[Checkins] SVN: grokcore.security/trunk/s move the Role component from grok to grokcore.security too
Jan Wijbrand Kolman
cvs-admin at zope.org
Mon Apr 30 14:00:23 UTC 2012
Log message for revision 125443:
move the Role component from grok to grokcore.security too
Changed:
U grokcore.security/trunk/setup.py
U grokcore.security/trunk/src/grokcore/security/__init__.py
U grokcore.security/trunk/src/grokcore/security/components.py
U grokcore.security/trunk/src/grokcore/security/directive.py
U grokcore.security/trunk/src/grokcore/security/interfaces.py
U grokcore.security/trunk/src/grokcore/security/meta.py
U grokcore.security/trunk/src/grokcore/security/tests/permissions/directive.py
A grokcore.security/trunk/src/grokcore/security/tests/role/
U grokcore.security/trunk/src/grokcore/security/tests/role/missing_role_name.py
D grokcore.security/trunk/src/grokcore/security/tests/role/not_a_permission_class.py
D grokcore.security/trunk/src/grokcore/security/tests/role/not_a_permission_class_fixture.py
D grokcore.security/trunk/src/grokcore/security/tests/role/permissions.py
A grokcore.security/trunk/src/grokcore/security/tests/role/permissions.py
U grokcore.security/trunk/src/grokcore/security/tests/role/role_i18n.py
U grokcore.security/trunk/src/grokcore/security/tests/test_all.py
-=-
Modified: grokcore.security/trunk/setup.py
===================================================================
--- grokcore.security/trunk/setup.py 2012-04-30 13:40:00 UTC (rev 125442)
+++ grokcore.security/trunk/setup.py 2012-04-30 14:00:19 UTC (rev 125443)
@@ -25,24 +25,26 @@
description='Grok-like configuration for Zope security components',
long_description=long_description,
license='ZPL',
- classifiers=['Intended Audience :: Developers',
- 'License :: OSI Approved :: Zope Public License',
- 'Programming Language :: Python',
- 'Framework :: Zope3',
- ],
-
+ classifiers=[
+ 'Intended Audience :: Developers',
+ 'License :: OSI Approved :: Zope Public License',
+ 'Programming Language :: Python',
+ 'Framework :: Zope3',
+ ],
packages=find_packages('src'),
package_dir = {'': 'src'},
namespace_packages=['grokcore'],
include_package_data=True,
zip_safe=False,
- install_requires=['setuptools',
- 'grokcore.component >= 2.1',
- 'martian >= 0.13',
- 'zope.component',
- 'zope.interface',
- 'zope.security',
- ],
+ install_requires=[
+ 'setuptools',
+ 'grokcore.component >= 2.1',
+ 'martian >= 0.13',
+ 'zope.component',
+ 'zope.interface',
+ 'zope.security',
+ 'zope.securitypolicy',
+ ],
tests_require=tests_require,
extras_require={'test': tests_require},
)
Modified: grokcore.security/trunk/src/grokcore/security/__init__.py
===================================================================
--- grokcore.security/trunk/src/grokcore/security/__init__.py 2012-04-30 13:40:00 UTC (rev 125442)
+++ grokcore.security/trunk/src/grokcore/security/__init__.py 2012-04-30 14:00:19 UTC (rev 125443)
@@ -16,6 +16,7 @@
from grokcore.component import *
from grokcore.security.components import Permission, Public
+from grokcore.security.components import Role
from grokcore.security.directive import require, permissions
# Import this module so that it's available as soon as you import the
Modified: grokcore.security/trunk/src/grokcore/security/components.py
===================================================================
--- grokcore.security/trunk/src/grokcore/security/components.py 2012-04-30 13:40:00 UTC (rev 125442)
+++ grokcore.security/trunk/src/grokcore/security/components.py 2012-04-30 14:00:19 UTC (rev 125443)
@@ -19,3 +19,19 @@
pass
Public = 'zope.Public'
+
+from zope.securitypolicy.role import Role as securitypolicy_Role
+
+class Role(securitypolicy_Role):
+ """Base class for roles in Grok applications.
+
+ A role is a description of a class of users that gives them a
+ machine-readable name, a human-readable title, and a set of
+ permissions which users belong to that role should possess::
+
+ class Editor(grok.Role):
+ grok.name('news.Editor')
+ grok.title('Editor')
+ grok.permissions('news.EditArticle', 'news.PublishArticle')
+
+ """
\ No newline at end of file
Modified: grokcore.security/trunk/src/grokcore/security/directive.py
===================================================================
--- grokcore.security/trunk/src/grokcore/security/directive.py 2012-04-30 13:40:00 UTC (rev 125442)
+++ grokcore.security/trunk/src/grokcore/security/directive.py 2012-04-30 14:00:19 UTC (rev 125443)
@@ -28,9 +28,10 @@
if (permissions is default) or not permissions:
return default
if len(permissions) > 1:
- raise GrokError('grok.require was called multiple times in '
- '%r. It may only be set once for a class.'
- % component, component)
+ raise GrokError(
+ 'grok.require was called multiple times in '
+ '%r. It may only be set once for a class.'
+ % component, component)
return permissions[0]
def pop(self, locals_, directive):
@@ -88,8 +89,7 @@
if martian.util.not_unicode_or_ascii(value):
raise GrokImportError(
"You can only pass unicode values, ASCII values, or "
- "subclasses of grokcore.security.Permission to the '%s'"
- " directive."
+ "subclasses of grok.Permission to the '%s' directive."
% self.name)
def factory(self, *values):
Modified: grokcore.security/trunk/src/grokcore/security/interfaces.py
===================================================================
--- grokcore.security/trunk/src/grokcore/security/interfaces.py 2012-04-30 13:40:00 UTC (rev 125442)
+++ grokcore.security/trunk/src/grokcore/security/interfaces.py 2012-04-30 14:00:19 UTC (rev 125443)
@@ -18,6 +18,7 @@
class IBaseClasses(Interface):
Permission = Attribute("Base class for permissions.")
+ Role = Attribute("Base class for roles.")
class IDirectives(Interface):
Modified: grokcore.security/trunk/src/grokcore/security/meta.py
===================================================================
--- grokcore.security/trunk/src/grokcore/security/meta.py 2012-04-30 13:40:00 UTC (rev 125442)
+++ grokcore.security/trunk/src/grokcore/security/meta.py 2012-04-30 14:00:19 UTC (rev 125443)
@@ -15,10 +15,13 @@
import martian
import grokcore.component
+import grokcore.component.util
import grokcore.security
+
+from zope.security.interfaces import IPermission
from martian.error import GrokError
-from zope.security.interfaces import IPermission
+
def default_fallback_to_name(factory, module, name, **data):
return name
@@ -47,3 +50,56 @@
order=-1 # need to do this early in the process
)
return True
+
+
+from zope.i18nmessageid import Message
+from zope.securitypolicy.rolepermission import rolePermissionManager
+from zope.securitypolicy.interfaces import IRole
+
+from grokcore.security.directive import permissions
+from grokcore.security.components import Role
+
+
+class RoleGrokker(martian.ClassGrokker):
+ """Grokker for components subclassed from `grok.Role`.
+
+ Each role is registered as a global utility providing the service
+ `IRole` under its own particular name, and then granted every
+ permission named in its `grok.permission()` directive.
+
+ """
+ martian.component(Role)
+ martian.priority(martian.priority.bind().get(PermissionGrokker()) - 1)
+ martian.directive(grokcore.component.name)
+ martian.directive(
+ grokcore.component.title, get_default=default_fallback_to_name)
+ martian.directive(grokcore.component.description)
+ martian.directive(permissions)
+
+ def execute(self, factory, config, name, title, description,
+ permissions, **kw):
+ if not name:
+ raise GrokError(
+ "A role needs to have a dotted name for its id. Use "
+ "grok.name to specify one.", factory)
+ # We can safely convert to unicode, since the directives makes sure
+ # it is either unicode already or ASCII.
+ if not isinstance(title, Message):
+ title = unicode(title)
+ if not isinstance(description, Message):
+ description = unicode(description)
+ role = factory(unicode(name), title, description)
+
+ config.action(
+ discriminator=('utility', IRole, name),
+ callable=grokcore.component.util.provideUtility,
+ args=(role, IRole, name),
+ )
+
+ for permission in permissions:
+ config.action(
+ discriminator=('grantPermissionToRole', permission, name),
+ callable=rolePermissionManager.grantPermissionToRole,
+ args=(permission, name),
+ )
+ return True
\ No newline at end of file
Modified: grokcore.security/trunk/src/grokcore/security/tests/permissions/directive.py
===================================================================
--- grokcore.security/trunk/src/grokcore/security/tests/permissions/directive.py 2012-04-30 13:40:00 UTC (rev 125442)
+++ grokcore.security/trunk/src/grokcore/security/tests/permissions/directive.py 2012-04-30 14:00:19 UTC (rev 125443)
@@ -8,6 +8,6 @@
Traceback (most recent call last):
...
GrokImportError: You can only pass unicode values, ASCII values, or
- subclasses of grokcore.security.Permission to the 'permissions' directive.
+ subclasses of grok.Permission to the 'permissions' directive.
"""
Modified: grokcore.security/trunk/src/grokcore/security/tests/role/missing_role_name.py
===================================================================
--- grokcore.permission/trunk/src/grokcore/permission/tests/permission/missing_role_name.py 2012-04-30 12:19:34 UTC (rev 125437)
+++ grokcore.security/trunk/src/grokcore/security/tests/role/missing_role_name.py 2012-04-30 14:00:19 UTC (rev 125443)
@@ -1,15 +1,15 @@
"""
A role has to have a name to be defined.
- >>> grokcore.permission.testing.grok(__name__)
+ >>> grokcore.security.testing.grok(__name__)
Traceback (most recent call last):
GrokError: A role needs to have a dotted name for its id.
Use grok.name to specify one.
"""
import zope.interface
-import grokcore.permission
-import grokcore.permission.testing
+import grokcore.security
+import grokcore.security.testing
-class MissingName(grokcore.permission.components.Role):
+class MissingName(grokcore.security.Role):
pass
Deleted: grokcore.security/trunk/src/grokcore/security/tests/role/not_a_permission_class.py
===================================================================
--- grokcore.permission/trunk/src/grokcore/permission/tests/permission/not_a_permission_class.py 2012-04-30 12:19:34 UTC (rev 125437)
+++ grokcore.security/trunk/src/grokcore/security/tests/role/not_a_permission_class.py 2012-04-30 14:00:19 UTC (rev 125443)
@@ -1,13 +0,0 @@
-"""
-The permissions() directive only accepts permission ids or permission classes:
-
- >>> import grokcore.permission.testing
- >>>
- >>> grokcore.permission.testing.grok(
- ... 'grokcore.permission.tests.permission.not_a_permission_class_fixture')
- Traceback (most recent call last):
- ...
- GrokImportError: You can only pass unicode values, ASCII values, or
- subclasses of grokcore.security.Permission to the 'permissions' directive.
-
-"""
Deleted: grokcore.security/trunk/src/grokcore/security/tests/role/not_a_permission_class_fixture.py
===================================================================
--- grokcore.permission/trunk/src/grokcore/permission/tests/permission/not_a_permission_class_fixture.py 2012-04-30 12:19:34 UTC (rev 125437)
+++ grokcore.security/trunk/src/grokcore/security/tests/role/not_a_permission_class_fixture.py 2012-04-30 14:00:19 UTC (rev 125443)
@@ -1,9 +0,0 @@
-import grokcore.component as grok
-import grokcore.permission
-
-class NotAPermissionSubclass(object):
- grok.name('not really a permission')
-
-class MyRole(grokcore.permission.Role):
- grok.name('MyRole')
- grokcore.permission.permissions(NotAPermissionSubclass)
Deleted: grokcore.security/trunk/src/grokcore/security/tests/role/permissions.py
===================================================================
--- grokcore.permission/trunk/src/grokcore/permission/tests/permission/permissions.py 2012-04-30 12:19:34 UTC (rev 125437)
+++ grokcore.security/trunk/src/grokcore/security/tests/role/permissions.py 2012-04-30 14:00:19 UTC (rev 125443)
@@ -1,35 +0,0 @@
-"""
-A Role component optionally defines what permission it comprises.
-
-The grok.permissions() directive is used to specify the set of permissions
-that are aggregated in the particular Role. The permissions can be referenced
-by "name" or by class.
-
- >>> grokcore.permission.testing.grok(__name__)
-"""
-
-import grokcore.component as grok
-import grokcore.permission.testing
-from grokcore.permission import permissions, Role
-from grokcore.security import Permission
-import zope.interface
-
-class FirstPermission(Permission):
- grok.name('first permission')
-
-class SecondPermission(Permission):
- grok.name('second permission')
-
-class RoleComprisingTwoPermissionsByName(Role):
- grok.name('ByName')
- permissions(
- 'first permission',
- 'second permission'
- )
-
-class RoleComprisingTwoPermissionsByClass(Role):
- grok.name('ByClass')
- permissions(
- FirstPermission,
- SecondPermission
- )
Copied: grokcore.security/trunk/src/grokcore/security/tests/role/permissions.py (from rev 125438, grokcore.permission/trunk/src/grokcore/permission/tests/permission/permissions.py)
===================================================================
--- grokcore.security/trunk/src/grokcore/security/tests/role/permissions.py (rev 0)
+++ grokcore.security/trunk/src/grokcore/security/tests/role/permissions.py 2012-04-30 14:00:19 UTC (rev 125443)
@@ -0,0 +1,35 @@
+"""
+A Role component optionally defines what permission it comprises.
+
+The grok.permissions() directive is used to specify the set of permissions
+that are aggregated in the particular Role. The permissions can be referenced
+by "name" or by class.
+
+ >>> grokcore.security.testing.grok(__name__)
+"""
+
+import grokcore.component as grok
+import grokcore.security.testing
+from grokcore.security import Role
+from grokcore.security import Permission, permissions
+import zope.interface
+
+class FirstPermission(Permission):
+ grok.name('first permission')
+
+class SecondPermission(Permission):
+ grok.name('second permission')
+
+class RoleComprisingTwoPermissionsByName(Role):
+ grok.name('ByName')
+ permissions(
+ 'first permission',
+ 'second permission'
+ )
+
+class RoleComprisingTwoPermissionsByClass(Role):
+ grok.name('ByClass')
+ permissions(
+ FirstPermission,
+ SecondPermission
+ )
Modified: grokcore.security/trunk/src/grokcore/security/tests/role/role_i18n.py
===================================================================
--- grokcore.permission/trunk/src/grokcore/permission/tests/permission/role_i18n.py 2012-04-30 12:19:34 UTC (rev 125437)
+++ grokcore.security/trunk/src/grokcore/security/tests/role/role_i18n.py 2012-04-30 14:00:19 UTC (rev 125443)
@@ -4,7 +4,7 @@
Let's grok this package and check we still have a Message object for the
internationalized title and description of the defined roles.
- >>> grokcore.permission.testing.grok(__name__)
+ >>> grokcore.security.testing.grok(__name__)
>>> from zope.securitypolicy.interfaces import IRole
>>> from zope.component import getUtility
>>> from zope.i18nmessageid import Message
@@ -54,9 +54,9 @@
"""
import grokcore.component as grok
-import grokcore.permission
+import grokcore.security
-from grokcore.permission import Role
+from grokcore.security import Role
from zope.i18nmessageid import MessageFactory
_ = MessageFactory("testi18n")
Modified: grokcore.security/trunk/src/grokcore/security/tests/test_all.py
===================================================================
--- grokcore.security/trunk/src/grokcore/security/tests/test_all.py 2012-04-30 13:40:00 UTC (rev 125442)
+++ grokcore.security/trunk/src/grokcore/security/tests/test_all.py 2012-04-30 14:00:19 UTC (rev 125443)
@@ -38,8 +38,9 @@
def test_suite():
suite = unittest.TestSuite()
for name in [
+ 'permissions',
+ 'role',
'security',
- 'permissions',
]:
suite.addTest(suiteFromPackage(name))
return suite
More information about the checkins
mailing list