the new interaction.
+
XXX perhaps this should be a separate interface IInteractionFactory,
and the factory registered by calling
ISecurityManagement.global setInteractionFactory(factory).
@@ -137,20 +139,29 @@
"""A representation of an interaction between some actors and the system.
"""
- principals = Attribute("""An iterable of principals.""")
+ participations = Attribute("""An iterable of participations.""")
+
+ def add(participation):
+ """Add a participation."""
+
+ def remove(participation):
+ """Remove a participation."""
- def add(principal):
- """Add a participant."""
- def remove(principal):
- """Remove a participant."""
+class IParticipation(Interface):
+
+ interaction = Attribute("The interaction")
+ principal = Attribute("The authenticated principal")
class IInteractionManagement(Interface):
"""Interaction management API."""
- def newInteraction(request):
- """Start a new interaction."""
+ def newInteraction(participation=None):
+ """Start a new interaction.
+
+ If participation is not None, it is added to the new interaction.
+ """
def getInteraction():
"""Return the current interaction.
@@ -160,5 +171,5 @@
"""
def endInteraction():
- """Finish the current interaction."""
+ """End the current interaction."""
=== Zope3/src/zope/security/management.py 1.5.2.2 => 1.5.2.3 ===
--- Zope3/src/zope/security/management.py:1.5.2.2 Mon Mar 8 14:28:44 2004
+++ Zope3/src/zope/security/management.py Fri Mar 19 13:50:56 2004
@@ -68,14 +68,14 @@
"""Get the current interaction."""
return thread_globals(_thread).interaction
-def newInteraction(request, _thread=None, _policy=None):
+def newInteraction(participation=None, _thread=None, _policy=None):
"""Start a new interaction."""
if getInteraction(_thread) is not None:
stack = getInteraction(_thread)._newInteraction_called_from
raise AssertionError("newInteraction called"
" while another interaction is active:\n%s"
% "".join(traceback.format_list(stack)))
- interaction = _defaultPolicy.createInteraction(request)
+ interaction = _defaultPolicy.createInteraction(participation)
interaction._newInteraction_called_from = traceback.extract_stack()
thread_globals(_thread).interaction = interaction
=== Zope3/src/zope/security/readme.txt 1.5.12.2 => 1.5.12.3 ===
--- Zope3/src/zope/security/readme.txt:1.5.12.2 Mon Mar 8 13:43:44 2004
+++ Zope3/src/zope/security/readme.txt Fri Mar 19 13:50:56 2004
@@ -31,7 +31,7 @@
permission name, and an interaction.
Interactions are containers of transient information such as the
- list of authenticated principals.
+ list of participations.
XXX this needs some rewrite since security contexts were replaced
with interactions
@@ -235,7 +235,7 @@
def checkPermission(self, permission, object, interaction):
- user = interaction.principals[0] # XXX
+ user = interaction.participations[0].principal # XXX
token = user.getAuthenticationToken()
home = object.getHome()
db = getattr(SimulationSecurityDatabase, home.getId(), None)
=== Zope3/src/zope/security/simpleinteraction.py 1.1.2.1 => 1.1.2.2 ===
--- Zope3/src/zope/security/simpleinteraction.py:1.1.2.1 Mon Mar 8 13:43:44 2004
+++ Zope3/src/zope/security/simpleinteraction.py Fri Mar 19 13:50:56 2004
@@ -28,19 +28,27 @@
implements(IInteraction)
def __init__(self):
- self.principals = []
+ self.participations = []
- def add(self, principal):
- self.principals.append(principal)
+ def add(self, participation):
+ if participation.interaction is not None:
+ raise ValueError("%r already belongs to an interaction"
+ % participation)
+ participation.interaction = self
+ self.participations.append(participation)
- def remove(self, principal):
- self.principals.remove(principal)
+ def remove(self, participation):
+ if participation.interaction is not self:
+ raise ValueError("%r does not belong to this interaction"
+ % participation)
+ self.participations.remove(participation)
+ participation.interaction = None
-def createInteraction(request):
+def createInteraction(participation=None):
"""A helper for implementing ISecurityPolicy.createInteraction"""
interaction = Interaction()
- if request is not None:
- interaction.add(request.user)
+ if participation is not None:
+ interaction.add(participation)
return interaction
=== Zope3/src/zope/security/simplepolicies.py 1.6.2.2 => 1.6.2.3 ===
--- Zope3/src/zope/security/simplepolicies.py:1.6.2.2 Mon Mar 8 14:28:44 2004
+++ Zope3/src/zope/security/simplepolicies.py Fri Mar 19 13:50:56 2004
@@ -35,7 +35,7 @@
if interaction is None:
interaction = getInteraction()
- users = list(interaction.principals)
+ users = [p.principal for p in interaction.participations]
if len(users) == 1 and users[0] is system_user:
return True # Nobody not to trust!
More information about the Zope3-Checkins
mailing list