[Zope3-checkins] SVN: Zope3/trunk/ Fix #384: Handling utility
permissions
Jim Fulton
jim at zope.com
Fri Jul 29 19:36:22 EDT 2005
Log message for revision 37586:
Fix #384: Handling utility permissions
When defining utilities in ZCML with permissions, checker objects were
saved on the utilty's __Security_checker__ attribute. This caused
problems if the component was registered more than once, or if the
component was a class. Now a proxy is used to hold the security
checker, so that the checker is specific to a particular registration.
Changed:
U Zope3/trunk/doc/CHANGES.txt
U Zope3/trunk/doc/TODO.txt
U Zope3/trunk/src/zope/app/component/metaconfigure.py
U Zope3/trunk/src/zope/app/component/tests/components.py
U Zope3/trunk/src/zope/app/component/tests/test_directives.py
-=-
Modified: Zope3/trunk/doc/CHANGES.txt
===================================================================
--- Zope3/trunk/doc/CHANGES.txt 2005-07-29 23:25:19 UTC (rev 37585)
+++ Zope3/trunk/doc/CHANGES.txt 2005-07-29 23:36:21 UTC (rev 37586)
@@ -655,6 +655,15 @@
Bug Fixes
+ - Fix #384: Handling utility permissions
+
+ When defining utilities in ZCML with permissions, checker
+ objects were saved on the utilty's __Security_checker__
+ attribute. This caused problems if the component was
+ registered more than once, or if the component was a class.
+ Now a proxy is used to hold the security checker, so that the
+ checker is specific to a particular registration.
+
- Fix 307: browser:addMenuItem and broken view references
- Fix #411: Remove SendmailMailer
Modified: Zope3/trunk/doc/TODO.txt
===================================================================
--- Zope3/trunk/doc/TODO.txt 2005-07-29 23:25:19 UTC (rev 37585)
+++ Zope3/trunk/doc/TODO.txt 2005-07-29 23:36:21 UTC (rev 37586)
@@ -15,7 +15,5 @@
Bug Fixes
---------
- * 384: Problems with permissions in zcml utility directives
-
Bugs starting with * represent bugs that must be fixed for the 3.0.x branch as
well .
Modified: Zope3/trunk/src/zope/app/component/metaconfigure.py
===================================================================
--- Zope3/trunk/src/zope/app/component/metaconfigure.py 2005-07-29 23:25:19 UTC (rev 37585)
+++ Zope3/trunk/src/zope/app/component/metaconfigure.py 2005-07-29 23:36:21 UTC (rev 37586)
@@ -21,9 +21,11 @@
from zope.component.interfaces import IDefaultViewName, IFactory
from zope.configuration.exceptions import ConfigurationError
import zope.interface
-from zope.interface import Interface
+from zope.interface import Interface, providedBy
from zope.interface.interfaces import IInterface
+from zope.proxy import ProxyBase, getProxiedObject
+
from zope.security.checker import InterfaceChecker, CheckerPublic
from zope.security.checker import Checker, NamesChecker
from zope.security.proxy import Proxy
@@ -46,19 +48,24 @@
callable = provideInterface,
args = ('', interface, type)
)
-
+
+class PermissionProxy(ProxyBase):
+
+ __slots__ = ('__Security_checker__', )
+
+ def __providedBy__(self):
+ return providedBy(getProxiedObject(self))
+ __providedBy__ = property(__providedBy__)
+
def proxify(ob, checker):
"""Try to get the object proxied with the `checker`, but not too soon
We really don't want to proxy the object unless we need to.
"""
- try:
- ob.__Security_checker__ = checker
- except AttributeError:
- ob = Proxy(ob, checker)
-
+ ob = PermissionProxy(ob)
+ ob.__Security_checker__ = checker
return ob
_handler=handler
Modified: Zope3/trunk/src/zope/app/component/tests/components.py
===================================================================
--- Zope3/trunk/src/zope/app/component/tests/components.py 2005-07-29 23:25:19 UTC (rev 37585)
+++ Zope3/trunk/src/zope/app/component/tests/components.py 2005-07-29 23:36:21 UTC (rev 37586)
@@ -18,10 +18,13 @@
from zope.interface import Interface, Attribute, implements
from zope.component import adapts
-class IApp(Interface):
+class IAppb(Interface):
a = Attribute('test attribute')
def f(): "test func"
+class IApp(IAppb):
+ pass
+
class IContent(Interface): pass
class Content(object):
Modified: Zope3/trunk/src/zope/app/component/tests/test_directives.py
===================================================================
--- Zope3/trunk/src/zope/app/component/tests/test_directives.py 2005-07-29 23:25:19 UTC (rev 37585)
+++ Zope3/trunk/src/zope/app/component/tests/test_directives.py 2005-07-29 23:36:21 UTC (rev 37586)
@@ -877,20 +877,35 @@
self.assertEqual(zapi.getUtility(IApp).__class__, Comp)
def testProtectedUtility(self):
+ """Test that we can protect a utility.
+
+ Also:
+ Check that multiple configurations for the same utility and
+ don't interfere.
+ """
self.assertEqual(zapi.queryUtility(IV), None)
xmlconfig(StringIO(template % (
'''
+ <permission id="tell.everyone" title="Yay" />
<utility
component="zope.app.component.tests.components.comp"
provides="zope.app.component.tests.components.IApp"
- permission="zope.Public"
+ permission="tell.everyone"
/>
+ <permission id="top.secret" title="shhhh" />
+ <utility
+ component="zope.app.component.tests.components.comp"
+ provides="zope.app.component.tests.components.IAppb"
+ permission="top.secret"
+ />
'''
)))
utility = ProxyFactory(zapi.getUtility(IApp))
- items = [item[0] for item in getTestProxyItems(utility)]
- self.assertEqual(items, ['a', 'f'])
+ items = getTestProxyItems(utility)
+ self.assertEqual(items, [('a', 'tell.everyone'),
+ ('f', 'tell.everyone')
+ ])
self.assertEqual(removeSecurityProxy(utility), comp)
def testUtilityUndefinedPermission(self):
More information about the Zope3-Checkins
mailing list