[Zope3-checkins] SVN: Zope3/trunk/ Modified the security-policy configuration to use the new grantAll

Jim Fulton jim at zope.com
Mon May 17 06:11:09 EDT 2004 

Log message for revision 24771:
Modified the security-policy configuration to use the new grantAll
directive.  This allowa us to eliminate a dependency on other packages
with custom permissions. basically, we grant all permissions to
managers.

Also moved the include of the config file up to the top-level
directory. This needs tobe included after all of the package
includes. Also, the security policy is different from other packages,
since there must be exactly one security policy plugged in.

Perhaps the meta configuration should be combined with the regular
configuration.



-=-
Modified: Zope3/trunk/ftesting.zcml
===================================================================
--- Zope3/trunk/ftesting.zcml	2004-05-17 10:06:10 UTC (rev 24770)
+++ Zope3/trunk/ftesting.zcml	2004-05-17 10:11:08 UTC (rev 24771)
@@ -1,5 +1,7 @@
-<configure xmlns="http://namespaces.zope.org/zope"
-           i18n_domain="zope">
+<configure 
+   xmlns="http://namespaces.zope.org/zope"
+   i18n_domain="zope"
+   >
 
   <!-- This file is the equivalent of site.zcml and it is -->
   <!-- used for functional testing setup -->
@@ -9,6 +11,8 @@
   <include files="package-includes/*-meta.zcml" />
   <include files="package-includes/*-configure.zcml" />
 
+  <include file="securitypolicy.zcml" />
+
   <!-- Principals -->
 
   <unauthenticatedPrincipal

Deleted: Zope3/trunk/package-includes/securitypolicy-configure.zcml
===================================================================
--- Zope3/trunk/package-includes/securitypolicy-configure.zcml	2004-05-17 10:06:10 UTC (rev 24770)
+++ Zope3/trunk/package-includes/securitypolicy-configure.zcml	2004-05-17 10:11:08 UTC (rev 24771)
@@ -1,5 +0,0 @@
-<configure>
-<include file="workflow-configure.zcml" />
-<include file="undo-configure.zcml" />
-<include package="zope.app.securitypolicy" />
-</configure>

Copied: Zope3/trunk/securitypolicy.zcml (from rev 24757, Zope3/trunk/package-includes/securitypolicy-configure.zcml)
===================================================================
--- Zope3/trunk/package-includes/securitypolicy-configure.zcml	2004-05-16 16:45:58 UTC (rev 24757)
+++ Zope3/trunk/securitypolicy.zcml	2004-05-17 10:11:08 UTC (rev 24771)
@@ -0,0 +1 @@
+<include package="zope.app.securitypolicy" />

Modified: Zope3/trunk/site.zcml
===================================================================
--- Zope3/trunk/site.zcml	2004-05-17 10:06:10 UTC (rev 24770)
+++ Zope3/trunk/site.zcml	2004-05-17 10:11:08 UTC (rev 24771)
@@ -8,6 +8,7 @@
   <!-- Provide local overrides of standard configurations-->
   <includeOverrides file="overrides.zcml" />
 
+  <include file="securitypolicy.zcml" />
   <include file="principals.zcml" />
 
 </configure>

Modified: Zope3/trunk/src/zope/app/securitypolicy/configure.zcml
===================================================================
--- Zope3/trunk/src/zope/app/securitypolicy/configure.zcml	2004-05-17 10:06:10 UTC (rev 24770)
+++ Zope3/trunk/src/zope/app/securitypolicy/configure.zcml	2004-05-17 10:11:08 UTC (rev 24771)
@@ -63,39 +63,17 @@
       />
 
   <role id="zope.Anonymous" title="Everybody" 
-        description="All users have this role implicitly" />
+                 description="All users have this role implicitly" />
   <role id="zope.Manager" title="Site Manager" />
   <role id="zope.Member" title="Site Member" />
 
-  <!-- Remove the following directive if you don't want public access -->
-  <grant permission="zope.View"                  role="zope.Anonymous" />
+  <!-- Replace the following directive if you don't want public access -->
+  <grant permission="zope.View"                  
+                  role="zope.Anonymous" />
+  <grant permission="zope.app.dublincore.view"   
+                  role="zope.Anonymous" />
 
-  <grant permission="zope.ManageContent"         role="zope.Manager" />
-  <grant permission="zope.Security"              role="zope.Manager" />
-  <grant permission="zope.ManageCode"            role="zope.Manager" />
-  <grant permission="zope.ManageServices"        role="zope.Manager" />
-  <grant permission="zope.ManageApplication"     role="zope.Manager" />
-  <grant permission="zope.ManageBindings"        role="zope.Manager" />
-
-  <!-- zope.app.dublincore -->
-  <grant permission="zope.app.dublincore.view"   role="zope.Anonymous" />
-  <grant permission="zope.app.dublincore.change" role="zope.Manager" />
-
-  <!-- zope.app.mail -->
-  <grant permission="zope.SendMail"              role="zope.Manager" />
-
-  <!-- zope.app.undo -->
-  <grant permission="zope.UndoOwnTransactions"   role="zope.Member" />
-  <grant permission="zope.UndoOwnTransactions"   role="zope.Manager" />
-  <grant permission="zope.UndoAllTransactions"   role="zope.Manager" />
-
-  <!-- zope.app.workflow -->
-  <grant permission="zope.workflow.ManageProcessDefinitions"
-         role="zope.Manager" />
-  <grant permission="zope.workflow.CreateProcessInstances"
-         role="zope.Manager" />
-  <grant permission="zope.workflow.UseProcessInstances"
-         role="zope.Manager" />
-
+  <grantAll role="zope.Manager" />
+  
 </configure>

More information about the Zope3-Checkins mailing list