[Checkins] SVN: grok/trunk/src/grok/ Get rid of security altogether
by implementing custom publication objects
Philipp von Weitershausen
philikon at philikon.de
Sat Jan 6 10:47:55 EST 2007
Log message for revision 71737:
Get rid of security altogether by implementing custom publication objects
Changed:
U grok/trunk/src/grok/components.py
U grok/trunk/src/grok/configure.zcml
A grok/trunk/src/grok/ftests/security/
A grok/trunk/src/grok/ftests/security/__init__.py
U grok/trunk/src/grok/ftests/test_grok_functional.py
U grok/trunk/src/grok/meta.py
A grok/trunk/src/grok/publication.py
D grok/trunk/src/grok/security.py
U grok/trunk/src/grok/templatereg.py
D grok/trunk/src/grok/tests/security/
U grok/trunk/src/grok/tests/test_grok.py
-=-
Modified: grok/trunk/src/grok/components.py
===================================================================
--- grok/trunk/src/grok/components.py 2007-01-06 15:47:22 UTC (rev 71736)
+++ grok/trunk/src/grok/components.py 2007-01-06 15:47:54 UTC (rev 71737)
@@ -22,7 +22,6 @@
from zope import schema
from zope import event
from zope.lifecycleevent import ObjectModifiedEvent
-from zope.security.proxy import removeSecurityProxy
from zope.publisher.browser import BrowserPage
from zope.publisher.interfaces import NotFound
from zope.publisher.interfaces.browser import (IBrowserPublisher,
@@ -44,7 +43,7 @@
from zope.app.container.interfaces import IReadContainer
from zope.app.component.site import SiteManagerContainer
-from grok import util, security, interfaces
+from grok import util, interfaces
class GrokkerBase(object):
@@ -124,9 +123,7 @@
interface.implements(interfaces.IGrokView)
def __init__(self, context, request):
- # Jim would say: WAAAAAAAAAAAAH!
- self.context = removeSecurityProxy(context)
- self.request = removeSecurityProxy(request)
+ super(View, self).__init__(context, request)
self.directory_resource = component.queryAdapter(self.request,
interface.Interface, name=self.module_info.package_dotted_name)
@@ -241,7 +238,6 @@
def __call__(self, request):
resource = DirectoryResource(self.__dir, request)
- resource.__Security_checker__ = security.GrokChecker()
resource.__name__ = self.__name
return resource
@@ -250,9 +246,8 @@
interface.implements(IBrowserPublisher)
def __init__(self, context, request):
- # Jim would say: WAAAAAAAAAAAAH!
- self.context = removeSecurityProxy(context)
- self.request = removeSecurityProxy(request)
+ self.context = context
+ self.request = request
def browserDefault(self, request):
view_name = getDefaultViewName(self.context, request)
Modified: grok/trunk/src/grok/configure.zcml
===================================================================
--- grok/trunk/src/grok/configure.zcml 2007-01-06 15:47:22 UTC (rev 71736)
+++ grok/trunk/src/grok/configure.zcml 2007-01-06 15:47:54 UTC (rev 71737)
@@ -23,4 +23,23 @@
provides="zope.traversing.browser.interfaces.IAbsoluteURL"
/>
+ <!-- this overrides Zope 3's publication factories because they have
+ the same name; we also need to change the priority because of
+ the ZCML descriminator -->
+ <publisher
+ name="XMLRPC"
+ factory=".publication.GrokXMLRPCFactory"
+ methods="POST"
+ mimetypes="text/xml"
+ priority="21"
+ />
+
+ <publisher
+ name="BROWSER"
+ factory=".publication.GrokBrowserFactory"
+ methods="GET POST HEAD"
+ mimetypes="*"
+ priority="11"
+ />
+
</configure>
Copied: grok/trunk/src/grok/ftests/security/__init__.py (from rev 71730, grok/trunk/src/grok/ftests/__init__.py)
Modified: grok/trunk/src/grok/ftests/test_grok_functional.py
===================================================================
--- grok/trunk/src/grok/ftests/test_grok_functional.py 2007-01-06 15:47:22 UTC (rev 71736)
+++ grok/trunk/src/grok/ftests/test_grok_functional.py 2007-01-06 15:47:54 UTC (rev 71737)
@@ -56,7 +56,8 @@
def test_suite():
suite = unittest.TestSuite()
- for name in ['view', 'static', 'xmlrpc', 'traversal', 'form', 'url']:
+ for name in ['view', 'static', 'xmlrpc', 'traversal', 'form', 'url',
+ 'security']:
suite.addTest(suiteFromPackage(name))
return suite
Modified: grok/trunk/src/grok/meta.py
===================================================================
--- grok/trunk/src/grok/meta.py 2007-01-06 15:47:22 UTC (rev 71736)
+++ grok/trunk/src/grok/meta.py 2007-01-06 15:47:54 UTC (rev 71737)
@@ -3,8 +3,6 @@
import zope.component.interface
from zope import interface, component
-from zope.security.checker import (defineChecker, getCheckerForInstancesOf,
- NoProxy)
from zope.publisher.interfaces.browser import (IDefaultBrowserLayer,
IBrowserRequest,
IBrowserPublisher)
@@ -12,16 +10,13 @@
from zope.publisher.interfaces.xmlrpc import IXMLRPCRequest
import grok
-from grok import util, components, security, formlib
+from grok import util, components, formlib
from grok.error import GrokError
class ModelGrokker(grok.ClassGrokker):
component_class = grok.Model
def register(self, context, name, factory, module_info, templates):
- if not getCheckerForInstancesOf(factory):
- defineChecker(factory, NoProxy)
-
for field in formlib.get_context_schema_fields(factory):
setattr(factory, field.__name__, field.default)
@@ -75,8 +70,7 @@
# views have a location
method_view = type(
factory.__name__, (factory, MethodPublisher),
- {'__call__': method,
- '__Security_checker__': security.GrokChecker()}
+ {'__call__': method}
)
component.provideAdapter(
method_view, (view_context, IXMLRPCRequest),
@@ -161,9 +155,6 @@
provides=interface.Interface,
name=view_name)
- # TODO minimal security here (read: everything is public)
- defineChecker(factory, NoProxy)
-
class TraverserGrokker(grok.ClassGrokker):
component_class = grok.Traverser
Added: grok/trunk/src/grok/publication.py
===================================================================
--- grok/trunk/src/grok/publication.py 2007-01-06 15:47:22 UTC (rev 71736)
+++ grok/trunk/src/grok/publication.py 2007-01-06 15:47:54 UTC (rev 71737)
@@ -0,0 +1,57 @@
+##############################################################################
+#
+# Copyright (c) 2006 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""Grok publication objects
+"""
+
+from zope.security.proxy import removeSecurityProxy
+
+from zope.app.publication.http import BaseHTTPPublication
+from zope.app.publication.browser import BrowserPublication
+from zope.app.publication.requestpublicationfactories import \
+ BrowserFactory, XMLRPCFactory
+
+
+class ZopePublicationSansProxy(object):
+
+ def getApplication(self, request):
+ result = super(ZopePublicationSansProxy, self).getApplication(request)
+ return removeSecurityProxy(result)
+
+ def traverseName(self, request, ob, name):
+ result = super(ZopePublicationSansProxy, self).traverseName(
+ request, ob, name)
+ return removeSecurityProxy(result)
+
+
+class GrokBrowserPublication(ZopePublicationSansProxy, BrowserPublication):
+
+ def getDefaultTraversal(self, request, ob):
+ obj, path = super(GrokBrowserPublication, self).getDefaultTraversal(
+ request, ob)
+ return removeSecurityProxy(obj), path
+
+class GrokBrowserFactory(BrowserFactory):
+
+ def __call__(self):
+ request, publication = super(GrokBrowserFactory, self).__call__()
+ return request, GrokBrowserPublication
+
+class GrokXMLRPCPublication(ZopePublicationSansProxy, BaseHTTPPublication):
+ pass
+
+class GrokXMLRPCFactory(XMLRPCFactory):
+
+ def __call__(self):
+ request, publication = super(GrokXMLRPCFactory, self).__call__()
+ return request, GrokXMLRPCPublication
Property changes on: grok/trunk/src/grok/publication.py
___________________________________________________________________
Name: svn:eol-style
+ native
Deleted: grok/trunk/src/grok/security.py
===================================================================
--- grok/trunk/src/grok/security.py 2007-01-06 15:47:22 UTC (rev 71736)
+++ grok/trunk/src/grok/security.py 2007-01-06 15:47:54 UTC (rev 71737)
@@ -1,45 +0,0 @@
-##############################################################################
-#
-# Copyright (c) 2006 Zope Corporation and Contributors.
-# All Rights Reserved.
-#
-# This software is subject to the provisions of the Zope Public License,
-# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
-# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
-# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
-# FOR A PARTICULAR PURPOSE.
-#
-##############################################################################
-"""Grok security-related stuff
-"""
-
-class GrokChecker(object):
- # ME GROK ANGRY.
- # ME GROK NOT KNOW WHY CHECKER.
-
- # We have no idea why we need a custom checker here. One hint was
- # that the DirectoryResource already does something manually with
- # setting up the 'correct' checker for itself and we seem to interfere
- # with that. However, we couldn't figure out what's going on and this
- # solves our problem for now.
-
- # XXX re-implement this in a sane way.
-
- def __init__(self):
- pass
-
- def check_getattr(self, object, name):
- pass
-
- def check_setattr(self, ob, name):
- pass
-
- def check(self, ob, operation):
- pass
-
- def proxy(self, value):
- return value
-
-
-
Modified: grok/trunk/src/grok/templatereg.py
===================================================================
--- grok/trunk/src/grok/templatereg.py 2007-01-06 15:47:22 UTC (rev 71736)
+++ grok/trunk/src/grok/templatereg.py 2007-01-06 15:47:54 UTC (rev 71737)
@@ -1,15 +1,15 @@
import os
from zope import interface, component
-from zope.security.checker import (defineChecker, getCheckerForInstancesOf,
- NoProxy)
from zope.publisher.interfaces.browser import IDefaultBrowserLayer
import grok
from grok import util
from grok.error import GrokError
+
class TemplateRegistry(object):
+
def __init__(self):
self._reg = {}
@@ -84,6 +84,3 @@
adapts=(context, IDefaultBrowserLayer),
provides=interface.Interface,
name=name)
-
- # TODO minimal security here (read: everything is public)
- defineChecker(TemplateView, NoProxy)
Modified: grok/trunk/src/grok/tests/test_grok.py
===================================================================
--- grok/trunk/src/grok/tests/test_grok.py 2007-01-06 15:47:22 UTC (rev 71736)
+++ grok/trunk/src/grok/tests/test_grok.py 2007-01-06 15:47:54 UTC (rev 71737)
@@ -32,7 +32,7 @@
def test_suite():
suite = unittest.TestSuite()
- for name in ['adapter', 'error', 'view', 'security', 'scan', 'event',
+ for name in ['adapter', 'error', 'view', 'scan', 'event',
'zcml', 'static', 'utility', 'xmlrpc', 'container',
'traversal', 'form', 'site', 'grokker']:
suite.addTest(suiteFromPackage(name))
More information about the Checkins
mailing list