[Zope3-checkins]
SVN: Zope3/branches/mgedmin-security/src/zope/security/
Added zope.security.checkPermission.
Marius Gedminas
marius at pov.lt
Wed May 12 15:21:59 EDT 2004
Log message for revision 24601:
Added zope.security.checkPermission.
-=-
Modified: Zope3/branches/mgedmin-security/src/zope/security/__init__.py
===================================================================
--- Zope3/branches/mgedmin-security/src/zope/security/__init__.py 2004-05-12 18:59:20 UTC (rev 24600)
+++ Zope3/branches/mgedmin-security/src/zope/security/__init__.py 2004-05-12 19:21:59 UTC (rev 24601)
@@ -5,3 +5,28 @@
# XXX There's a circular import problem with the proxy package.
# The proxy framework needs some refactoring, but not today.
import zope.proxy
+
+from zope.security.checker import CheckerPublic as _CheckerPublic
+from zope.security.management import getSecurityManager as _getSecurityManager
+
+def checkPermission(permission, object, interaction=None):
+ """Return whether security policy allows permission on object.
+
+ Arguments:
+ permission -- A permission name
+ object -- The object being accessed according to the permission
+ interaction -- An interaction, which provides access to information
+ such as authenticated principals. If it is None, the current
+ interaction is used.
+
+ checkPermission is guaranteed to return True if permission is
+ CheckerPublic or None.
+ """
+ if permission is None or permission is _CheckerPublic:
+ return True
+ if interaction is not None:
+ # XXX: transition from contexts to interactions is not complete
+ raise NotImplementedError
+ sm = _getSecurityManager()
+ return sm.checkPermission(permission, object)
+
Modified: Zope3/branches/mgedmin-security/src/zope/security/interfaces.py
===================================================================
--- Zope3/branches/mgedmin-security/src/zope/security/interfaces.py 2004-05-12 18:59:20 UTC (rev 24600)
+++ Zope3/branches/mgedmin-security/src/zope/security/interfaces.py 2004-05-12 19:21:59 UTC (rev 24601)
@@ -187,7 +187,7 @@
"""
-class ISecurityPolicy(Interface): # XXX: will change
+class ISecurityPolicy(Interface):
def createInteraction(participation=None):
"""Creates a new interaction for a given request.
@@ -199,7 +199,7 @@
ISecurityManagement.global setInteractionFactory(factory).
"""
- def checkPermission(permission, object, context):
+ def checkPermission(permission, object, context): # XXX: will change
"""Return whether security context allows permission on object.
Arguments:
Modified: Zope3/branches/mgedmin-security/src/zope/security/tests/test_management.py
===================================================================
--- Zope3/branches/mgedmin-security/src/zope/security/tests/test_management.py 2004-05-12 18:59:20 UTC (rev 24600)
+++ Zope3/branches/mgedmin-security/src/zope/security/tests/test_management.py 2004-05-12 19:21:59 UTC (rev 24601)
@@ -163,9 +163,39 @@
self.assertRaises(AssertionError, endInteraction, _thread=thread)
+ def test_checkPermission(self):
+ from zope.security import checkPermission
+ from zope.security.management import setSecurityPolicy
+ from zope.security.management import getInteraction
+ from zope.security.management import newInteraction
+ permission = 'zope.Test'
+ obj = object()
+ interaction = object()
+
+ class InteractionStub:
+ pass
+
+ class PolicyStub:
+ def createInteraction(s, r):
+ return InteractionStub()
+
+ def checkPermission(s, p, o, i):
+ self.assert_(p is permission)
+ self.assert_(o is obj)
+## XXX: transition from security contexts to interactions is not complete
+## self.assert_(i is getInteraction() or i is interaction)
+ return i is interaction
+
+ setSecurityPolicy(PolicyStub())
+ newInteraction(None)
+ self.assertEquals(checkPermission(permission, obj), False)
+## XXX: transition from security contexts to interactions is not complete
+## self.assertEquals(checkPermission(permission, obj, interaction), True)
+
+
def test_suite():
- loader=unittest.TestLoader()
+ loader = unittest.TestLoader()
return loader.loadTestsFromTestCase(Test)
if __name__=='__main__':
More information about the Zope3-Checkins
mailing list