[Zope3-dev] zope.server.ftp.server depends on zope.security
Steve Alexander
steve at canonical.com
Thu Sep 30 12:13:09 EDT 2004
The file src/zope/server/ftp/server.py imports
from zope.security.interfaces import Unauthorized
This is used in one place:
def cmd_pass(self, args):
'See IFTPCommandHandler'
self.authenticated = 0
password = args
credentials = (self.username, password)
try:
self.server.fs_access.authenticate(credentials)
except Unauthorized:
self.reply('LOGIN_MISMATCH')
self.close_when_done()
else:
self.credentials = credentials
self.authenticated = 1
self.reply('LOGIN_SUCCESS')
This is used to satisfy the interface IFileSystemAccess in
src/zope/server/interfaces/ftp.py
class IFileSystemAccess(Interface):
"""Provides authenticated access to a filesystem.
"""
def authenticate(credentials):
"""Verifies filesystem access based on the presented
credentials.
Should raise Unauthorized if the user can not be authenticated.
This method only checks general access and is not used for each
call to open(). Rather, open() should do its own verification.
Credentials are passed as username/password tuples.
"""
def open(credentials):
"""Returns an IFileSystem.
Should raise Unauthorized if the user can not be authenticated.
Credentials are passed as username/password tuples.
"""
Note that the interface does not say where Unauthorized should be
imported from. The interfaces.py module does not import Unauthorized
either.
This is the only dependency on zope.security in the whole zope.server
package.
I think the zope.server subsystem should define its own Unauthorized
exception, or at least, should not strongly depend on zope.security in
this way.
--
Steve Alexander
More information about the Zope3-dev
mailing list