[Checkins] SVN: grok/trunk/src/grok/ merge grok.Permission and
grok.Role features from
Jan-Wijbrand Kolman
janwijbrand at gmail.com
Wed Aug 22 09:11:33 EDT 2007
Log message for revision 79120:
merge grok.Permission and grok.Role features from
jw-define-roles-directive branch.
Changed:
U grok/trunk/src/grok/__init__.py
U grok/trunk/src/grok/admin/docgrok.py
U grok/trunk/src/grok/admin/view.py
U grok/trunk/src/grok/components.py
U grok/trunk/src/grok/directive.py
U grok/trunk/src/grok/ftests/security/grant.py
U grok/trunk/src/grok/ftests/security/require.py
A grok/trunk/src/grok/ftests/security/roles.py
U grok/trunk/src/grok/interfaces.py
U grok/trunk/src/grok/meta.py
U grok/trunk/src/grok/tests/security/missing_permission.py
U grok/trunk/src/grok/tests/security/missing_permission_json.py
U grok/trunk/src/grok/tests/security/missing_permission_json2.py
A grok/trunk/src/grok/tests/security/missing_permission_name.py
U grok/trunk/src/grok/tests/security/missing_permission_xmlrpc.py
U grok/trunk/src/grok/tests/security/missing_permission_xmlrpc2.py
U grok/trunk/src/grok/tests/security/missing_permission_xmlrpc3.py
A grok/trunk/src/grok/tests/security/missing_role_name.py
U grok/trunk/src/grok/tests/security/multiple_require.py
U grok/trunk/src/grok/tests/security/multiple_require_json.py
U grok/trunk/src/grok/tests/security/multiple_require_xmlrpc.py
U grok/trunk/src/grok/tests/security/view_decorator.py
U grok/trunk/src/grok/util.py
-=-
Modified: grok/trunk/src/grok/__init__.py
===================================================================
--- grok/trunk/src/grok/__init__.py 2007-08-22 12:00:48 UTC (rev 79119)
+++ grok/trunk/src/grok/__init__.py 2007-08-22 13:11:32 UTC (rev 79120)
@@ -35,9 +35,10 @@
from grok.components import Site, GlobalUtility, LocalUtility, Annotation
from grok.components import Application, Form, AddForm, EditForm, DisplayForm
from grok.components import Indexes
-from grok.directive import (context, name, template, templatedir, provides,
- baseclass, global_utility, local_utility,
- define_permission, require, site)
+from grok.components import Permission, Role
+from grok.directive import (context, name, title, template, templatedir,
+ provides, baseclass, global_utility, local_utility,
+ permissions, require, site)
from grok._grok import do_grok as grok # Avoid name clash within _grok
from grok._grok import grok_component
from grok._grok import SubscribeDecorator as subscribe
Modified: grok/trunk/src/grok/admin/docgrok.py
===================================================================
--- grok/trunk/src/grok/admin/docgrok.py 2007-08-22 12:00:48 UTC (rev 79119)
+++ grok/trunk/src/grok/admin/docgrok.py 2007-08-22 13:11:32 UTC (rev 79120)
@@ -55,8 +55,10 @@
DOCGROK_ITEM_NAMESPACE = 'docgrok-obj'
grok.context(IRootFolder)
-grok.define_permission('grok.ManageApplications')
+class ManageApplications(grok.Permission):
+ grok.name('grok.ManageApplications')
+
def find_filepath(dotted_path):
"""Find the filepath for a dotted name.
@@ -248,13 +250,13 @@
Then we get create an (empty) 'ModuleGrokker'. 'ModuleGrokkers'
can grok whole modules. ::
-
+
>>> from martian import ModuleGrokker
>>> module_grokker = ModuleGrokker()
Then we register the 'docgrok_grokker', which should contain some
base handlers for modules, classes, etc. by default::
-
+
>>> module_grokker.register(docgrok.docgrok_grokker)
The 'docgrok_grokker' is an instance of 'DocGrokGrokker'::
@@ -296,10 +298,10 @@
Now we want to register this new DocGrok with the 'global
machinery'. Easy::
-
+
>>> module_grokker.grok('mammoth_grokker', mammoth)
True
-
+
Now the 'handle_mammoths' function is considered to deliver a
valid DocGrok, whenever it is asked. Every time, someone asks the
docgroks 'handle()' function for a suitable docgrok for things
@@ -313,11 +315,11 @@
TODO: Show how to make a docgrok view.
That's it.
-
+
"""
component_class = types.FunctionType
- def grok(self, name, obj, **kw):
+ def grok(self, name, obj, **kw):
if not name.startswith('handle_'):
return False
if name in [x['name'] for x in docgrok_handlers]:
@@ -326,7 +328,7 @@
'handler':obj})
return True
-
+
class DocGrok(grok.Model):
"""DocGrok helps us finding out things about ourselves.
@@ -428,7 +430,7 @@
path = path.rsplit('/', 1)
path = "/%s/%s%s/@@inspect.html" % (DOCGROK_ITEM_NAMESPACE, path, name)
path = path.replace('//', '/')
- url[2] = path
+ url[2] = path
return urlunparse(url)
@@ -507,8 +509,8 @@
}
result.append(subresult)
return result
-
+
def getModuleInfos(self):
"""Get the modules inside a package.
"""
@@ -545,7 +547,7 @@
filename = filename[:-1]
return filename
-
+
class DocGrokClass(DocGrokPackage):
"""This doctor cares for classes.
"""
@@ -657,4 +659,3 @@
content = file.read()
file.close()
return content.decode('utf-8')
-
Modified: grok/trunk/src/grok/admin/view.py
===================================================================
--- grok/trunk/src/grok/admin/view.py 2007-08-22 12:00:48 UTC (rev 79119)
+++ grok/trunk/src/grok/admin/view.py 2007-08-22 13:11:32 UTC (rev 79120)
@@ -50,8 +50,9 @@
grok.context(IRootFolder)
-grok.define_permission('grok.ManageApplications')
+class ManageApplications(grok.Permission):
+ grok.name('grok.ManageApplications')
class Add(grok.View):
"""Add an application.
@@ -62,7 +63,7 @@
def update(self, inspectapp=None, application=None):
if inspectapp is not None:
self.redirect(self.url("docgrok") + "/%s/index"%(application.replace('.','/'),))
- return
+ return
def render(self, application, name, inspectapp=None):
if name is None or name == "":
@@ -144,7 +145,7 @@
# we get a wrapped context: the meant object is wrapped
# into a ZopeObjectInfo.
obj = self.context.obj
-
+
self.ob_info = ZopeObjectInfo(obj)
ob_info = self.ob_info
self.show_private = show_private
@@ -157,7 +158,7 @@
}
bases = [getPathLinksForClass(x) for x in ob_info.getBases()]
bases.sort()
-
+
ifaces = [getPathLinksForClass(x) for x in
ob_info.getProvidedInterfaces()]
ifaces.sort()
@@ -184,7 +185,7 @@
attr['interface'], root_url)
attr['obj'] = getattr(obj, attr['name'], None)
attr['docgrok_link'] = getItemLink(attr['name'], self.url(''))
- attrs.sort(lambda x,y: x['name']>y['name'])
+ attrs.sort(lambda x,y: x['name']>y['name'])
seqitems = ob_info.getSequenceItems() or []
for item in seqitems:
@@ -220,7 +221,7 @@
item['docgrok_link'] = getItemLink(item['key'], self.url(''))
annotations.sort(lambda x,y: x['key']>y['key'])
-
+
self.info = {
'name' : ob_info.getId() or u'<unnamed object>',
'type' : getPathLinksForClass((getattr(obj,
@@ -256,8 +257,8 @@
'mappingitems' : mapitems,
'annotations' : annotations
}
-
+
class Index(GAIAView):
"""A redirector to the real frontpage."""
@@ -392,8 +393,8 @@
userfolder = pau[USERFOLDER_NAME]
users = list(userfolder.search({'search':''}))
return [userfolder.principalInfo(x) for x in users]
-
+
def update(self):
self.principals = self.getPrincipals()
pass
@@ -405,7 +406,7 @@
"""
if dotted_path is None:
return {}
-
+
result = []
part_path = ""
for part in dotted_path.split('.'):
@@ -624,5 +625,3 @@
def getPackagePathParts(self):
return self.getPathParts(
self.context.getPackagePath())
-
-
Modified: grok/trunk/src/grok/components.py
===================================================================
--- grok/trunk/src/grok/components.py 2007-08-22 12:00:48 UTC (rev 79119)
+++ grok/trunk/src/grok/components.py 2007-08-22 13:11:32 UTC (rev 79120)
@@ -479,3 +479,9 @@
self.__grok_module__ = martian.util.caller_module()
Indexes = IndexesClass('Indexes')
+
+class Permission(object):
+ pass
+
+class Role(object):
+ pass
Modified: grok/trunk/src/grok/directive.py
===================================================================
--- grok/trunk/src/grok/directive.py 2007-08-22 12:00:48 UTC (rev 79119)
+++ grok/trunk/src/grok/directive.py 2007-08-22 13:11:32 UTC (rev 79120)
@@ -17,7 +17,8 @@
from zope.interface.interfaces import IInterface
from martian.error import GrokImportError
-from martian.directive import (MultipleTimesDirective, BaseTextDirective,
+from martian.directive import (OnceDirective,
+ MultipleTimesDirective, BaseTextDirective,
SingleValue, SingleTextDirective,
MultipleTextDirective,
MarkerDirective,
@@ -47,7 +48,7 @@
if provides is None:
provides = util.class_annotation(factory, 'grok.provides', None)
self.provides = provides
-
+
if name is u'':
name = util.class_annotation(factory, 'grok.name', u'')
self.name = name
@@ -93,6 +94,14 @@
return func
return decorator
+class MultiValueOnceDirective(OnceDirective):
+
+ def check_arguments(self, *values):
+ pass
+
+ def value_factory(self, *args):
+ return args
+
# Define grok directives
name = SingleTextDirective('grok.name', ClassDirectiveContext())
template = SingleTextDirective('grok.template', ClassDirectiveContext())
@@ -105,8 +114,9 @@
ModuleDirectiveContext())
local_utility = LocalUtilityDirective('grok.local_utility',
ClassDirectiveContext())
-define_permission = MultipleTextDirective('grok.define_permission',
- ModuleDirectiveContext())
require = RequireDirective('grok.require', ClassDirectiveContext())
site = InterfaceOrClassDirective('grok.site',
ClassDirectiveContext())
+title = SingleTextDirective('grok.title', ClassDirectiveContext())
+permissions = MultiValueOnceDirective(
+ 'grok.permissions', ClassDirectiveContext())
Modified: grok/trunk/src/grok/ftests/security/grant.py
===================================================================
--- grok/trunk/src/grok/ftests/security/grant.py 2007-08-22 12:00:48 UTC (rev 79119)
+++ grok/trunk/src/grok/ftests/security/grant.py 2007-08-22 13:11:32 UTC (rev 79120)
@@ -1,6 +1,6 @@
# -*- coding: latin-1 -*-
"""
-We can define a few permissions with grok.define_permission:
+We can define a few permissions with grok.Permission:
>>> import grok
>>> grok.grok('grok.ftests.security.grant')
@@ -22,10 +22,10 @@
"""
import grok
-grok.define_permission('grok.ascii-permission')
+class ASCIIPermission(grok.Permission):
+ grok.name('grok.ascii-permission')
+
# TODO Technically, it's absolutely possible to give permissions
# non-ASCII names. However the way Zope 3's grant view uses widgets to
# display form controls for each permission is not unicode-safe.
-
-#grok.define_permission(u'grok.ünicöde-permission')
Modified: grok/trunk/src/grok/ftests/security/require.py
===================================================================
--- grok/trunk/src/grok/ftests/security/require.py 2007-08-22 12:00:48 UTC (rev 79119)
+++ grok/trunk/src/grok/ftests/security/require.py 2007-08-22 13:11:32 UTC (rev 79120)
@@ -33,7 +33,8 @@
import grok
import zope.interface
-grok.define_permission('grok.ViewPainting')
+class ViewPainting(grok.Permission):
+ grok.name('grok.ViewPainting')
class CavePainting(grok.View):
Added: grok/trunk/src/grok/ftests/security/roles.py
===================================================================
--- grok/trunk/src/grok/ftests/security/roles.py (rev 0)
+++ grok/trunk/src/grok/ftests/security/roles.py 2007-08-22 13:11:32 UTC (rev 79120)
@@ -0,0 +1,94 @@
+"""
+ >>> import grok
+ >>> grok.grok('grok.ftests.security.roles')
+
+Viewing a protected view with insufficient privileges will yield
+Unauthorized:
+
+ >>> from zope.testbrowser.testing import Browser
+ >>> browser = Browser()
+ >>> browser.open("http://localhost/@@cavepainting")
+ Traceback (most recent call last):
+ HTTPError: HTTP Error 401: Unauthorized
+ >>> browser.open("http://localhost/@@editcavepainting")
+ Traceback (most recent call last):
+ HTTPError: HTTP Error 401: Unauthorized
+ >>> browser.open("http://localhost/@@erasecavepainting")
+ Traceback (most recent call last):
+ HTTPError: HTTP Error 401: Unauthorized
+
+When we log in (e.g. as a manager), we can access the views just fine:
+
+ >>> from zope.app.securitypolicy.principalrole import principalRoleManager
+ >>> principalRoleManager.assignRoleToPrincipal(
+ ... 'grok.PaintingOwner', 'zope.mgr')
+ >>> browser.addHeader('Authorization', 'Basic mgr:mgrpw')
+ >>> browser.open("http://localhost/@@cavepainting")
+ >>> print browser.contents
+ What a beautiful painting.
+
+ >>> browser.open("http://localhost/@@editcavepainting")
+ >>> print browser.contents
+ Let's make it even prettier.
+
+ >>> browser.open("http://localhost/@@erasecavepainting")
+ >>> print browser.contents
+ Oops, mistake, let's erase it.
+
+ >>> browser.open("http://localhost/@@approvecavepainting")
+ Traceback (most recent call last):
+ HTTPError: HTTP Error 403: Forbidden
+"""
+
+import grok
+import zope.interface
+
+class View(grok.Permission):
+ grok.name('grok.ViewPainting')
+
+class Edit(grok.Permission):
+ grok.name('grok.EditPainting')
+
+class Erase(grok.Permission):
+ grok.name('grok.ErasePainting')
+
+class Approve(grok.Permission):
+ grok.name('grok.ApprovePainting')
+
+class PaintingOwner(grok.Role):
+ grok.name('grok.PaintingOwner')
+ grok.title('Painting Owner')
+ grok.permissions(
+ 'grok.ViewPainting', 'grok.EditPainting', 'grok.ErasePainting')
+
+class CavePainting(grok.View):
+
+ grok.context(zope.interface.Interface)
+ grok.require('grok.ViewPainting')
+
+ def render(self):
+ return 'What a beautiful painting.'
+
+class EditCavePainting(grok.View):
+
+ grok.context(zope.interface.Interface)
+ grok.require('grok.EditPainting')
+
+ def render(self):
+ return 'Let\'s make it even prettier.'
+
+class EraseCavePainting(grok.View):
+
+ grok.context(zope.interface.Interface)
+ grok.require('grok.ErasePainting')
+
+ def render(self):
+ return 'Oops, mistake, let\'s erase it.'
+
+class ApproveCavePainting(grok.View):
+
+ grok.context(zope.interface.Interface)
+ grok.require('grok.ApprovePainting')
+
+ def render(self):
+ return 'Painting owners cannot approve their paintings.'
Modified: grok/trunk/src/grok/interfaces.py
===================================================================
--- grok/trunk/src/grok/interfaces.py 2007-08-22 12:00:48 UTC (rev 79119)
+++ grok/trunk/src/grok/interfaces.py 2007-08-22 13:11:32 UTC (rev 79120)
@@ -122,14 +122,15 @@
name_in_container - the name to use for storing the utility
"""
- def define_permission(permission):
- """Defines a new permission with the id ``permission``."""
+ def permissions(permissions):
+ """Specify the permissions that comprise a role.
+ """
def require(permission):
"""Protect a view class or an XMLRPC method with ``permision``.
``permission`` must already be defined, e.g. using
- grok.define_permission.
+ grok.Permission.
grok.require can be used as a class-level directive or as a
method decorator."""
@@ -204,7 +205,7 @@
Note that context, module_info and templates might be required
for some grokkers which rely on them.
"""
-
+
def url(request, obj, name=None):
"""Generate the URL to an object with optional name attached.
"""
Modified: grok/trunk/src/grok/meta.py
===================================================================
--- grok/trunk/src/grok/meta.py 2007-08-22 12:00:48 UTC (rev 79119)
+++ grok/trunk/src/grok/meta.py 2007-08-22 13:11:32 UTC (rev 79120)
@@ -23,6 +23,9 @@
from zope.publisher.interfaces.xmlrpc import IXMLRPCRequest
from zope.security.permission import Permission
from zope.security.interfaces import IPermission
+from zope.app.securitypolicy.role import Role
+from zope.app.securitypolicy.rolepermission import rolePermissionManager
+
from zope.annotation.interfaces import IAnnotations
from zope.app.publisher.xmlrpc import MethodPublisher
@@ -489,26 +492,43 @@
site_manager.registerUtility(utility, provided=provides,
name=name)
+class DefinePermissionGrokker(martian.ClassGrokker):
+ component_class = grok.Permission
+ priority = 1500
-class DefinePermissionGrokker(martian.GlobalGrokker):
+ def grok(self, name, factory, context, module_info, templates):
+ permission_name = util.class_annotation(factory, 'grok.name', None)
+ if permission_name is None:
+ raise GrokError(
+ "A permission needs to have a dotted name for its id. Use "
+ "grok.name to specify one.", factory)
+ permission_name = unicode(permission_name)
+ title = unicode(
+ util.class_annotation(factory, 'grok.title', permission_name))
+ # TODO permission description
+ component.provideUtility(
+ Permission(permission_name, title=title),
+ name=permission_name)
+ return True
- priority = 1500
+class DefineRoleGrokker(martian.ClassGrokker):
+ component_class = grok.Role
+ priority = DefinePermissionGrokker.priority - 1
- def grok(self, name, module, context, module_info, templates):
- permissions = module_info.getAnnotation('grok.define_permission', [])
+ def grok(self, name, factory, context, module_info, templates):
+ role_name = util.class_annotation(factory, 'grok.name', None)
+ if role_name is None:
+ raise GrokError(
+ "A role needs to have a dotted name for its id. Use "
+ "grok.name to specify one.", factory)
+ title = util.class_annotation(factory, 'grok.title', role_name)
+ component.provideUtility(Role(role_name, title=title), name=role_name)
+
+ permissions = util.class_annotation(factory, 'grok.permissions', ())
for permission in permissions:
- # IPermission.title says that permission ids (and titles,
- # descriptions) *must* be unicode objects. Good news is
- # that the directive handler already made sure we either
- # got pure ASCII or unicode here:
- permission = unicode(permission)
- # TODO permission title and description
- component.provideUtility(Permission(permission, title=permission),
- name=permission)
-
+ rolePermissionManager.grantPermissionToRole(permission, role_name)
return True
-
class AnnotationGrokker(martian.ClassGrokker):
component_class = grok.Annotation
Modified: grok/trunk/src/grok/tests/security/missing_permission.py
===================================================================
--- grok/trunk/src/grok/tests/security/missing_permission.py 2007-08-22 12:00:48 UTC (rev 79119)
+++ grok/trunk/src/grok/tests/security/missing_permission.py 2007-08-22 13:11:32 UTC (rev 79120)
@@ -1,10 +1,12 @@
"""
-A permission has to be defined first (using grok.define_permission for
-example) before it can be used in grok.require().
+A permission has to be defined first (using grok.Permission for example)
+before it can be used in grok.require().
>>> grok.grok(__name__)
Traceback (most recent call last):
- GrokError: Undefined permission 'doesnt.exist' in <class 'grok.tests.security.missing_permission.MissingPermission'>. Use grok.define_permission first.
+ GrokError: Undefined permission 'doesnt.exist' in <class
+ 'grok.tests.security.missing_permission.MissingPermission'>. Use
+ grok.Permission first.
"""
Modified: grok/trunk/src/grok/tests/security/missing_permission_json.py
===================================================================
--- grok/trunk/src/grok/tests/security/missing_permission_json.py 2007-08-22 12:00:48 UTC (rev 79119)
+++ grok/trunk/src/grok/tests/security/missing_permission_json.py 2007-08-22 13:11:32 UTC (rev 79120)
@@ -1,10 +1,12 @@
"""
-A permission has to be defined first (using grok.define_permission for
-example) before it can be used in grok.require() in an JSON class.
+A permission has to be defined first (using grok.Permission for example)
+before it can be used in grok.require() in an JSON class.
>>> grok.grok(__name__)
Traceback (most recent call last):
- GrokError: Undefined permission 'doesnt.exist' in <class 'grok.tests.security.missing_permission_json.MissingPermission'>. Use grok.define_permission first.
+ GrokError: Undefined permission 'doesnt.exist' in <class
+ 'grok.tests.security.missing_permission_json.MissingPermission'>. Use
+ grok.Permission first.
"""
Modified: grok/trunk/src/grok/tests/security/missing_permission_json2.py
===================================================================
--- grok/trunk/src/grok/tests/security/missing_permission_json2.py 2007-08-22 12:00:48 UTC (rev 79119)
+++ grok/trunk/src/grok/tests/security/missing_permission_json2.py 2007-08-22 13:11:32 UTC (rev 79120)
@@ -1,10 +1,12 @@
"""
-A permission has to be defined first (using grok.define_permission for
-example) before it can be used in @grok.require().
+A permission has to be defined first (using grok.Permission for example)
+before it can be used in @grok.require().
>>> grok.grok(__name__)
Traceback (most recent call last):
- GrokError: Undefined permission 'doesnt.exist' in <class 'grok.tests.security.missing_permission_json2.MissingPermission'>. Use grok.define_permission first.
+ GrokError: Undefined permission 'doesnt.exist' in <class
+ 'grok.tests.security.missing_permission_json2.MissingPermission'>. Use
+ grok.Permission first.
"""
Added: grok/trunk/src/grok/tests/security/missing_permission_name.py
===================================================================
--- grok/trunk/src/grok/tests/security/missing_permission_name.py (rev 0)
+++ grok/trunk/src/grok/tests/security/missing_permission_name.py 2007-08-22 13:11:32 UTC (rev 79120)
@@ -0,0 +1,15 @@
+"""
+A role has to have a name to be defined.
+
+ >>> grok.grok(__name__)
+ Traceback (most recent call last):
+ ...
+ GrokError: A permission needs to have a dotted name for its id.
+ Use grok.name to specify one.
+"""
+
+import grok
+import zope.interface
+
+class MissingName(grok.Permission):
+ pass
Modified: grok/trunk/src/grok/tests/security/missing_permission_xmlrpc.py
===================================================================
--- grok/trunk/src/grok/tests/security/missing_permission_xmlrpc.py 2007-08-22 12:00:48 UTC (rev 79119)
+++ grok/trunk/src/grok/tests/security/missing_permission_xmlrpc.py 2007-08-22 13:11:32 UTC (rev 79120)
@@ -1,10 +1,12 @@
"""
-A permission has to be defined first (using grok.define_permission for
-example) before it can be used in grok.require() in an XMLRPC class.
+A permission has to be defined first (using grok.Permission for example)
+before it can be used in grok.require() in an XMLRPC class.
>>> grok.grok(__name__)
Traceback (most recent call last):
- GrokError: Undefined permission 'doesnt.exist' in <class 'grok.tests.security.missing_permission_xmlrpc.MissingPermission'>. Use grok.define_permission first.
+ GrokError: Undefined permission 'doesnt.exist' in <class
+ 'grok.tests.security.missing_permission_xmlrpc.MissingPermission'>. Use
+ grok.Permission first.
"""
Modified: grok/trunk/src/grok/tests/security/missing_permission_xmlrpc2.py
===================================================================
--- grok/trunk/src/grok/tests/security/missing_permission_xmlrpc2.py 2007-08-22 12:00:48 UTC (rev 79119)
+++ grok/trunk/src/grok/tests/security/missing_permission_xmlrpc2.py 2007-08-22 13:11:32 UTC (rev 79120)
@@ -1,10 +1,12 @@
"""
-A permission has to be defined first (using grok.define_permission for
-example) before it can be used in @grok.require().
+A permission has to be defined first (using grok.Permission for example)
+before it can be used in @grok.require().
>>> grok.grok(__name__)
Traceback (most recent call last):
- GrokError: Undefined permission 'doesnt.exist' in <class 'grok.tests.security.missing_permission_xmlrpc2.MissingPermission'>. Use grok.define_permission first.
+ GrokError: Undefined permission 'doesnt.exist' in <class
+ 'grok.tests.security.missing_permission_xmlrpc2.MissingPermission'>. Use
+ grok.Permission first.
"""
Modified: grok/trunk/src/grok/tests/security/missing_permission_xmlrpc3.py
===================================================================
--- grok/trunk/src/grok/tests/security/missing_permission_xmlrpc3.py 2007-08-22 12:00:48 UTC (rev 79119)
+++ grok/trunk/src/grok/tests/security/missing_permission_xmlrpc3.py 2007-08-22 13:11:32 UTC (rev 79120)
@@ -1,19 +1,22 @@
"""
-A permission has to be defined first (using grok.define_permission for
-example) before it can be used in grok.require() in an XMLRPC class. This
-is even the case for a default permission that is never used.
+A permission has to be defined first (using grok.Permission for example)
+before it can be used in grok.require() in an XMLRPC class. This is even the
+case for a default permission that is never used.
>>> grok.grok(__name__)
Traceback (most recent call last):
...
- GrokError: Undefined permission 'doesnt.exist' in <class 'grok.tests.security.missing_permission_xmlrpc3.MissingPermission'>. Use grok.define_permission first.
+ GrokError: Undefined permission 'doesnt.exist' in <class
+ 'grok.tests.security.missing_permission_xmlrpc3.MissingPermission'>. Use
+ grok.Permission first.
"""
import grok
import zope.interface
-grok.define_permission('foo')
+class Foo(grok.Permission):
+ grok.name('foo')
class MissingPermission(grok.XMLRPC):
grok.context(zope.interface.Interface)
Added: grok/trunk/src/grok/tests/security/missing_role_name.py
===================================================================
--- grok/trunk/src/grok/tests/security/missing_role_name.py (rev 0)
+++ grok/trunk/src/grok/tests/security/missing_role_name.py 2007-08-22 13:11:32 UTC (rev 79120)
@@ -0,0 +1,14 @@
+"""
+A role has to have a name to be defined.
+
+ >>> grok.grok(__name__)
+ Traceback (most recent call last):
+ GrokError: A role needs to have a dotted name for its id.
+ Use grok.name to specify one.
+"""
+
+import grok
+import zope.interface
+
+class MissingName(grok.Role):
+ pass
Modified: grok/trunk/src/grok/tests/security/multiple_require.py
===================================================================
--- grok/trunk/src/grok/tests/security/multiple_require.py 2007-08-22 12:00:48 UTC (rev 79119)
+++ grok/trunk/src/grok/tests/security/multiple_require.py 2007-08-22 13:11:32 UTC (rev 79120)
@@ -10,9 +10,12 @@
import grok
import zope.interface
-grok.define_permission('permission.1')
-grok.define_permission('permission.2')
+class One(grok.Permission):
+ grok.name('permission.1')
+class Two(grok.Permission):
+ grok.name('permission.2')
+
class MultipleView(grok.View):
grok.context(zope.interface.Interface)
grok.require('permission.1')
Modified: grok/trunk/src/grok/tests/security/multiple_require_json.py
===================================================================
--- grok/trunk/src/grok/tests/security/multiple_require_json.py 2007-08-22 12:00:48 UTC (rev 79119)
+++ grok/trunk/src/grok/tests/security/multiple_require_json.py 2007-08-22 13:11:32 UTC (rev 79120)
@@ -5,14 +5,17 @@
Traceback (most recent call last):
...
GrokError: grok.require was called multiple times in <class 'grok.tests.security.multiple_require_json.MultipleJSON'>. It may only be set once for a class.
-
+
"""
import grok
import zope.interface
-grok.define_permission('permission.1')
-grok.define_permission('permission.2')
+class One(grok.Permission):
+ grok.name('permission.1')
+class Two(grok.Permission):
+ grok.name('permission.2')
+
class MultipleJSON(grok.JSON):
grok.context(zope.interface.Interface)
grok.require('permission.1')
Modified: grok/trunk/src/grok/tests/security/multiple_require_xmlrpc.py
===================================================================
--- grok/trunk/src/grok/tests/security/multiple_require_xmlrpc.py 2007-08-22 12:00:48 UTC (rev 79119)
+++ grok/trunk/src/grok/tests/security/multiple_require_xmlrpc.py 2007-08-22 13:11:32 UTC (rev 79120)
@@ -9,9 +9,12 @@
import grok
import zope.interface
-grok.define_permission('permission.1')
-grok.define_permission('permission.2')
+class One(grok.Permission):
+ grok.name('permission.1')
+class Two(grok.Permission):
+ grok.name('permission.2')
+
class MultipleXMLRPC(grok.XMLRPC):
grok.context(zope.interface.Interface)
grok.require('permission.1')
Modified: grok/trunk/src/grok/tests/security/view_decorator.py
===================================================================
--- grok/trunk/src/grok/tests/security/view_decorator.py 2007-08-22 12:00:48 UTC (rev 79119)
+++ grok/trunk/src/grok/tests/security/view_decorator.py 2007-08-22 13:11:32 UTC (rev 79120)
@@ -11,7 +11,8 @@
import grok
import zope.interface
-grok.define_permission('bogus.perm')
+class Bogus(grok.Permission):
+ grok.name('bogus.perm')
class BogusView(grok.View):
grok.context(zope.interface.Interface)
Modified: grok/trunk/src/grok/util.py
===================================================================
--- grok/trunk/src/grok/util.py 2007-08-22 12:00:48 UTC (rev 79119)
+++ grok/trunk/src/grok/util.py 2007-08-22 13:11:32 UTC (rev 79120)
@@ -55,7 +55,7 @@
if component.queryUtility(IPermission,
name=permission) is None:
raise GrokError('Undefined permission %r in %r. Use '
- 'grok.define_permission first.'
+ 'grok.Permission first.'
% (permission, factory), factory)
def get_default_permission(factory):
More information about the Checkins
mailing list