[Zope3-checkins] SVN: Zope3/branches/mgedmin-security/src/zope/ Get rid of security managers and security contexts.

Marius Gedminas marius at pov.lt
Wed May 12 17:42:14 EDT 2004


Log message for revision 24615:
Get rid of security managers and security contexts.




-=-
Modified: Zope3/branches/mgedmin-security/src/zope/app/security/metaconfigure.py
===================================================================
--- Zope3/branches/mgedmin-security/src/zope/app/security/metaconfigure.py	2004-05-12 21:38:07 UTC (rev 24614)
+++ Zope3/branches/mgedmin-security/src/zope/app/security/metaconfigure.py	2004-05-12 21:42:14 UTC (rev 24615)
@@ -19,7 +19,7 @@
 
 from zope.security.checker import moduleChecker, Checker, defineChecker
 from zope.security.checker import CheckerPublic
-from zope.security.manager import setSecurityPolicy
+from zope.security.management import setSecurityPolicy
 from zope.app.security.interfaces import IPermission
 from zope.app.security.permission import Permission
 from zope.app.security.protectclass import checkPermission

Deleted: Zope3/branches/mgedmin-security/src/zope/security/context.py
===================================================================
--- Zope3/branches/mgedmin-security/src/zope/security/context.py	2004-05-12 21:38:07 UTC (rev 24614)
+++ Zope3/branches/mgedmin-security/src/zope/security/context.py	2004-05-12 21:42:14 UTC (rev 24615)
@@ -1,39 +0,0 @@
-##############################################################################
-#
-# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
-# All Rights Reserved.
-#
-# This software is subject to the provisions of the Zope Public License,
-# Version 2.0 (ZPL).  A copy of the ZPL should accompany this distribution.
-# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
-# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
-# FOR A PARTICULAR PURPOSE.
-#
-##############################################################################
-"""Default 'ISecurityContext' implementation.
-
-$Id: context.py,v 1.5 2004/02/20 20:42:12 srichter Exp $
-"""
-from zope.security.interfaces import ISecurityContext
-from zope.interface import implements
-
-class SecurityContext:
-    """Capture transient request-specific security information.
-
-    Attribute('stack',
-              'A stack of elements, each either be an ExecutableObject or a'
-              ' tuple consisting of an ExecutableObject and a custom'
-              ' SecurityPolicy.'
-              )
-
-    Attribute('user',
-              'The AUTHENTICATED_USER for the request.'
-              )
-    """
-    implements(ISecurityContext)
-
-    def __init__(self, user):
-        self.stack       = []
-        self.user        = user
-        self.objectCache = {}

Modified: Zope3/branches/mgedmin-security/src/zope/security/interfaces.py
===================================================================
--- Zope3/branches/mgedmin-security/src/zope/security/interfaces.py	2004-05-12 21:38:07 UTC (rev 24614)
+++ Zope3/branches/mgedmin-security/src/zope/security/interfaces.py	2004-05-12 21:42:14 UTC (rev 24615)
@@ -60,57 +60,6 @@
         """
 
 
-# XXX This interface has too much Zope application dependence. This
-# needs to be refactored somehow.
-
-class ISecurityManager(Interface):  # XXX: going away
-    """
-        A security manager provides methods for checking access and managing
-        executable context and policies.
-    """
-
-    def getPrincipal():
-        """Return the authenticated principal.
-
-        This is equivalent to something like::
-        REQUEST['AUTHENTICATED_USER']
-        but is a bit cleaner, especially if 'REQUEST' isn't handy.
-
-        An IPrincipal object wrapped in a context of its
-        AuthenticationService is returned.
-        """
-
-    def checkPermission(permission, object):
-        """Return whether security context allows permission on object.
-
-        Arguments:
-        permission -- A permission name
-        object -- The object being accessed according to the permission
-        """
-
-    def pushExecutable(anExecutableObject):
-        """
-            Push an ExecutableObject onto the manager's stack, and
-            activate its custom security policy, if any.
-        """
-
-    def popExecutable(anExecutableObject):
-        """
-            Pop the topmost ExecutableObject from the stack, deactivating
-            any custom security policy it might have installed.
-        """
-
-    def calledByExecutable():
-        """
-            Return a boolean indicating whether the current request has
-            invoked any IExecutableObjects.
-
-            This can be used to determine if an object was called
-            (more or less) directly from a URL, or if it was called by
-            through-the-web provided code.
-        """
-
-
 class IChecker(Interface):
     """Security-proxy plugin objects that implement low-level checks
 
@@ -184,20 +133,6 @@
         """
 
 
-class ISecurityContext(Interface):  # XXX: going away
-    """Capture transient request-specific security information."""
-
-    Attribute('stack',
-              'A stack of elements, each either be an ExecutableObject'
-              'or a tuple consisting of an ExecutableObject and a'
-              'custom SecurityPolicy.'
-            )
-
-    Attribute('user',
-              'The AUTHENTICATED_USER for the request.'
-              )
-
-
 class IInteraction(Interface):
     """A representation of an interaction between some actors and the system.
     """

Modified: Zope3/branches/mgedmin-security/src/zope/security/management.py
===================================================================
--- Zope3/branches/mgedmin-security/src/zope/security/management.py	2004-05-12 21:38:07 UTC (rev 24614)
+++ Zope3/branches/mgedmin-security/src/zope/security/management.py	2004-05-12 21:42:14 UTC (rev 24615)
@@ -16,7 +16,7 @@
 $Id: management.py,v 1.5 2004/02/20 20:42:12 srichter Exp $
 """
 # Special system user that has all permissions
-# zope.security.manager needs it
+# zope.security.simplepolicies needs it
 system_user = object()
 
 import traceback
@@ -24,21 +24,26 @@
 from zope.interface import moduleProvides
 from zope.security.interfaces import ISecurityManagement
 from zope.security.interfaces import IInteractionManagement
-from zope.security.manager import setSecurityPolicy as _setSecurityPolicy
-from zope.security.manager import getSecurityPolicy as _getSecurityPolicy
 from zope.testing.cleanup import addCleanUp
 from zope.thread import thread_globals
 
 moduleProvides(ISecurityManagement, IInteractionManagement)
 
 
+def _clear():
+    global _defaultPolicy
+    _defaultPolicy = ParanoidSecurityPolicy()
+
+addCleanUp(_clear)
+
+
 #
 #   ISecurityManagement implementation
 #
 
 def getSecurityPolicy():
     """Get the system default security policy."""
-    return _getSecurityPolicy()
+    return _defaultPolicy
 
 def setSecurityPolicy(aSecurityPolicy):
     """Set the system default security policy, and return the previous
@@ -47,9 +52,13 @@
     This method should only be called by system startup code.
     It should never, for example, be called during a web request.
     """
-    return _setSecurityPolicy(aSecurityPolicy)
+    global _defaultPolicy
 
+    last, _defaultPolicy = _defaultPolicy, aSecurityPolicy
 
+    return last
+
+
 #
 #   IInteractionManagement implementation
 #
@@ -83,3 +92,7 @@
 addCleanUp(_cleanUp)
 
 
+# circular imports are not fun
+
+from zope.security.simplepolicies import ParanoidSecurityPolicy
+_defaultPolicy = ParanoidSecurityPolicy()

Deleted: Zope3/branches/mgedmin-security/src/zope/security/manager.py
===================================================================
--- Zope3/branches/mgedmin-security/src/zope/security/manager.py	2004-05-12 21:38:07 UTC (rev 24614)
+++ Zope3/branches/mgedmin-security/src/zope/security/manager.py	2004-05-12 21:42:14 UTC (rev 24615)
@@ -1,155 +0,0 @@
-##############################################################################
-#
-# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
-# All Rights Reserved.
-#
-# This software is subject to the provisions of the Zope Public License,
-# Version 2.0 (ZPL).  A copy of the ZPL should accompany this distribution.
-# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
-# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
-# FOR A PARTICULAR PURPOSE.
-#
-##############################################################################
-"""Default ISecurityManager implementation
-
-$Id: manager.py,v 1.4 2003/06/02 14:34:49 stevea Exp $
-"""
-from zope.interface import implements
-from zope.security.simplepolicies import ParanoidSecurityPolicy
-
-MAX_STACK_SIZE = 100
-
-_defaultPolicy = ParanoidSecurityPolicy()
-
-def _clear():
-    global _defaultPolicy
-    _defaultPolicy = ParanoidSecurityPolicy()
-
-from zope.testing.cleanup import addCleanUp
-addCleanUp(_clear)
-
-def getSecurityPolicy():
-    """Get the system default security policy."""
-    return _defaultPolicy
-
-def setSecurityPolicy(aSecurityPolicy):
-    """Set the system default security policy.
-
-    This method should only be caused by system startup code. It should never,
-    for example, be called during a web request.
-    """
-    global _defaultPolicy
-
-    last, _defaultPolicy = _defaultPolicy, aSecurityPolicy
-
-    return last
-
-from zope.security.interfaces import ISecurityManager
-
-class SecurityManager:
-    """A security manager provides methods for checking access and managing
-    executable context and policies.
-    """
-    implements(ISecurityManager)
-
-    def __init__(self, context):
-        self._context = context
-        self._policy = None
-
-    def _getPolicy(self):
-        """Find current policy, or default.
-        """
-        policy = self._policy
-        if policy is None:
-            policy = _defaultPolicy
-        return policy
-
-    #
-    #   ISecurityManager implementation
-    #
-    def getPrincipal(self):
-        """Return the authenticated user.
-
-       This is equivalent to something like::
-
-         REQUEST['AUTHENTICATED_USER']
-
-        but is a bit cleaner, especially if 'REQUEST' isn't handy.
-        """
-        return self._context.user
-
-    def checkPermission(self, permission, object):
-        """Check whether the security context allows the given
-        permission on the given object. Return a boolean value.
-
-        Arguments:
-
-            permission -- A permission name
-
-            object -- The object being accessed according to the permission
-        """
-        from zope.security.management import getInteraction # this is temporary
-        return self._getPolicy().checkPermission(permission, object,
-                                                 getInteraction())
-
-    def pushExecutable(self, anExecutableObject):
-        """Push an ExecutableObject onto the manager's stack, and
-        activate its custom security policy, if any.
-        """
-        stack = self._context.stack
-
-        if len(stack) >= MAX_STACK_SIZE:
-            raise SystemError, 'Excessive recursion'
-
-        stack.append(anExecutableObject)
-        p = getattr(anExecutableObject, '_customSecurityPolicy', None)
-
-        if p is not None:
-            p = p()
-
-        self._policy = p
-
-    def popExecutable(self, anExecutableObject):
-        """Pop the topmost ExecutableObject from the stack, deactivating
-        any custom security policy it might have installed.
-        """
-        stack = self._context.stack
-
-        if not stack:
-            return
-
-        top = stack[-1]
-
-        if top is anExecutableObject:
-            del stack[-1]
-        else:
-            indexes = range(len(stack))
-            indexes.reverse()
-            for i in indexes:
-                top = stack[i]
-                if top is anExecutableObject:
-                    del stack[i:]
-                    break
-            else:
-                return
-
-        if stack:
-            top = stack[-1]
-            p = getattr(top, '_customSecurityPolicy', None)
-
-            if p is not None:
-                p = p()
-            self._policy = p
-        else:
-            self._policy = None
-
-    def calledByExecutable(self):
-        """Return a boolean indicating whether the current request has
-        invoked any IExecutableObjects.
-
-        This can be used to determine if an object was called (more or less)
-        directly from a URL, or if it was called by through-the-web provided
-        code.
-        """
-        return len(self._context.stack)

Deleted: Zope3/branches/mgedmin-security/src/zope/security/tests/test_manager.py
===================================================================
--- Zope3/branches/mgedmin-security/src/zope/security/tests/test_manager.py	2004-05-12 21:38:07 UTC (rev 24614)
+++ Zope3/branches/mgedmin-security/src/zope/security/tests/test_manager.py	2004-05-12 21:42:14 UTC (rev 24615)
@@ -1,159 +0,0 @@
-##############################################################################
-#
-# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
-# All Rights Reserved.
-#
-# This software is subject to the provisions of the Zope Public License,
-# Version 2.0 (ZPL).  A copy of the ZPL should accompany this distribution.
-# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
-# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
-# FOR A PARTICULAR PURPOSE.
-#
-##############################################################################
-"""Unit tests for SecurityManager
-
-$Id: test_manager.py,v 1.5 2004/03/13 17:21:51 philikon Exp $
-"""
-
-import unittest
-
-from zope.interface.verify import verifyClass
-
-from zope.security import manager
-from zope.security.simplepolicies import ParanoidSecurityPolicy
-from zope.security.simplepolicies import PermissiveSecurityPolicy
-from zope.security.context import SecurityContext
-
-class DummyExecutable:
-    """implements( (pseudo) IExecutableObject)"""
-
-class DummyExecutableWithCustomPolicy:
-    """implements( (pseudo) IExecutableObjectWithCustomSecurityPolicy)"""
-
-    def _customSecurityPolicy(self):
-        return PermissiveSecurityPolicy()
-
-class Test(unittest.TestCase):
-
-    def setUp(self):
-        self._oldPolicy = manager._defaultPolicy
-        manager.setSecurityPolicy(ParanoidSecurityPolicy())
-        self._context = SecurityContext('xyzzy')
-
-    def tearDown(self):
-        from zope.security.manager import setSecurityPolicy
-        setSecurityPolicy(self._oldPolicy)
-
-    def _makeMgr(self):
-        from zope.security.manager import SecurityManager
-        return SecurityManager(self._context)
-
-    def _setPermissive(self):
-        from zope.security.manager import setSecurityPolicy
-        setSecurityPolicy(PermissiveSecurityPolicy())
-
-
-    def test_import(self):
-        from zope.security.manager import SecurityManager
-        from zope.security.interfaces import ISecurityManager
-        verifyClass(ISecurityManager, SecurityManager)
-
-    def test_empty(self):
-        mgr = self._makeMgr()
-        self.assertEqual(mgr.getPrincipal(), self._context.user)
-        self.failIf(mgr.calledByExecutable())
-
-    def test_w_default_policy(self):
-        mgr = self._makeMgr()
-        self.failIf(mgr.checkPermission(None, None))
-
-    def test_w_permissive_policy(self):
-        mgr = self._makeMgr()
-        self._setPermissive()
-        self.failUnless(mgr.checkPermission(None, None))
-
-    def test_exec_stack_overflow(self):
-        from zope.security.manager import MAX_STACK_SIZE
-        mgr = self._makeMgr()
-
-        for i in range(MAX_STACK_SIZE):
-            mgr.pushExecutable(None)
-
-        self.assertRaises(SystemError, mgr.pushExecutable, None)
-
-    def test_pushExecutable_simple(self):
-        mgr = self._makeMgr()
-        self.failIf(mgr.calledByExecutable())
-
-        mgr.pushExecutable(DummyExecutable())
-        self.failUnless(mgr.calledByExecutable())
-
-    def test_popExecutable_simple(self):
-        mgr = self._makeMgr()
-        exe = DummyExecutable()
-        exe2 = DummyExecutable()
-
-        mgr.pushExecutable(exe)
-        mgr.pushExecutable(exe2)
-        mgr.popExecutable(exe2)
-        self.failUnless(mgr.calledByExecutable())
-
-        mgr.popExecutable(exe)
-        self.failIf(mgr.calledByExecutable())
-
-    def test_popExecutable_nomatch(self):
-        mgr = self._makeMgr()
-        exe = DummyExecutable()
-        exe2 = DummyExecutable()
-        other = DummyExecutable()
-
-        mgr.pushExecutable(exe)
-        mgr.pushExecutable(exe2)
-        mgr.popExecutable(other) # not on stack => no change
-        self.failUnless(mgr.calledByExecutable())
-
-        mgr.popExecutable(exe) # bottom of stack => empty it
-        self.failIf(mgr.calledByExecutable())
-
-    def test_pushExecutable_customPolicy(self):
-        mgr = self._makeMgr()
-        exe = DummyExecutableWithCustomPolicy()
-        self.failIf(mgr.checkPermission(None, None))
-        mgr.pushExecutable(exe)
-        self.failUnless(mgr.checkPermission(None, None))
-        mgr.popExecutable(exe)
-        self.failIf(mgr.checkPermission(None, None))
-
-    def test_pushPop_complexPolicies(self):
-        mgr = self._makeMgr()
-
-        exe1 = DummyExecutableWithCustomPolicy()
-        exe2 = DummyExecutable()
-        exe3 = DummyExecutableWithCustomPolicy()
-
-        mgr.pushExecutable(exe1) # now has custom permissive policy
-        self.failUnless(mgr.checkPermission(None, None))
-
-        mgr.pushExecutable(exe2) # now has default policy
-        self.failIf(mgr.checkPermission(None, None))
-
-        mgr.pushExecutable(exe3) # now has custom permissive policy
-        self.failUnless(mgr.checkPermission(None, None))
-
-        mgr.popExecutable(exe3) # back to default policy
-        self.failIf(mgr.checkPermission(None, None))
-
-        mgr.popExecutable(exe2) # back to has custom permissive policy
-        self.failUnless(mgr.checkPermission(None, None))
-
-        mgr.popExecutable(exe1) # back to default policy
-        self.failIf(mgr.checkPermission(None, None))
-
-
-def test_suite():
-    loader=unittest.TestLoader()
-    return loader.loadTestsFromTestCase(Test)
-
-if __name__=='__main__':
-    unittest.TextTestRunner().run(test_suite())




More information about the Zope3-Checkins mailing list