[Checkins] SVN: zope.securitypolicy/trunk/src/zope/ Remove the app
namespace
Roger Ineichen
roger at projekt01.ch
Wed Sep 26 11:02:36 EDT 2007
Log message for revision 80108:
Remove the app namespace
Changed:
D zope.securitypolicy/trunk/src/zope/app/securitypolicy/
A zope.securitypolicy/trunk/src/zope/securitypolicy/
D zope.securitypolicy/trunk/src/zope/securitypolicy/browser/
D zope.securitypolicy/trunk/src/zope/securitypolicy/configure.zcml
A zope.securitypolicy/trunk/src/zope/securitypolicy/configure.zcml
D zope.securitypolicy/trunk/src/zope/securitypolicy/ftesting.zcml
D zope.securitypolicy/trunk/src/zope/securitypolicy/grantinfo.py
A zope.securitypolicy/trunk/src/zope/securitypolicy/grantinfo.py
D zope.securitypolicy/trunk/src/zope/securitypolicy/metaconfigure.py
A zope.securitypolicy/trunk/src/zope/securitypolicy/metaconfigure.py
D zope.securitypolicy/trunk/src/zope/securitypolicy/principalpermission.py
A zope.securitypolicy/trunk/src/zope/securitypolicy/principalpermission.py
D zope.securitypolicy/trunk/src/zope/securitypolicy/principalrole.py
A zope.securitypolicy/trunk/src/zope/securitypolicy/principalrole.py
D zope.securitypolicy/trunk/src/zope/securitypolicy/role.py
A zope.securitypolicy/trunk/src/zope/securitypolicy/role.py
D zope.securitypolicy/trunk/src/zope/securitypolicy/rolepermission.py
A zope.securitypolicy/trunk/src/zope/securitypolicy/rolepermission.py
D zope.securitypolicy/trunk/src/zope/securitypolicy/securitypolicy.zcml
A zope.securitypolicy/trunk/src/zope/securitypolicy/securitypolicy.zcml
D zope.securitypolicy/trunk/src/zope/securitypolicy/testing.py
D zope.securitypolicy/trunk/src/zope/securitypolicy/tests/
A zope.securitypolicy/trunk/src/zope/securitypolicy/tests/
D zope.securitypolicy/trunk/src/zope/securitypolicy/vocabulary.py
A zope.securitypolicy/trunk/src/zope/securitypolicy/vocabulary.py
D zope.securitypolicy/trunk/src/zope/securitypolicy/zopepolicy.py
A zope.securitypolicy/trunk/src/zope/securitypolicy/zopepolicy.py
D zope.securitypolicy/trunk/src/zope/securitypolicy/zopepolicy.txt
A zope.securitypolicy/trunk/src/zope/securitypolicy/zopepolicy.txt
-=-
Copied: zope.securitypolicy/trunk/src/zope/securitypolicy (from rev 80106, zope.securitypolicy/trunk/src/zope/app/securitypolicy)
Deleted: zope.securitypolicy/trunk/src/zope/securitypolicy/configure.zcml
===================================================================
--- zope.securitypolicy/trunk/src/zope/app/securitypolicy/configure.zcml 2007-09-26 14:51:44 UTC (rev 80106)
+++ zope.securitypolicy/trunk/src/zope/securitypolicy/configure.zcml 2007-09-26 15:02:36 UTC (rev 80108)
@@ -1,119 +0,0 @@
-<configure
- xmlns="http://namespaces.zope.org/zope"
- i18n_domain="zope"
- >
-
- <adapter
- factory=".rolepermission.AnnotationRolePermissionManager"
- provides=".interfaces.IRolePermissionManager"
- for="zope.annotation.interfaces.IAnnotatable"
- trusted="true"
- />
-
- <class class=".rolepermission.AnnotationRolePermissionManager">
- <require
- permission="zope.Security"
- attributes="grantPermissionToRole denyPermissionToRole
- unsetPermissionFromRole"
- />
- <allow
- interface=".interfaces.IRolePermissionMap"
- />
- </class>
-
- <adapter
- factory=".principalrole.AnnotationPrincipalRoleManager"
- provides=".interfaces.IPrincipalRoleManager"
- for="zope.annotation.interfaces.IAnnotatable"
- trusted="true"
- />
-
- <class class=".principalrole.AnnotationPrincipalRoleManager">
- <require
- permission="zope.Security"
- attributes="assignRoleToPrincipal removeRoleFromPrincipal
- unsetRoleForPrincipal"
- />
- <allow
- interface=".interfaces.IPrincipalRoleMap"
- />
- </class>
-
- <adapter
- factory=".principalpermission.AnnotationPrincipalPermissionManager"
- provides=".interfaces.IPrincipalPermissionManager"
- for="zope.annotation.interfaces.IAnnotatable"
- trusted="true"
- />
-
- <class class=".principalpermission.AnnotationPrincipalPermissionManager">
- <require
- permission="zope.Security"
- attributes="grantPermissionToPrincipal denyPermissionToPrincipal
- unsetPermissionForPrincipal"
- />
- <allow
- interface=".interfaces.IPrincipalPermissionMap"
- />
- </class>
-
- <adapter
- factory=".grantinfo.AnnotationGrantInfo"
- provides=".interfaces.IGrantInfo"
- for="zope.annotation.interfaces.IAnnotatable"
- />
-
- <!-- protect Roles and Permissions -->
- <class class=".role.LocalRole">
- <factory
- id="zope.security.role.Role"
- />
- <implements
- interface="zope.annotation.interfaces.IAttributeAnnotatable"
- />
- <require
- permission="zope.Security"
- interface=".interfaces.IRole"
- set_schema=".interfaces.IRole"
- />
- </class>
-
- <subscriber
- for=".interfaces.IRole
- zope.component.interfaces.IRegistered"
- handler=".role.setIdOnActivation"
- />
-
- <subscriber
- for=".interfaces.IRole
- zope.component.interfaces.IUnregistered"
- handler=".role.unsetIdOnDeactivation"
- />
-
- <!-- Include browser package -->
- <include package=".browser" />
-
-
- <!-- Vocabularies -->
-
- <utility
- component=".vocabulary.RoleIdsVocabulary"
- name="Role Ids"
- />
-
- <!-- Registering documentation with API doc -->
- <configure
- xmlns:apidoc="http://namespaces.zope.org/apidoc"
- xmlns:zcml="http://namespaces.zope.org/zcml"
- zcml:condition="have apidoc">
-
- <apidoc:bookchapter
- id="zopepolicy"
- title="Default Security Policy"
- doc_path="zopepolicy.txt"
- parent="security"
- />
-
- </configure>
-
-</configure>
Copied: zope.securitypolicy/trunk/src/zope/securitypolicy/configure.zcml (from rev 80107, zope.securitypolicy/trunk/src/zope/app/securitypolicy/configure.zcml)
===================================================================
--- zope.securitypolicy/trunk/src/zope/securitypolicy/configure.zcml (rev 0)
+++ zope.securitypolicy/trunk/src/zope/securitypolicy/configure.zcml 2007-09-26 15:02:36 UTC (rev 80108)
@@ -0,0 +1,113 @@
+<configure
+ xmlns="http://namespaces.zope.org/zope"
+ i18n_domain="zope">
+
+ <adapter
+ factory=".rolepermission.AnnotationRolePermissionManager"
+ provides=".interfaces.IRolePermissionManager"
+ for="zope.annotation.interfaces.IAnnotatable"
+ trusted="true"
+ />
+
+ <class class=".rolepermission.AnnotationRolePermissionManager">
+ <require
+ permission="zope.Security"
+ attributes="grantPermissionToRole denyPermissionToRole
+ unsetPermissionFromRole"
+ />
+ <allow
+ interface=".interfaces.IRolePermissionMap"
+ />
+ </class>
+
+ <adapter
+ factory=".principalrole.AnnotationPrincipalRoleManager"
+ provides=".interfaces.IPrincipalRoleManager"
+ for="zope.annotation.interfaces.IAnnotatable"
+ trusted="true"
+ />
+
+ <class class=".principalrole.AnnotationPrincipalRoleManager">
+ <require
+ permission="zope.Security"
+ attributes="assignRoleToPrincipal removeRoleFromPrincipal
+ unsetRoleForPrincipal"
+ />
+ <allow
+ interface=".interfaces.IPrincipalRoleMap"
+ />
+ </class>
+
+ <adapter
+ factory=".principalpermission.AnnotationPrincipalPermissionManager"
+ provides=".interfaces.IPrincipalPermissionManager"
+ for="zope.annotation.interfaces.IAnnotatable"
+ trusted="true"
+ />
+
+ <class class=".principalpermission.AnnotationPrincipalPermissionManager">
+ <require
+ permission="zope.Security"
+ attributes="grantPermissionToPrincipal denyPermissionToPrincipal
+ unsetPermissionForPrincipal"
+ />
+ <allow
+ interface=".interfaces.IPrincipalPermissionMap"
+ />
+ </class>
+
+ <adapter
+ factory=".grantinfo.AnnotationGrantInfo"
+ provides=".interfaces.IGrantInfo"
+ for="zope.annotation.interfaces.IAnnotatable"
+ />
+
+ <!-- protect Roles and Permissions -->
+ <class class=".role.LocalRole">
+ <factory
+ id="zope.security.role.Role"
+ />
+ <implements
+ interface="zope.annotation.interfaces.IAttributeAnnotatable"
+ />
+ <require
+ permission="zope.Security"
+ interface=".interfaces.IRole"
+ set_schema=".interfaces.IRole"
+ />
+ </class>
+
+ <subscriber
+ for=".interfaces.IRole
+ zope.component.interfaces.IRegistered"
+ handler=".role.setIdOnActivation"
+ />
+
+ <subscriber
+ for=".interfaces.IRole
+ zope.component.interfaces.IUnregistered"
+ handler=".role.unsetIdOnDeactivation"
+ />
+
+ <!-- Vocabularies -->
+ <utility
+ component=".vocabulary.RoleIdsVocabulary"
+ name="Role Ids"
+ />
+
+ <!-- Registering documentation with API doc -->
+ <configure
+ xmlns:apidoc="http://namespaces.zope.org/apidoc"
+ xmlns:zcml="http://namespaces.zope.org/zcml"
+ zcml:condition="have apidoc">
+
+ <apidoc:bookchapter
+ id="zopepolicy"
+ title="Default Security Policy"
+ doc_path="zopepolicy.txt"
+ parent="security"
+ />
+
+ </configure>
+
+</configure>
Deleted: zope.securitypolicy/trunk/src/zope/securitypolicy/ftesting.zcml
===================================================================
--- zope.securitypolicy/trunk/src/zope/app/securitypolicy/ftesting.zcml 2007-09-26 14:51:44 UTC (rev 80106)
+++ zope.securitypolicy/trunk/src/zope/securitypolicy/ftesting.zcml 2007-09-26 15:02:36 UTC (rev 80108)
@@ -1,41 +0,0 @@
-<configure
- xmlns="http://namespaces.zope.org/zope"
- i18n_domain="zope"
- package="zope.app.securitypolicy"
- >
-
- <!-- This file is the equivalent of site.zcml and it is -->
- <!-- used for functional testing setup -->
-
- <include package="zope.app.securitypolicy" file="meta.zcml" />
-
- <include package="zope.app.zcmlfiles" />
- <include package="zope.app.authentication" />
- <include package="zope.app.securitypolicy" />
-
- <securityPolicy
- component="zope.app.securitypolicy.zopepolicy.ZopeSecurityPolicy" />
-
- <role id="zope.Manager" title="Site Manager" />
- <role id="zope.Member" title="Site Member" />
-
- <grantAll role="zope.Manager" />
- <include package="zope.app.securitypolicy.tests" file="functional.zcml" />
-
- <!-- Principal that tests generally run as -->
- <principal
- id="zope.mgr"
- title="Manager"
- login="mgr"
- password="mgrpw" />
-
- <!-- Bootstrap principal used to make local grant to the principal above -->
- <principal
- id="zope.globalmgr"
- title="Manager"
- login="globalmgr"
- password="globalmgrpw" />
-
- <grant role="zope.Manager" principal="zope.globalmgr" />
-
-</configure>
Deleted: zope.securitypolicy/trunk/src/zope/securitypolicy/grantinfo.py
===================================================================
--- zope.securitypolicy/trunk/src/zope/app/securitypolicy/grantinfo.py 2007-09-26 14:51:44 UTC (rev 80106)
+++ zope.securitypolicy/trunk/src/zope/securitypolicy/grantinfo.py 2007-09-26 15:02:36 UTC (rev 80108)
@@ -1,77 +0,0 @@
-##############################################################################
-#
-# Copyright (c) 2004 Zope Corporation and Contributors.
-# All Rights Reserved.
-#
-# This software is subject to the provisions of the Zope Public License,
-# Version 2.0 (ZPL). A copy of the ZPL should accompany this distribution.
-# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
-# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
-# FOR A PARTICULAR PURPOSE.
-#
-##############################################################################
-"""Grant info
-
-$Id$
-"""
-from zope.annotation.interfaces import IAnnotations
-from zope.app.securitypolicy.interfaces import Unset
-from zope.app.securitypolicy.interfaces import IGrantInfo
-
-from zope.app.securitypolicy.principalpermission \
- import AnnotationPrincipalPermissionManager
-prinperkey = AnnotationPrincipalPermissionManager.key
-del AnnotationPrincipalPermissionManager
-
-from zope.app.securitypolicy.principalrole \
- import AnnotationPrincipalRoleManager
-prinrolekey = AnnotationPrincipalRoleManager.key
-del AnnotationPrincipalRoleManager
-
-from zope.app.securitypolicy.rolepermission \
- import AnnotationRolePermissionManager
-rolepermkey = AnnotationRolePermissionManager.key
-del AnnotationRolePermissionManager
-
-class AnnotationGrantInfo(object):
-
- prinper = prinrole = permrole = {}
-
- def __init__(self, context):
- self._context = context
- annotations = IAnnotations(context, None)
- if annotations is not None:
-
- prinper = annotations.get(prinperkey)
- if prinper is not None:
- self.prinper = prinper._bycol # by principals
-
- prinrole = annotations.get(prinrolekey)
- if prinrole is not None:
- self.prinrole = prinrole._bycol # by principals
-
- roleper = annotations.get(rolepermkey)
- if roleper is not None:
- self.permrole = roleper._byrow # by permission
-
- def __nonzero__(self):
- return bool(self.prinper or self.prinrole or self.permrole)
-
- def principalPermissionGrant(self, principal, permission):
- prinper = self.prinper.get(principal)
- if prinper:
- return prinper.get(permission, Unset)
- return Unset
-
- def getRolesForPermission(self, permission):
- permrole = self.permrole.get(permission)
- if permrole:
- return permrole.items()
- return ()
-
- def getRolesForPrincipal(self, principal):
- prinrole = self.prinrole.get(principal)
- if prinrole:
- return prinrole.items()
- return ()
Copied: zope.securitypolicy/trunk/src/zope/securitypolicy/grantinfo.py (from rev 80107, zope.securitypolicy/trunk/src/zope/app/securitypolicy/grantinfo.py)
===================================================================
--- zope.securitypolicy/trunk/src/zope/securitypolicy/grantinfo.py (rev 0)
+++ zope.securitypolicy/trunk/src/zope/securitypolicy/grantinfo.py 2007-09-26 15:02:36 UTC (rev 80108)
@@ -0,0 +1,77 @@
+##############################################################################
+#
+# Copyright (c) 2004 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.0 (ZPL). A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""Grant info
+
+$Id$
+"""
+from zope.annotation.interfaces import IAnnotations
+from zope.securitypolicy.interfaces import Unset
+from zope.securitypolicy.interfaces import IGrantInfo
+
+from zope.securitypolicy.principalpermission import \
+ AnnotationPrincipalPermissionManager
+prinperkey = AnnotationPrincipalPermissionManager.key
+del AnnotationPrincipalPermissionManager
+
+from zope.securitypolicy.principalrole import \
+ AnnotationPrincipalRoleManager
+prinrolekey = AnnotationPrincipalRoleManager.key
+del AnnotationPrincipalRoleManager
+
+from zope.securitypolicy.rolepermission import \
+ AnnotationRolePermissionManager
+rolepermkey = AnnotationRolePermissionManager.key
+del AnnotationRolePermissionManager
+
+class AnnotationGrantInfo(object):
+
+ prinper = prinrole = permrole = {}
+
+ def __init__(self, context):
+ self._context = context
+ annotations = IAnnotations(context, None)
+ if annotations is not None:
+
+ prinper = annotations.get(prinperkey)
+ if prinper is not None:
+ self.prinper = prinper._bycol # by principals
+
+ prinrole = annotations.get(prinrolekey)
+ if prinrole is not None:
+ self.prinrole = prinrole._bycol # by principals
+
+ roleper = annotations.get(rolepermkey)
+ if roleper is not None:
+ self.permrole = roleper._byrow # by permission
+
+ def __nonzero__(self):
+ return bool(self.prinper or self.prinrole or self.permrole)
+
+ def principalPermissionGrant(self, principal, permission):
+ prinper = self.prinper.get(principal)
+ if prinper:
+ return prinper.get(permission, Unset)
+ return Unset
+
+ def getRolesForPermission(self, permission):
+ permrole = self.permrole.get(permission)
+ if permrole:
+ return permrole.items()
+ return ()
+
+ def getRolesForPrincipal(self, principal):
+ prinrole = self.prinrole.get(principal)
+ if prinrole:
+ return prinrole.items()
+ return ()
Deleted: zope.securitypolicy/trunk/src/zope/securitypolicy/metaconfigure.py
===================================================================
--- zope.securitypolicy/trunk/src/zope/app/securitypolicy/metaconfigure.py 2007-09-26 14:51:44 UTC (rev 80106)
+++ zope.securitypolicy/trunk/src/zope/securitypolicy/metaconfigure.py 2007-09-26 15:02:36 UTC (rev 80108)
@@ -1,95 +0,0 @@
-##############################################################################
-#
-# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
-# All Rights Reserved.
-#
-# This software is subject to the provisions of the Zope Public License,
-# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
-# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
-# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
-# FOR A PARTICULAR PURPOSE.
-#
-##############################################################################
-""" Register security related configuration directives.
-
-$Id$
-"""
-from zope.configuration.exceptions import ConfigurationError
-from zope.component.zcml import utility
-
-from zope.app.securitypolicy.interfaces import IRole
-from zope.app.securitypolicy.role import Role
-from zope.app.securitypolicy.rolepermission \
- import rolePermissionManager as role_perm_mgr
-from zope.app.securitypolicy.principalpermission \
- import principalPermissionManager as principal_perm_mgr
-from zope.app.securitypolicy.principalrole \
- import principalRoleManager as principal_role_mgr
-
-
-def grant(_context, principal=None, role=None, permission=None):
- nspecified = ((principal is not None)
- + (role is not None)
- + (permission is not None)
- )
-
- if nspecified != 2:
- raise ConfigurationError(
- "Exactly two of the principal, role, and permission attributes "
- "must be specified")
-
- if principal:
- if role:
- _context.action(
- discriminator = ('grantRoleToPrincipal', role, principal),
- callable = principal_role_mgr.assignRoleToPrincipal,
- args = (role, principal)
- )
- else:
- _context.action(
- discriminator = ('grantPermissionToPrincipal',
- permission,
- principal),
- callable = principal_perm_mgr.grantPermissionToPrincipal,
- args = (permission, principal)
- )
- else:
- _context.action(
- discriminator = ('grantPermissionToRole', permission, role),
- callable = role_perm_mgr.grantPermissionToRole,
- args = (permission, role)
- )
-
-def grantAll(_context, principal=None, role=None):
- """Grant all permissions to a role or principal
- """
- nspecified = ((principal is not None)
- + (role is not None)
- )
-
- if nspecified != 1:
- raise ConfigurationError(
- "Exactly one of the principal and role attributes "
- "must be specified")
-
- if principal:
- _context.action(
- discriminator = ('grantAllPermissionsToPrincipal',
- principal),
- callable =
- principal_perm_mgr.grantAllPermissionsToPrincipal,
- args = (principal, )
- )
- else:
- _context.action(
- discriminator = ('grantAllPermissionsToRole', role),
- callable = role_perm_mgr.grantAllPermissionsToRole,
- args = (role, )
- )
-
-
-def defineRole(_context, id, title, description=''):
- role = Role(id, title, description)
- utility(_context, IRole, role, name=id)
-
Copied: zope.securitypolicy/trunk/src/zope/securitypolicy/metaconfigure.py (from rev 80107, zope.securitypolicy/trunk/src/zope/app/securitypolicy/metaconfigure.py)
===================================================================
--- zope.securitypolicy/trunk/src/zope/securitypolicy/metaconfigure.py (rev 0)
+++ zope.securitypolicy/trunk/src/zope/securitypolicy/metaconfigure.py 2007-09-26 15:02:36 UTC (rev 80108)
@@ -0,0 +1,95 @@
+##############################################################################
+#
+# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+""" Register security related configuration directives.
+
+$Id$
+"""
+from zope.configuration.exceptions import ConfigurationError
+from zope.component.zcml import utility
+
+from zope.securitypolicy.interfaces import IRole
+from zope.securitypolicy.role import Role
+from zope.securitypolicy.rolepermission import \
+ rolePermissionManager as role_perm_mgr
+from zope.securitypolicy.principalpermission import \
+ principalPermissionManager as principal_perm_mgr
+from zope.securitypolicy.principalrole import \
+ principalRoleManager as principal_role_mgr
+
+
+def grant(_context, principal=None, role=None, permission=None):
+ nspecified = ((principal is not None)
+ + (role is not None)
+ + (permission is not None)
+ )
+
+ if nspecified != 2:
+ raise ConfigurationError(
+ "Exactly two of the principal, role, and permission attributes "
+ "must be specified")
+
+ if principal:
+ if role:
+ _context.action(
+ discriminator = ('grantRoleToPrincipal', role, principal),
+ callable = principal_role_mgr.assignRoleToPrincipal,
+ args = (role, principal)
+ )
+ else:
+ _context.action(
+ discriminator = ('grantPermissionToPrincipal',
+ permission,
+ principal),
+ callable = principal_perm_mgr.grantPermissionToPrincipal,
+ args = (permission, principal)
+ )
+ else:
+ _context.action(
+ discriminator = ('grantPermissionToRole', permission, role),
+ callable = role_perm_mgr.grantPermissionToRole,
+ args = (permission, role)
+ )
+
+def grantAll(_context, principal=None, role=None):
+ """Grant all permissions to a role or principal
+ """
+ nspecified = ((principal is not None)
+ + (role is not None)
+ )
+
+ if nspecified != 1:
+ raise ConfigurationError(
+ "Exactly one of the principal and role attributes "
+ "must be specified")
+
+ if principal:
+ _context.action(
+ discriminator = ('grantAllPermissionsToPrincipal',
+ principal),
+ callable =
+ principal_perm_mgr.grantAllPermissionsToPrincipal,
+ args = (principal, )
+ )
+ else:
+ _context.action(
+ discriminator = ('grantAllPermissionsToRole', role),
+ callable = role_perm_mgr.grantAllPermissionsToRole,
+ args = (role, )
+ )
+
+
+def defineRole(_context, id, title, description=''):
+ role = Role(id, title, description)
+ utility(_context, IRole, role, name=id)
+
Deleted: zope.securitypolicy/trunk/src/zope/securitypolicy/principalpermission.py
===================================================================
--- zope.securitypolicy/trunk/src/zope/app/securitypolicy/principalpermission.py 2007-09-26 14:51:44 UTC (rev 80106)
+++ zope.securitypolicy/trunk/src/zope/securitypolicy/principalpermission.py 2007-09-26 15:02:36 UTC (rev 80108)
@@ -1,123 +0,0 @@
-##############################################################################
-#
-# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
-# All Rights Reserved.
-#
-# This software is subject to the provisions of the Zope Public License,
-# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
-# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
-# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
-# FOR A PARTICULAR PURPOSE.
-#
-##############################################################################
-"""Mappings between principals and permissions, stored in an object locally.
-
-$Id$
-"""
-
-from zope.interface import implements
-from zope.security.permission import allPermissions
-
-from zope.app.security.principal import checkPrincipal
-from zope.app.securitypolicy.interfaces import Allow, Deny, Unset
-from zope.app.securitypolicy.interfaces import IPrincipalPermissionManager
-from zope.app.securitypolicy.securitymap import SecurityMap
-from zope.app.securitypolicy.securitymap import AnnotationSecurityMap
-
-
-class AnnotationPrincipalPermissionManager(AnnotationSecurityMap):
- """Mappings between principals and permissions."""
-
- # the annotation key is a holdover from this module's old
- # location, but cannot change without breaking existing databases
- # It is also is misspelled, but that's OK. It just has to be unique.
- # we'll keep it as is, to prevent breaking old data:
- key = 'zopel.app.security.AnnotationPrincipalPermissionManager'
-
- implements(IPrincipalPermissionManager)
-
- def grantPermissionToPrincipal(self, permission_id, principal_id):
- AnnotationSecurityMap.addCell(self, permission_id, principal_id, Allow)
-
- def denyPermissionToPrincipal(self, permission_id, principal_id):
- AnnotationSecurityMap.addCell(self, permission_id, principal_id, Deny)
-
- unsetPermissionForPrincipal = AnnotationSecurityMap.delCell
- getPrincipalsForPermission = AnnotationSecurityMap.getRow
- getPermissionsForPrincipal = AnnotationSecurityMap.getCol
-
- def getSetting(self, permission_id, principal_id, default=Unset):
- return AnnotationSecurityMap.queryCell(
- self, permission_id, principal_id, default)
-
- getPrincipalsAndPermissions = AnnotationSecurityMap.getAllCells
-
-
-class PrincipalPermissionManager(SecurityMap):
- """Mappings between principals and permissions."""
-
- implements(IPrincipalPermissionManager)
-
- def grantPermissionToPrincipal(self, permission_id, principal_id,
- check=True):
- ''' See the interface IPrincipalPermissionManager '''
-
- if check:
- checkPrincipal(None, principal_id)
-
- self.addCell(permission_id, principal_id, Allow)
-
- def grantAllPermissionsToPrincipal(self, principal_id):
- ''' See the interface IPrincipalPermissionManager '''
-
- for permission_id in allPermissions(None):
- self.grantPermissionToPrincipal(permission_id, principal_id, False)
-
- def denyPermissionToPrincipal(self, permission_id, principal_id,
- check=True):
- ''' See the interface IPrincipalPermissionManager '''
-
- if check:
- checkPrincipal(None, principal_id)
-
- self.addCell(permission_id, principal_id, Deny)
-
- def unsetPermissionForPrincipal(self, permission_id, principal_id):
- ''' See the interface IPrincipalPermissionManager '''
-
- # Don't check validity intentionally.
- # After all, we certianly want to unset invalid ids.
-
- self.delCell(permission_id, principal_id)
-
- def getPrincipalsForPermission(self, permission_id):
- ''' See the interface IPrincipalPermissionManager '''
- return self.getRow(permission_id)
-
- def getPermissionsForPrincipal(self, principal_id):
- ''' See the interface IPrincipalPermissionManager '''
- return self.getCol(principal_id)
-
- def getSetting(self, permission_id, principal_id, default=Unset):
- ''' See the interface IPrincipalPermissionManager '''
- return self.queryCell(permission_id, principal_id, default)
-
- def getPrincipalsAndPermissions(self):
- ''' See the interface IPrincipalPermissionManager '''
- return self.getAllCells()
-
-
-# Permissions are our rows, and principals are our columns
-principalPermissionManager = PrincipalPermissionManager()
-
-
-# Register our cleanup with Testing.CleanUp to make writing unit tests
-# simpler.
-try:
- from zope.testing.cleanup import addCleanUp
-except ImportError:
- pass
-else:
- addCleanUp(principalPermissionManager._clear)
- del addCleanUp
Copied: zope.securitypolicy/trunk/src/zope/securitypolicy/principalpermission.py (from rev 80107, zope.securitypolicy/trunk/src/zope/app/securitypolicy/principalpermission.py)
===================================================================
--- zope.securitypolicy/trunk/src/zope/securitypolicy/principalpermission.py (rev 0)
+++ zope.securitypolicy/trunk/src/zope/securitypolicy/principalpermission.py 2007-09-26 15:02:36 UTC (rev 80108)
@@ -0,0 +1,124 @@
+##############################################################################
+#
+# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""Mappings between principals and permissions, stored in an object locally.
+
+$Id$
+"""
+
+from zope.interface import implements
+from zope.security.permission import allPermissions
+
+from zope.securitypolicy.interfaces import Allow, Deny, Unset
+from zope.securitypolicy.interfaces import IPrincipalPermissionManager
+from zope.securitypolicy.securitymap import SecurityMap
+from zope.securitypolicy.securitymap import AnnotationSecurityMap
+
+from zope.app.security.principal import checkPrincipal
+
+
+class AnnotationPrincipalPermissionManager(AnnotationSecurityMap):
+ """Mappings between principals and permissions."""
+
+ # the annotation key is a holdover from this module's old
+ # location, but cannot change without breaking existing databases
+ # It is also is misspelled, but that's OK. It just has to be unique.
+ # we'll keep it as is, to prevent breaking old data:
+ key = 'zopel.app.security.AnnotationPrincipalPermissionManager'
+
+ implements(IPrincipalPermissionManager)
+
+ def grantPermissionToPrincipal(self, permission_id, principal_id):
+ AnnotationSecurityMap.addCell(self, permission_id, principal_id, Allow)
+
+ def denyPermissionToPrincipal(self, permission_id, principal_id):
+ AnnotationSecurityMap.addCell(self, permission_id, principal_id, Deny)
+
+ unsetPermissionForPrincipal = AnnotationSecurityMap.delCell
+ getPrincipalsForPermission = AnnotationSecurityMap.getRow
+ getPermissionsForPrincipal = AnnotationSecurityMap.getCol
+
+ def getSetting(self, permission_id, principal_id, default=Unset):
+ return AnnotationSecurityMap.queryCell(
+ self, permission_id, principal_id, default)
+
+ getPrincipalsAndPermissions = AnnotationSecurityMap.getAllCells
+
+
+class PrincipalPermissionManager(SecurityMap):
+ """Mappings between principals and permissions."""
+
+ implements(IPrincipalPermissionManager)
+
+ def grantPermissionToPrincipal(self, permission_id, principal_id,
+ check=True):
+ ''' See the interface IPrincipalPermissionManager '''
+
+ if check:
+ checkPrincipal(None, principal_id)
+
+ self.addCell(permission_id, principal_id, Allow)
+
+ def grantAllPermissionsToPrincipal(self, principal_id):
+ ''' See the interface IPrincipalPermissionManager '''
+
+ for permission_id in allPermissions(None):
+ self.grantPermissionToPrincipal(permission_id, principal_id, False)
+
+ def denyPermissionToPrincipal(self, permission_id, principal_id,
+ check=True):
+ ''' See the interface IPrincipalPermissionManager '''
+
+ if check:
+ checkPrincipal(None, principal_id)
+
+ self.addCell(permission_id, principal_id, Deny)
+
+ def unsetPermissionForPrincipal(self, permission_id, principal_id):
+ ''' See the interface IPrincipalPermissionManager '''
+
+ # Don't check validity intentionally.
+ # After all, we certianly want to unset invalid ids.
+
+ self.delCell(permission_id, principal_id)
+
+ def getPrincipalsForPermission(self, permission_id):
+ ''' See the interface IPrincipalPermissionManager '''
+ return self.getRow(permission_id)
+
+ def getPermissionsForPrincipal(self, principal_id):
+ ''' See the interface IPrincipalPermissionManager '''
+ return self.getCol(principal_id)
+
+ def getSetting(self, permission_id, principal_id, default=Unset):
+ ''' See the interface IPrincipalPermissionManager '''
+ return self.queryCell(permission_id, principal_id, default)
+
+ def getPrincipalsAndPermissions(self):
+ ''' See the interface IPrincipalPermissionManager '''
+ return self.getAllCells()
+
+
+# Permissions are our rows, and principals are our columns
+principalPermissionManager = PrincipalPermissionManager()
+
+
+# Register our cleanup with Testing.CleanUp to make writing unit tests
+# simpler.
+try:
+ from zope.testing.cleanup import addCleanUp
+except ImportError:
+ pass
+else:
+ addCleanUp(principalPermissionManager._clear)
+ del addCleanUp
Deleted: zope.securitypolicy/trunk/src/zope/securitypolicy/principalrole.py
===================================================================
--- zope.securitypolicy/trunk/src/zope/app/securitypolicy/principalrole.py 2007-09-26 14:51:44 UTC (rev 80106)
+++ zope.securitypolicy/trunk/src/zope/securitypolicy/principalrole.py 2007-09-26 15:02:36 UTC (rev 80108)
@@ -1,113 +0,0 @@
-##############################################################################
-#
-# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
-# All Rights Reserved.
-#
-# This software is subject to the provisions of the Zope Public License,
-# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
-# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
-# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
-# FOR A PARTICULAR PURPOSE.
-#
-##############################################################################
-"""Mappings between principals and roles, stored in an object locally.
-
-$Id$
-"""
-from zope.interface import implements
-
-from zope.app.securitypolicy.interfaces import Allow, Deny, Unset
-from zope.app.securitypolicy.interfaces import IPrincipalRoleManager
-
-from zope.app.securitypolicy.securitymap import SecurityMap
-from zope.app.securitypolicy.securitymap import AnnotationSecurityMap
-
-from zope.app.security.principal import checkPrincipal
-from zope.app.securitypolicy.role import checkRole
-
-class AnnotationPrincipalRoleManager(AnnotationSecurityMap):
- """Mappings between principals and roles."""
-
- # the annotation key is a holdover from this module's old
- # location, but cannot change without breaking existing databases
- key = 'zope.app.security.AnnotationPrincipalRoleManager'
-
- implements(IPrincipalRoleManager)
-
- def assignRoleToPrincipal(self, role_id, principal_id):
- AnnotationSecurityMap.addCell(self, role_id, principal_id, Allow)
-
- def removeRoleFromPrincipal(self, role_id, principal_id):
- AnnotationSecurityMap.addCell(self, role_id, principal_id, Deny)
-
- unsetRoleForPrincipal = AnnotationSecurityMap.delCell
- getPrincipalsForRole = AnnotationSecurityMap.getRow
- getRolesForPrincipal = AnnotationSecurityMap.getCol
-
- def getSetting(self, role_id, principal_id):
- return AnnotationSecurityMap.queryCell(
- self, role_id, principal_id, default=Unset)
-
- getPrincipalsAndRoles = AnnotationSecurityMap.getAllCells
-
-
-class PrincipalRoleManager(SecurityMap):
- """Mappings between principals and roles."""
-
- implements(IPrincipalRoleManager)
-
- def assignRoleToPrincipal(self, role_id, principal_id, check=True):
- ''' See the interface IPrincipalRoleManager '''
-
- if check:
- checkPrincipal(None, principal_id)
- checkRole(None, role_id)
-
- self.addCell(role_id, principal_id, Allow)
-
- def removeRoleFromPrincipal(self, role_id, principal_id, check=True):
- ''' See the interface IPrincipalRoleManager '''
-
- if check:
- checkPrincipal(None, principal_id)
- checkRole(None, role_id)
-
- self.addCell(role_id, principal_id, Deny)
-
- def unsetRoleForPrincipal(self, role_id, principal_id):
- ''' See the interface IPrincipalRoleManager '''
-
- # Don't check validity intentionally.
- # After all, we certainly want to unset invalid ids.
-
- self.delCell(role_id, principal_id)
-
- def getPrincipalsForRole(self, role_id):
- ''' See the interface IPrincipalRoleMap '''
- return self.getRow(role_id)
-
- def getRolesForPrincipal(self, principal_id):
- ''' See the interface IPrincipalRoleMap '''
- return self.getCol(principal_id)
-
- def getSetting(self, role_id, principal_id):
- ''' See the interface IPrincipalRoleMap '''
- return self.queryCell(role_id, principal_id, default=Unset)
-
- def getPrincipalsAndRoles(self):
- ''' See the interface IPrincipalRoleMap '''
- return self.getAllCells()
-
-# Roles are our rows, and principals are our columns
-principalRoleManager = PrincipalRoleManager()
-
-# Register our cleanup with Testing.CleanUp to make writing unit tests
-# simpler.
-try:
- from zope.testing.cleanup import addCleanUp
-except ImportError:
- pass
-else:
- addCleanUp(principalRoleManager._clear)
- del addCleanUp
Copied: zope.securitypolicy/trunk/src/zope/securitypolicy/principalrole.py (from rev 80107, zope.securitypolicy/trunk/src/zope/app/securitypolicy/principalrole.py)
===================================================================
--- zope.securitypolicy/trunk/src/zope/securitypolicy/principalrole.py (rev 0)
+++ zope.securitypolicy/trunk/src/zope/securitypolicy/principalrole.py 2007-09-26 15:02:36 UTC (rev 80108)
@@ -0,0 +1,112 @@
+##############################################################################
+#
+# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""Mappings between principals and roles, stored in an object locally.
+
+$Id$
+"""
+from zope.interface import implements
+
+from zope.securitypolicy.interfaces import Allow, Deny, Unset
+from zope.securitypolicy.interfaces import IPrincipalRoleManager
+from zope.securitypolicy.securitymap import SecurityMap
+from zope.securitypolicy.securitymap import AnnotationSecurityMap
+from zope.securitypolicy.role import checkRole
+from zope.app.security.principal import checkPrincipal
+
+
+class AnnotationPrincipalRoleManager(AnnotationSecurityMap):
+ """Mappings between principals and roles."""
+
+ # the annotation key is a holdover from this module's old
+ # location, but cannot change without breaking existing databases
+ key = 'zope.app.security.AnnotationPrincipalRoleManager'
+
+ implements(IPrincipalRoleManager)
+
+ def assignRoleToPrincipal(self, role_id, principal_id):
+ AnnotationSecurityMap.addCell(self, role_id, principal_id, Allow)
+
+ def removeRoleFromPrincipal(self, role_id, principal_id):
+ AnnotationSecurityMap.addCell(self, role_id, principal_id, Deny)
+
+ unsetRoleForPrincipal = AnnotationSecurityMap.delCell
+ getPrincipalsForRole = AnnotationSecurityMap.getRow
+ getRolesForPrincipal = AnnotationSecurityMap.getCol
+
+ def getSetting(self, role_id, principal_id):
+ return AnnotationSecurityMap.queryCell(
+ self, role_id, principal_id, default=Unset)
+
+ getPrincipalsAndRoles = AnnotationSecurityMap.getAllCells
+
+
+class PrincipalRoleManager(SecurityMap):
+ """Mappings between principals and roles."""
+
+ implements(IPrincipalRoleManager)
+
+ def assignRoleToPrincipal(self, role_id, principal_id, check=True):
+ ''' See the interface IPrincipalRoleManager '''
+
+ if check:
+ checkPrincipal(None, principal_id)
+ checkRole(None, role_id)
+
+ self.addCell(role_id, principal_id, Allow)
+
+ def removeRoleFromPrincipal(self, role_id, principal_id, check=True):
+ ''' See the interface IPrincipalRoleManager '''
+
+ if check:
+ checkPrincipal(None, principal_id)
+ checkRole(None, role_id)
+
+ self.addCell(role_id, principal_id, Deny)
+
+ def unsetRoleForPrincipal(self, role_id, principal_id):
+ ''' See the interface IPrincipalRoleManager '''
+
+ # Don't check validity intentionally.
+ # After all, we certainly want to unset invalid ids.
+
+ self.delCell(role_id, principal_id)
+
+ def getPrincipalsForRole(self, role_id):
+ ''' See the interface IPrincipalRoleMap '''
+ return self.getRow(role_id)
+
+ def getRolesForPrincipal(self, principal_id):
+ ''' See the interface IPrincipalRoleMap '''
+ return self.getCol(principal_id)
+
+ def getSetting(self, role_id, principal_id):
+ ''' See the interface IPrincipalRoleMap '''
+ return self.queryCell(role_id, principal_id, default=Unset)
+
+ def getPrincipalsAndRoles(self):
+ ''' See the interface IPrincipalRoleMap '''
+ return self.getAllCells()
+
+# Roles are our rows, and principals are our columns
+principalRoleManager = PrincipalRoleManager()
+
+# Register our cleanup with Testing.CleanUp to make writing unit tests
+# simpler.
+try:
+ from zope.testing.cleanup import addCleanUp
+except ImportError:
+ pass
+else:
+ addCleanUp(principalRoleManager._clear)
+ del addCleanUp
Deleted: zope.securitypolicy/trunk/src/zope/securitypolicy/role.py
===================================================================
--- zope.securitypolicy/trunk/src/zope/app/securitypolicy/role.py 2007-09-26 14:51:44 UTC (rev 80106)
+++ zope.securitypolicy/trunk/src/zope/securitypolicy/role.py 2007-09-26 15:02:36 UTC (rev 80108)
@@ -1,109 +0,0 @@
-##############################################################################
-#
-# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
-# All Rights Reserved.
-#
-# This software is subject to the provisions of the Zope Public License,
-# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
-# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
-# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
-# FOR A PARTICULAR PURPOSE.
-#
-##############################################################################
-"""Role implementation
-
-$Id$
-"""
-__docformat__ = 'restructuredtext'
-
-from persistent import Persistent
-
-from zope.interface import implements
-from zope.component import getUtilitiesFor
-from zope.location import Location
-
-from zope.app.securitypolicy.interfaces import IRole
-
-from zope.i18nmessageid import ZopeMessageFactory as _
-NULL_ID = _('<role not activated>')
-
-
-class Role(object):
- implements(IRole)
-
- def __init__(self, id, title, description=""):
- self.id = id
- self.title = title
- self.description = description
-
-
-class LocalRole(Persistent, Location):
- implements(IRole)
-
- def __init__(self, title, description=""):
- self.id = NULL_ID
- self.title = title
- self.description = description
-
-def setIdOnActivation(role, event):
- """Set the permission id upon registration activation.
-
- Let's see how this notifier can be used. First we need to create an event
- using the permission instance and a registration stub:
-
- >>> class Registration:
- ... def __init__(self, obj, name):
- ... self.component = obj
- ... self.name = name
-
- >>> role1 = LocalRole('Role 1', 'A first role')
- >>> role1.id
- u'<role not activated>'
- >>> import zope.component.interfaces
- >>> event = zope.component.interfaces.Registered(
- ... Registration(role1, 'role1'))
-
- Now we pass the event into this function, and the id of the role should be
- set to 'role1'.
-
- >>> setIdOnActivation(role1, event)
- >>> role1.id
- 'role1'
- """
- role.id = event.object.name
-
-
-def unsetIdOnDeactivation(role, event):
- """Unset the permission id up registration deactivation.
-
- Let's see how this notifier can be used. First we need to create an event
- using the permission instance and a registration stub:
-
- >>> class Registration:
- ... def __init__(self, obj, name):
- ... self.component = obj
- ... self.name = name
-
- >>> role1 = LocalRole('Role 1', 'A first role')
- >>> role1.id = 'role1'
-
- >>> import zope.component.interfaces
- >>> event = zope.component.interfaces.Unregistered(
- ... Registration(role1, 'role1'))
-
- Now we pass the event into this function, and the id of the role should be
- set to NULL_ID.
-
- >>> unsetIdOnDeactivation(role1, event)
- >>> role1.id
- u'<role not activated>'
- """
- role.id = NULL_ID
-
-
-
-def checkRole(context, role_id):
- names = [name for name, util in getUtilitiesFor(IRole, context)]
- if not role_id in names:
- raise ValueError("Undefined role id", role_id)
Copied: zope.securitypolicy/trunk/src/zope/securitypolicy/role.py (from rev 80107, zope.securitypolicy/trunk/src/zope/app/securitypolicy/role.py)
===================================================================
--- zope.securitypolicy/trunk/src/zope/securitypolicy/role.py (rev 0)
+++ zope.securitypolicy/trunk/src/zope/securitypolicy/role.py 2007-09-26 15:02:36 UTC (rev 80108)
@@ -0,0 +1,109 @@
+##############################################################################
+#
+# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""Role implementation
+
+$Id$
+"""
+__docformat__ = 'restructuredtext'
+
+from persistent import Persistent
+
+from zope.interface import implements
+from zope.component import getUtilitiesFor
+from zope.location import Location
+
+from zope.securitypolicy.interfaces import IRole
+
+from zope.i18nmessageid import ZopeMessageFactory as _
+NULL_ID = _('<role not activated>')
+
+
+class Role(object):
+ implements(IRole)
+
+ def __init__(self, id, title, description=""):
+ self.id = id
+ self.title = title
+ self.description = description
+
+
+class LocalRole(Persistent, Location):
+ implements(IRole)
+
+ def __init__(self, title, description=""):
+ self.id = NULL_ID
+ self.title = title
+ self.description = description
+
+def setIdOnActivation(role, event):
+ """Set the permission id upon registration activation.
+
+ Let's see how this notifier can be used. First we need to create an event
+ using the permission instance and a registration stub:
+
+ >>> class Registration:
+ ... def __init__(self, obj, name):
+ ... self.component = obj
+ ... self.name = name
+
+ >>> role1 = LocalRole('Role 1', 'A first role')
+ >>> role1.id
+ u'<role not activated>'
+ >>> import zope.component.interfaces
+ >>> event = zope.component.interfaces.Registered(
+ ... Registration(role1, 'role1'))
+
+ Now we pass the event into this function, and the id of the role should be
+ set to 'role1'.
+
+ >>> setIdOnActivation(role1, event)
+ >>> role1.id
+ 'role1'
+ """
+ role.id = event.object.name
+
+
+def unsetIdOnDeactivation(role, event):
+ """Unset the permission id up registration deactivation.
+
+ Let's see how this notifier can be used. First we need to create an event
+ using the permission instance and a registration stub:
+
+ >>> class Registration:
+ ... def __init__(self, obj, name):
+ ... self.component = obj
+ ... self.name = name
+
+ >>> role1 = LocalRole('Role 1', 'A first role')
+ >>> role1.id = 'role1'
+
+ >>> import zope.component.interfaces
+ >>> event = zope.component.interfaces.Unregistered(
+ ... Registration(role1, 'role1'))
+
+ Now we pass the event into this function, and the id of the role should be
+ set to NULL_ID.
+
+ >>> unsetIdOnDeactivation(role1, event)
+ >>> role1.id
+ u'<role not activated>'
+ """
+ role.id = NULL_ID
+
+
+
+def checkRole(context, role_id):
+ names = [name for name, util in getUtilitiesFor(IRole, context)]
+ if not role_id in names:
+ raise ValueError("Undefined role id", role_id)
Deleted: zope.securitypolicy/trunk/src/zope/securitypolicy/rolepermission.py
===================================================================
--- zope.securitypolicy/trunk/src/zope/app/securitypolicy/rolepermission.py 2007-09-26 14:51:44 UTC (rev 80106)
+++ zope.securitypolicy/trunk/src/zope/securitypolicy/rolepermission.py 2007-09-26 15:02:36 UTC (rev 80108)
@@ -1,117 +0,0 @@
-##############################################################################
-#
-# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
-# All Rights Reserved.
-#
-# This software is subject to the provisions of the Zope Public License,
-# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
-# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
-# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
-# FOR A PARTICULAR PURPOSE.
-#
-##############################################################################
-"""Permission to Roles Manager (Adapter)
-
-$Id$
-"""
-from zope.interface import implements
-
-from zope.security.permission import allPermissions
-from zope.app.securitypolicy.role import checkRole
-
-from zope.app.securitypolicy.interfaces import Allow, Deny, Unset
-from zope.app.securitypolicy.interfaces import IRolePermissionManager
-from zope.app.securitypolicy.interfaces import IRolePermissionMap
-from zope.app.securitypolicy.securitymap import AnnotationSecurityMap
-from zope.app.securitypolicy.securitymap import SecurityMap
-
-
-class AnnotationRolePermissionManager(AnnotationSecurityMap):
- """Provide adapter that manages role permission data in an object attribute
- """
-
- # the annotation key is a holdover from this module's old
- # location, but cannot change without breaking existing databases
- key = 'zope.app.security.AnnotationRolePermissionManager'
-
- implements(IRolePermissionManager)
-
- def grantPermissionToRole(self, permission_id, role_id):
- AnnotationSecurityMap.addCell(self, permission_id, role_id, Allow)
-
- def denyPermissionToRole(self, permission_id, role_id):
- AnnotationSecurityMap.addCell(self, permission_id, role_id, Deny)
-
- unsetPermissionFromRole = AnnotationSecurityMap.delCell
- getRolesForPermission = AnnotationSecurityMap.getRow
- getPermissionsForRole = AnnotationSecurityMap.getCol
- getRolesAndPermissions = AnnotationSecurityMap.getAllCells
-
- def getSetting(self, permission_id, role_id):
- return AnnotationSecurityMap.queryCell(
- self, permission_id, role_id, default=Unset)
-
-
-class RolePermissionManager(SecurityMap):
- """Mappings between roles and permissions."""
-
- implements(IRolePermissionManager)
-
- def grantPermissionToRole(self, permission_id, role_id, check=True):
- '''See interface IRolePermissionMap'''
-
- if check:
- checkRole(None, role_id)
-
- self.addCell(permission_id, role_id, Allow)
-
- def grantAllPermissionsToRole(self, role_id):
- for permission_id in allPermissions(None):
- self.grantPermissionToRole(permission_id, role_id, False)
-
- def denyPermissionToRole(self, permission_id, role_id, check=True):
- '''See interface IRolePermissionMap'''
-
- if check:
- checkRole(None, role_id)
-
- self.addCell(permission_id, role_id, Deny)
-
- def unsetPermissionFromRole(self, permission_id, role_id):
- '''See interface IRolePermissionMap'''
-
- # Don't check validity intentionally.
- # After all, we certianly want to unset invalid ids.
-
- self.delCell(permission_id, role_id)
-
- def getRolesForPermission(self, permission_id):
- '''See interface IRolePermissionMap'''
- return self.getRow(permission_id)
-
- def getPermissionsForRole(self, role_id):
- '''See interface IRolePermissionMap'''
- return self.getCol(role_id)
-
- def getSetting(self, permission_id, role_id):
- '''See interface IRolePermissionMap'''
- return self.queryCell(permission_id, role_id)
-
- def getRolesAndPermissions(self):
- '''See interface IRolePermissionMap'''
- return self.getAllCells()
-
-# Permissions are our rows, and roles are our columns
-rolePermissionManager = RolePermissionManager()
-
-
-# Register our cleanup with Testing.CleanUp to make writing unit tests
-# simpler.
-try:
- from zope.testing.cleanup import addCleanUp
-except ImportError:
- pass
-else:
- addCleanUp(rolePermissionManager._clear)
- del addCleanUp
Copied: zope.securitypolicy/trunk/src/zope/securitypolicy/rolepermission.py (from rev 80107, zope.securitypolicy/trunk/src/zope/app/securitypolicy/rolepermission.py)
===================================================================
--- zope.securitypolicy/trunk/src/zope/securitypolicy/rolepermission.py (rev 0)
+++ zope.securitypolicy/trunk/src/zope/securitypolicy/rolepermission.py 2007-09-26 15:02:36 UTC (rev 80108)
@@ -0,0 +1,116 @@
+##############################################################################
+#
+# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""Permission to Roles Manager (Adapter)
+
+$Id$
+"""
+from zope.interface import implements
+
+from zope.security.permission import allPermissions
+from zope.securitypolicy.role import checkRole
+from zope.securitypolicy.interfaces import Allow, Deny, Unset
+from zope.securitypolicy.interfaces import IRolePermissionManager
+from zope.securitypolicy.interfaces import IRolePermissionMap
+from zope.securitypolicy.securitymap import AnnotationSecurityMap
+from zope.securitypolicy.securitymap import SecurityMap
+
+
+class AnnotationRolePermissionManager(AnnotationSecurityMap):
+ """Provide adapter that manages role permission data in an object attribute
+ """
+
+ # the annotation key is a holdover from this module's old
+ # location, but cannot change without breaking existing databases
+ key = 'zope.app.security.AnnotationRolePermissionManager'
+
+ implements(IRolePermissionManager)
+
+ def grantPermissionToRole(self, permission_id, role_id):
+ AnnotationSecurityMap.addCell(self, permission_id, role_id, Allow)
+
+ def denyPermissionToRole(self, permission_id, role_id):
+ AnnotationSecurityMap.addCell(self, permission_id, role_id, Deny)
+
+ unsetPermissionFromRole = AnnotationSecurityMap.delCell
+ getRolesForPermission = AnnotationSecurityMap.getRow
+ getPermissionsForRole = AnnotationSecurityMap.getCol
+ getRolesAndPermissions = AnnotationSecurityMap.getAllCells
+
+ def getSetting(self, permission_id, role_id):
+ return AnnotationSecurityMap.queryCell(
+ self, permission_id, role_id, default=Unset)
+
+
+class RolePermissionManager(SecurityMap):
+ """Mappings between roles and permissions."""
+
+ implements(IRolePermissionManager)
+
+ def grantPermissionToRole(self, permission_id, role_id, check=True):
+ '''See interface IRolePermissionMap'''
+
+ if check:
+ checkRole(None, role_id)
+
+ self.addCell(permission_id, role_id, Allow)
+
+ def grantAllPermissionsToRole(self, role_id):
+ for permission_id in allPermissions(None):
+ self.grantPermissionToRole(permission_id, role_id, False)
+
+ def denyPermissionToRole(self, permission_id, role_id, check=True):
+ '''See interface IRolePermissionMap'''
+
+ if check:
+ checkRole(None, role_id)
+
+ self.addCell(permission_id, role_id, Deny)
+
+ def unsetPermissionFromRole(self, permission_id, role_id):
+ '''See interface IRolePermissionMap'''
+
+ # Don't check validity intentionally.
+ # After all, we certianly want to unset invalid ids.
+
+ self.delCell(permission_id, role_id)
+
+ def getRolesForPermission(self, permission_id):
+ '''See interface IRolePermissionMap'''
+ return self.getRow(permission_id)
+
+ def getPermissionsForRole(self, role_id):
+ '''See interface IRolePermissionMap'''
+ return self.getCol(role_id)
+
+ def getSetting(self, permission_id, role_id):
+ '''See interface IRolePermissionMap'''
+ return self.queryCell(permission_id, role_id)
+
+ def getRolesAndPermissions(self):
+ '''See interface IRolePermissionMap'''
+ return self.getAllCells()
+
+# Permissions are our rows, and roles are our columns
+rolePermissionManager = RolePermissionManager()
+
+
+# Register our cleanup with Testing.CleanUp to make writing unit tests
+# simpler.
+try:
+ from zope.testing.cleanup import addCleanUp
+except ImportError:
+ pass
+else:
+ addCleanUp(rolePermissionManager._clear)
+ del addCleanUp
Deleted: zope.securitypolicy/trunk/src/zope/securitypolicy/securitypolicy.zcml
===================================================================
--- zope.securitypolicy/trunk/src/zope/app/securitypolicy/securitypolicy.zcml 2007-09-26 14:51:44 UTC (rev 80106)
+++ zope.securitypolicy/trunk/src/zope/securitypolicy/securitypolicy.zcml 2007-09-26 15:02:36 UTC (rev 80108)
@@ -1,24 +0,0 @@
-<configure
- xmlns="http://namespaces.zope.org/zope"
- i18n_domain="zope"
- >
-
- <include package="zope.app.securitypolicy" />
-
- <securityPolicy
- component="zope.app.securitypolicy.zopepolicy.ZopeSecurityPolicy" />
-
- <role id="zope.Anonymous" title="Everybody"
- description="All users have this role implicitly" />
- <role id="zope.Manager" title="Site Manager" />
- <role id="zope.Member" title="Site Member" />
-
- <!-- Replace the following directive if you don't want public access -->
- <grant permission="zope.View"
- role="zope.Anonymous" />
- <grant permission="zope.app.dublincore.view"
- role="zope.Anonymous" />
-
- <grantAll role="zope.Manager" />
-
-</configure>
\ No newline at end of file
Copied: zope.securitypolicy/trunk/src/zope/securitypolicy/securitypolicy.zcml (from rev 80107, zope.securitypolicy/trunk/src/zope/app/securitypolicy/securitypolicy.zcml)
===================================================================
--- zope.securitypolicy/trunk/src/zope/securitypolicy/securitypolicy.zcml (rev 0)
+++ zope.securitypolicy/trunk/src/zope/securitypolicy/securitypolicy.zcml 2007-09-26 15:02:36 UTC (rev 80108)
@@ -0,0 +1,23 @@
+<configure
+ xmlns="http://namespaces.zope.org/zope"
+ i18n_domain="zope">
+
+ <include package="zope.app.securitypolicy" />
+
+ <securityPolicy
+ component="zope.app.securitypolicy.zopepolicy.ZopeSecurityPolicy" />
+
+ <role id="zope.Anonymous" title="Everybody"
+ description="All users have this role implicitly" />
+ <role id="zope.Manager" title="Site Manager" />
+ <role id="zope.Member" title="Site Member" />
+
+ <!-- Replace the following directive if you don't want public access -->
+ <grant permission="zope.View"
+ role="zope.Anonymous" />
+ <grant permission="zope.app.dublincore.view"
+ role="zope.Anonymous" />
+
+ <grantAll role="zope.Manager" />
+
+</configure>
\ No newline at end of file
Deleted: zope.securitypolicy/trunk/src/zope/securitypolicy/testing.py
===================================================================
--- zope.securitypolicy/trunk/src/zope/app/securitypolicy/testing.py 2007-09-26 14:51:44 UTC (rev 80106)
+++ zope.securitypolicy/trunk/src/zope/securitypolicy/testing.py 2007-09-26 15:02:36 UTC (rev 80108)
@@ -1,26 +0,0 @@
-##############################################################################
-#
-# Copyright (c) 2007 Zope Corporation and Contributors.
-# All Rights Reserved.
-#
-# This software is subject to the provisions of the Zope Public License,
-# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
-# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
-# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
-# FOR A PARTICULAR PURPOSE.
-#
-##############################################################################
-"""zope.app.securitypolicy common test related classes/functions/objects.
-
-$Id$
-"""
-
-__docformat__ = "reStructuredText"
-
-import os
-from zope.app.testing.functional import ZCMLLayer
-
-SecurityPolicyLayer = ZCMLLayer(
- os.path.join(os.path.split(__file__)[0], 'ftesting.zcml'),
- __name__, 'SecurityPolicyLayer', allow_teardown=True)
Copied: zope.securitypolicy/trunk/src/zope/securitypolicy/tests (from rev 80107, zope.securitypolicy/trunk/src/zope/app/securitypolicy/tests)
Deleted: zope.securitypolicy/trunk/src/zope/securitypolicy/vocabulary.py
===================================================================
--- zope.securitypolicy/trunk/src/zope/app/securitypolicy/vocabulary.py 2007-09-26 14:51:44 UTC (rev 80106)
+++ zope.securitypolicy/trunk/src/zope/securitypolicy/vocabulary.py 2007-09-26 15:02:36 UTC (rev 80108)
@@ -1,78 +0,0 @@
-##############################################################################
-#
-# Copyright (c) 2004 Zope Corporation and Contributors.
-# All Rights Reserved.
-#
-# This software is subject to the provisions of the Zope Public License,
-# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
-# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
-# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
-# FOR A PARTICULAR PURPOSE.
-#
-##############################################################################
-"""Role Id Vocabulary.
-
-This vocabulary provides role IDs.
-
-$Id$
-"""
-__docformat__ = 'restructuredtext'
-
-import zope.component
-from zope.interface import implements, classProvides
-from zope.schema.vocabulary import SimpleTerm, SimpleVocabulary
-from zope.schema.interfaces import IVocabularyFactory
-
-from zope.app.securitypolicy.interfaces import IRole
-from zope.app.securitypolicy.interfaces import IGrantVocabulary
-
-
-class RoleIdsVocabulary(SimpleVocabulary):
- """A vocabular of role IDs.
-
- Term values are the role ID strings
- Term are stored by title
-
- To illustrate, we need to register the role IDs vocab:
-
- >>> from zope.app.testing.placelesssetup import setUp, tearDown
- >>> setUp()
- >>> from zope.schema.vocabulary import getVocabularyRegistry
- >>> registry = getVocabularyRegistry()
- >>> registry.register('Role Ids', RoleIdsVocabulary)
-
- Let's register some sample roles to test against them
-
- >>> from zope.app.securitypolicy.interfaces import IRole
- >>> from zope.app.securitypolicy.role import Role
- >>> from zope.app.testing import ztapi
- >>> ztapi.provideUtility(IRole, Role('a_id','a_title'), 'a_id')
- >>> ztapi.provideUtility(IRole, Role('b_id','b_title'), 'b_id')
-
- Let's lookup the roles using the vocabulary
-
- >>> vocab = registry.get(None, 'Role Ids')
-
- >>> vocab.getTermByToken('a_id').value
- u'a_id'
- >>> vocab.getTermByToken('b_id').value
- u'b_id'
-
- >>> tearDown()
-
- """
- classProvides(IVocabularyFactory)
-
- def __init__(self, context):
- terms = []
- roles = zope.component.getUtilitiesFor(IRole, context)
- for name, role in roles:
- terms.append(SimpleTerm(name, name, name))
- super(RoleIdsVocabulary, self).__init__(terms)
-
-
-class GrantVocabulary(SimpleVocabulary):
- """A vocabular for getting the RadioWidget via the Choice field."""
- classProvides(IVocabularyFactory)
- implements(IGrantVocabulary)
Copied: zope.securitypolicy/trunk/src/zope/securitypolicy/vocabulary.py (from rev 80107, zope.securitypolicy/trunk/src/zope/app/securitypolicy/vocabulary.py)
===================================================================
--- zope.securitypolicy/trunk/src/zope/securitypolicy/vocabulary.py (rev 0)
+++ zope.securitypolicy/trunk/src/zope/securitypolicy/vocabulary.py 2007-09-26 15:02:36 UTC (rev 80108)
@@ -0,0 +1,78 @@
+##############################################################################
+#
+# Copyright (c) 2004 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""Role Id Vocabulary.
+
+This vocabulary provides role IDs.
+
+$Id$
+"""
+__docformat__ = 'restructuredtext'
+
+import zope.component
+from zope.interface import implements, classProvides
+from zope.schema.vocabulary import SimpleTerm, SimpleVocabulary
+from zope.schema.interfaces import IVocabularyFactory
+
+from zope.securitypolicy.interfaces import IRole
+from zope.securitypolicy.interfaces import IGrantVocabulary
+
+
+class RoleIdsVocabulary(SimpleVocabulary):
+ """A vocabular of role IDs.
+
+ Term values are the role ID strings
+ Term are stored by title
+
+ To illustrate, we need to register the role IDs vocab:
+
+ >>> from zope.app.testing.placelesssetup import setUp, tearDown
+ >>> setUp()
+ >>> from zope.schema.vocabulary import getVocabularyRegistry
+ >>> registry = getVocabularyRegistry()
+ >>> registry.register('Role Ids', RoleIdsVocabulary)
+
+ Let's register some sample roles to test against them
+
+ >>> from zope.securitypolicy.interfaces import IRole
+ >>> from zope.securitypolicy.role import Role
+ >>> from zope.app.testing import ztapi
+ >>> ztapi.provideUtility(IRole, Role('a_id','a_title'), 'a_id')
+ >>> ztapi.provideUtility(IRole, Role('b_id','b_title'), 'b_id')
+
+ Let's lookup the roles using the vocabulary
+
+ >>> vocab = registry.get(None, 'Role Ids')
+
+ >>> vocab.getTermByToken('a_id').value
+ u'a_id'
+ >>> vocab.getTermByToken('b_id').value
+ u'b_id'
+
+ >>> tearDown()
+
+ """
+ classProvides(IVocabularyFactory)
+
+ def __init__(self, context):
+ terms = []
+ roles = zope.component.getUtilitiesFor(IRole, context)
+ for name, role in roles:
+ terms.append(SimpleTerm(name, name, name))
+ super(RoleIdsVocabulary, self).__init__(terms)
+
+
+class GrantVocabulary(SimpleVocabulary):
+ """A vocabular for getting the RadioWidget via the Choice field."""
+ classProvides(IVocabularyFactory)
+ implements(IGrantVocabulary)
Deleted: zope.securitypolicy/trunk/src/zope/securitypolicy/zopepolicy.py
===================================================================
--- zope.securitypolicy/trunk/src/zope/app/securitypolicy/zopepolicy.py 2007-09-26 14:51:44 UTC (rev 80106)
+++ zope.securitypolicy/trunk/src/zope/securitypolicy/zopepolicy.py 2007-09-26 15:02:36 UTC (rev 80108)
@@ -1,376 +0,0 @@
-##############################################################################
-#
-# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
-# All Rights Reserved.
-#
-# This software is subject to the provisions of the Zope Public License,
-# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
-# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
-# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
-# FOR A PARTICULAR PURPOSE.
-#
-##############################################################################
-"""Define Zope's default security policy
-
-$Id$
-"""
-
-import zope.interface
-
-from zope.security.checker import CheckerPublic
-from zope.security.management import system_user
-from zope.security.simplepolicies import ParanoidSecurityPolicy
-from zope.security.interfaces import ISecurityPolicy
-from zope.security.proxy import removeSecurityProxy
-
-from zope.app import zapi
-
-from zope.app.security.interfaces import PrincipalLookupError
-
-from zope.app.securitypolicy.principalpermission \
- import principalPermissionManager
-globalPrincipalPermissionSetting = principalPermissionManager.getSetting
-
-from zope.app.securitypolicy.rolepermission import rolePermissionManager
-globalRolesForPermission = rolePermissionManager.getRolesForPermission
-
-from zope.app.securitypolicy.principalrole import principalRoleManager
-globalRolesForPrincipal = principalRoleManager.getRolesForPrincipal
-
-from zope.app.securitypolicy.interfaces import Allow, Deny, Unset
-from zope.app.securitypolicy.interfaces import IRolePermissionMap
-from zope.app.securitypolicy.interfaces import IPrincipalPermissionMap
-from zope.app.securitypolicy.interfaces import IPrincipalRoleMap
-from zope.app.securitypolicy.interfaces import IGrantInfo
-
-SettingAsBoolean = {Allow: True, Deny: False, Unset: None, None: None}
-
-class CacheEntry:
- pass
-
-class ZopeSecurityPolicy(ParanoidSecurityPolicy):
- zope.interface.classProvides(ISecurityPolicy)
-
- def __init__(self, *args, **kw):
- ParanoidSecurityPolicy.__init__(self, *args, **kw)
- self._cache = {}
-
- def invalidate_cache(self):
- self._cache = {}
-
- def cache(self, parent):
- cache = self._cache.get(id(parent))
- if cache:
- cache = cache[0]
- else:
- cache = CacheEntry()
- self._cache[id(parent)] = cache, parent
- return cache
-
- def cached_decision(self, parent, principal, groups, permission):
- # Return the decision for a principal and permission
-
- cache = self.cache(parent)
- try:
- cache_decision = cache.decision
- except AttributeError:
- cache_decision = cache.decision = {}
-
- cache_decision_prin = cache_decision.get(principal)
- if not cache_decision_prin:
- cache_decision_prin = cache_decision[principal] = {}
-
- try:
- return cache_decision_prin[permission]
- except KeyError:
- pass
-
- # cache_decision_prin[permission] is the cached decision for a
- # principal and permission.
-
- decision = self.cached_prinper(parent, principal, groups, permission)
- if (decision is None) and groups:
- decision = self._group_based_cashed_prinper(parent, principal,
- groups, permission)
- if decision is not None:
- cache_decision_prin[permission] = decision
- return decision
-
- roles = self.cached_roles(parent, permission)
- if roles:
- prin_roles = self.cached_principal_roles(parent, principal)
- if groups:
- prin_roles = self.cached_principal_roles_w_groups(
- parent, principal, groups, prin_roles)
- for role, setting in prin_roles.items():
- if setting and (role in roles):
- cache_decision_prin[permission] = decision = True
- return decision
-
- cache_decision_prin[permission] = decision = False
- return decision
-
- def cached_prinper(self, parent, principal, groups, permission):
- # Compute the permission, if any, for the principal.
- cache = self.cache(parent)
- try:
- cache_prin = cache.prin
- except AttributeError:
- cache_prin = cache.prin = {}
-
- cache_prin_per = cache_prin.get(principal)
- if not cache_prin_per:
- cache_prin_per = cache_prin[principal] = {}
-
- try:
- return cache_prin_per[permission]
- except KeyError:
- pass
-
- if parent is None:
- prinper = SettingAsBoolean[
- globalPrincipalPermissionSetting(permission, principal, None)
- ]
- cache_prin_per[permission] = prinper
- return prinper
-
- prinper = IPrincipalPermissionMap(parent, None)
- if prinper is not None:
- prinper = SettingAsBoolean[
- prinper.getSetting(permission, principal, None)
- ]
- if prinper is not None:
- cache_prin_per[permission] = prinper
- return prinper
-
- parent = removeSecurityProxy(getattr(parent, '__parent__', None))
- prinper = self.cached_prinper(parent, principal, groups, permission)
- cache_prin_per[permission] = prinper
- return prinper
-
- def _group_based_cashed_prinper(self, parent, principal, groups,
- permission):
- denied = False
- for group_id, ggroups in groups:
- decision = self.cached_prinper(parent, group_id, ggroups,
- permission)
- if (decision is None) and ggroups:
- decision = self._group_based_cashed_prinper(
- parent, group_id, ggroups, permission)
-
- if decision is None:
- continue
-
- if decision:
- return decision
-
- denied = True
-
- if denied:
- return False
-
- return None
-
- def cached_roles(self, parent, permission):
- cache = self.cache(parent)
- try:
- cache_roles = cache.roles
- except AttributeError:
- cache_roles = cache.roles = {}
- try:
- return cache_roles[permission]
- except KeyError:
- pass
-
- if parent is None:
- roles = dict(
- [(role, 1)
- for (role, setting) in globalRolesForPermission(permission)
- if setting is Allow
- ]
- )
- cache_roles[permission] = roles
- return roles
-
- roles = self.cached_roles(
- removeSecurityProxy(getattr(parent, '__parent__', None)),
- permission)
- roleper = IRolePermissionMap(parent, None)
- if roleper:
- roles = roles.copy()
- for role, setting in roleper.getRolesForPermission(permission):
- if setting is Allow:
- roles[role] = 1
- elif role in roles:
- del roles[role]
-
- cache_roles[permission] = roles
- return roles
-
- def cached_principal_roles_w_groups(self, parent,
- principal, groups, prin_roles):
- denied = {}
- allowed = {}
- for group_id, ggroups in groups:
- group_roles = dict(self.cached_principal_roles(parent, group_id))
- if ggroups:
- group_roles = self.cached_principal_roles_w_groups(
- parent, group_id, ggroups, group_roles)
- for role, setting in group_roles.items():
- if setting:
- allowed[role] = setting
- else:
- denied[role] = setting
-
- denied.update(allowed)
- denied.update(prin_roles)
- return denied
-
- def cached_principal_roles(self, parent, principal):
- cache = self.cache(parent)
- try:
- cache_principal_roles = cache.principal_roles
- except AttributeError:
- cache_principal_roles = cache.principal_roles = {}
- try:
- return cache_principal_roles[principal]
- except KeyError:
- pass
-
- if parent is None:
- roles = dict(
- [(role, SettingAsBoolean[setting])
- for (role, setting) in globalRolesForPrincipal(principal)
- ]
- )
- roles['zope.Anonymous'] = True # Everybody has Anonymous
- cache_principal_roles[principal] = roles
- return roles
-
- roles = self.cached_principal_roles(
- removeSecurityProxy(getattr(parent, '__parent__', None)),
- principal)
-
- prinrole = IPrincipalRoleMap(parent, None)
- if prinrole:
- roles = roles.copy()
- for role, setting in prinrole.getRolesForPrincipal(principal):
- roles[role] = SettingAsBoolean[setting]
-
- cache_principal_roles[principal] = roles
- return roles
-
- def checkPermission(self, permission, object):
- if permission is CheckerPublic:
- return True
-
- object = removeSecurityProxy(object)
- seen = {}
- for participation in self.participations:
- principal = participation.principal
- if principal is system_user:
- continue # always allow system_user
-
- if principal.id in seen:
- continue
-
- if not self.cached_decision(
- object, principal.id, self._groupsFor(principal), permission,
- ):
- return False
-
- seen[principal.id] = 1
-
- return True
-
- def _findGroupsFor(self, principal, getPrincipal, seen):
- result = []
- for group_id in getattr(principal, 'groups', ()):
- if group_id in seen:
- # Dang, we have a cycle. We don't want to
- # raise an exception here (or do we), so we'll skip it
- continue
- seen.append(group_id)
-
- try:
- group = getPrincipal(group_id)
- except PrincipalLookupError:
- # It's bad if we have an undefined principal,
- # but we don't want to fail here. But we won't
- # honor any grants for the group. We'll just skip it.
- continue
-
- result.append((group_id,
- self._findGroupsFor(group, getPrincipal, seen)))
- seen.pop()
-
- return tuple(result)
-
- def _groupsFor(self, principal):
- groups = self._cache.get(principal.id)
- if groups is None:
- groups = getattr(principal, 'groups', ())
- if groups:
- getPrincipal = zapi.principals().getPrincipal
- groups = self._findGroupsFor(principal, getPrincipal, [])
- else:
- groups = ()
-
- self._cache[principal.id] = groups
-
- return groups
-
-def settingsForObject(ob):
- """Analysis tool to show all of the grants to a process
- """
- result = []
- while ob is not None:
- data = {}
- result.append((getattr(ob, '__name__', '(no name)'), data))
-
- principalPermissions = IPrincipalPermissionMap(ob, None)
- if principalPermissions is not None:
- settings = principalPermissions.getPrincipalsAndPermissions()
- settings.sort()
- data['principalPermissions'] = [
- {'principal': pr, 'permission': p, 'setting': s}
- for (p, pr, s) in settings]
-
- principalRoles = IPrincipalRoleMap(ob, None)
- if principalRoles is not None:
- settings = principalRoles.getPrincipalsAndRoles()
- data['principalRoles'] = [
- {'principal': p, 'role': r, 'setting': s}
- for (r, p, s) in settings]
-
- rolePermissions = IRolePermissionMap(ob, None)
- if rolePermissions is not None:
- settings = rolePermissions.getRolesAndPermissions()
- data['rolePermissions'] = [
- {'permission': p, 'role': r, 'setting': s}
- for (p, r, s) in settings]
-
- ob = getattr(ob, '__parent__', None)
-
- data = {}
- result.append(('global settings', data))
-
- settings = principalPermissionManager.getPrincipalsAndPermissions()
- settings.sort()
- data['principalPermissions'] = [
- {'principal': pr, 'permission': p, 'setting': s}
- for (p, pr, s) in settings]
-
- settings = principalRoleManager.getPrincipalsAndRoles()
- data['principalRoles'] = [
- {'principal': p, 'role': r, 'setting': s}
- for (r, p, s) in settings]
-
- settings = rolePermissionManager.getRolesAndPermissions()
- data['rolePermissions'] = [
- {'permission': p, 'role': r, 'setting': s}
- for (p, r, s) in settings]
-
- return result
-
Copied: zope.securitypolicy/trunk/src/zope/securitypolicy/zopepolicy.py (from rev 80107, zope.securitypolicy/trunk/src/zope/app/securitypolicy/zopepolicy.py)
===================================================================
--- zope.securitypolicy/trunk/src/zope/securitypolicy/zopepolicy.py (rev 0)
+++ zope.securitypolicy/trunk/src/zope/securitypolicy/zopepolicy.py 2007-09-26 15:02:36 UTC (rev 80108)
@@ -0,0 +1,375 @@
+##############################################################################
+#
+# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""Define Zope's default security policy
+
+$Id$
+"""
+
+import zope.interface
+
+from zope.security.checker import CheckerPublic
+from zope.security.management import system_user
+from zope.security.simplepolicies import ParanoidSecurityPolicy
+from zope.security.interfaces import ISecurityPolicy
+from zope.security.proxy import removeSecurityProxy
+
+from zope.app import zapi
+
+from zope.app.security.interfaces import PrincipalLookupError
+
+from zope.securitypolicy.principalpermission import principalPermissionManager
+globalPrincipalPermissionSetting = principalPermissionManager.getSetting
+
+from zope.securitypolicy.rolepermission import rolePermissionManager
+globalRolesForPermission = rolePermissionManager.getRolesForPermission
+
+from zope.securitypolicy.principalrole import principalRoleManager
+globalRolesForPrincipal = principalRoleManager.getRolesForPrincipal
+
+from zope.securitypolicy.interfaces import Allow, Deny, Unset
+from zope.securitypolicy.interfaces import IRolePermissionMap
+from zope.securitypolicy.interfaces import IPrincipalPermissionMap
+from zope.securitypolicy.interfaces import IPrincipalRoleMap
+from zope.securitypolicy.interfaces import IGrantInfo
+
+SettingAsBoolean = {Allow: True, Deny: False, Unset: None, None: None}
+
+class CacheEntry:
+ pass
+
+class ZopeSecurityPolicy(ParanoidSecurityPolicy):
+ zope.interface.classProvides(ISecurityPolicy)
+
+ def __init__(self, *args, **kw):
+ ParanoidSecurityPolicy.__init__(self, *args, **kw)
+ self._cache = {}
+
+ def invalidate_cache(self):
+ self._cache = {}
+
+ def cache(self, parent):
+ cache = self._cache.get(id(parent))
+ if cache:
+ cache = cache[0]
+ else:
+ cache = CacheEntry()
+ self._cache[id(parent)] = cache, parent
+ return cache
+
+ def cached_decision(self, parent, principal, groups, permission):
+ # Return the decision for a principal and permission
+
+ cache = self.cache(parent)
+ try:
+ cache_decision = cache.decision
+ except AttributeError:
+ cache_decision = cache.decision = {}
+
+ cache_decision_prin = cache_decision.get(principal)
+ if not cache_decision_prin:
+ cache_decision_prin = cache_decision[principal] = {}
+
+ try:
+ return cache_decision_prin[permission]
+ except KeyError:
+ pass
+
+ # cache_decision_prin[permission] is the cached decision for a
+ # principal and permission.
+
+ decision = self.cached_prinper(parent, principal, groups, permission)
+ if (decision is None) and groups:
+ decision = self._group_based_cashed_prinper(parent, principal,
+ groups, permission)
+ if decision is not None:
+ cache_decision_prin[permission] = decision
+ return decision
+
+ roles = self.cached_roles(parent, permission)
+ if roles:
+ prin_roles = self.cached_principal_roles(parent, principal)
+ if groups:
+ prin_roles = self.cached_principal_roles_w_groups(
+ parent, principal, groups, prin_roles)
+ for role, setting in prin_roles.items():
+ if setting and (role in roles):
+ cache_decision_prin[permission] = decision = True
+ return decision
+
+ cache_decision_prin[permission] = decision = False
+ return decision
+
+ def cached_prinper(self, parent, principal, groups, permission):
+ # Compute the permission, if any, for the principal.
+ cache = self.cache(parent)
+ try:
+ cache_prin = cache.prin
+ except AttributeError:
+ cache_prin = cache.prin = {}
+
+ cache_prin_per = cache_prin.get(principal)
+ if not cache_prin_per:
+ cache_prin_per = cache_prin[principal] = {}
+
+ try:
+ return cache_prin_per[permission]
+ except KeyError:
+ pass
+
+ if parent is None:
+ prinper = SettingAsBoolean[
+ globalPrincipalPermissionSetting(permission, principal, None)
+ ]
+ cache_prin_per[permission] = prinper
+ return prinper
+
+ prinper = IPrincipalPermissionMap(parent, None)
+ if prinper is not None:
+ prinper = SettingAsBoolean[
+ prinper.getSetting(permission, principal, None)
+ ]
+ if prinper is not None:
+ cache_prin_per[permission] = prinper
+ return prinper
+
+ parent = removeSecurityProxy(getattr(parent, '__parent__', None))
+ prinper = self.cached_prinper(parent, principal, groups, permission)
+ cache_prin_per[permission] = prinper
+ return prinper
+
+ def _group_based_cashed_prinper(self, parent, principal, groups,
+ permission):
+ denied = False
+ for group_id, ggroups in groups:
+ decision = self.cached_prinper(parent, group_id, ggroups,
+ permission)
+ if (decision is None) and ggroups:
+ decision = self._group_based_cashed_prinper(
+ parent, group_id, ggroups, permission)
+
+ if decision is None:
+ continue
+
+ if decision:
+ return decision
+
+ denied = True
+
+ if denied:
+ return False
+
+ return None
+
+ def cached_roles(self, parent, permission):
+ cache = self.cache(parent)
+ try:
+ cache_roles = cache.roles
+ except AttributeError:
+ cache_roles = cache.roles = {}
+ try:
+ return cache_roles[permission]
+ except KeyError:
+ pass
+
+ if parent is None:
+ roles = dict(
+ [(role, 1)
+ for (role, setting) in globalRolesForPermission(permission)
+ if setting is Allow
+ ]
+ )
+ cache_roles[permission] = roles
+ return roles
+
+ roles = self.cached_roles(
+ removeSecurityProxy(getattr(parent, '__parent__', None)),
+ permission)
+ roleper = IRolePermissionMap(parent, None)
+ if roleper:
+ roles = roles.copy()
+ for role, setting in roleper.getRolesForPermission(permission):
+ if setting is Allow:
+ roles[role] = 1
+ elif role in roles:
+ del roles[role]
+
+ cache_roles[permission] = roles
+ return roles
+
+ def cached_principal_roles_w_groups(self, parent,
+ principal, groups, prin_roles):
+ denied = {}
+ allowed = {}
+ for group_id, ggroups in groups:
+ group_roles = dict(self.cached_principal_roles(parent, group_id))
+ if ggroups:
+ group_roles = self.cached_principal_roles_w_groups(
+ parent, group_id, ggroups, group_roles)
+ for role, setting in group_roles.items():
+ if setting:
+ allowed[role] = setting
+ else:
+ denied[role] = setting
+
+ denied.update(allowed)
+ denied.update(prin_roles)
+ return denied
+
+ def cached_principal_roles(self, parent, principal):
+ cache = self.cache(parent)
+ try:
+ cache_principal_roles = cache.principal_roles
+ except AttributeError:
+ cache_principal_roles = cache.principal_roles = {}
+ try:
+ return cache_principal_roles[principal]
+ except KeyError:
+ pass
+
+ if parent is None:
+ roles = dict(
+ [(role, SettingAsBoolean[setting])
+ for (role, setting) in globalRolesForPrincipal(principal)
+ ]
+ )
+ roles['zope.Anonymous'] = True # Everybody has Anonymous
+ cache_principal_roles[principal] = roles
+ return roles
+
+ roles = self.cached_principal_roles(
+ removeSecurityProxy(getattr(parent, '__parent__', None)),
+ principal)
+
+ prinrole = IPrincipalRoleMap(parent, None)
+ if prinrole:
+ roles = roles.copy()
+ for role, setting in prinrole.getRolesForPrincipal(principal):
+ roles[role] = SettingAsBoolean[setting]
+
+ cache_principal_roles[principal] = roles
+ return roles
+
+ def checkPermission(self, permission, object):
+ if permission is CheckerPublic:
+ return True
+
+ object = removeSecurityProxy(object)
+ seen = {}
+ for participation in self.participations:
+ principal = participation.principal
+ if principal is system_user:
+ continue # always allow system_user
+
+ if principal.id in seen:
+ continue
+
+ if not self.cached_decision(
+ object, principal.id, self._groupsFor(principal), permission,
+ ):
+ return False
+
+ seen[principal.id] = 1
+
+ return True
+
+ def _findGroupsFor(self, principal, getPrincipal, seen):
+ result = []
+ for group_id in getattr(principal, 'groups', ()):
+ if group_id in seen:
+ # Dang, we have a cycle. We don't want to
+ # raise an exception here (or do we), so we'll skip it
+ continue
+ seen.append(group_id)
+
+ try:
+ group = getPrincipal(group_id)
+ except PrincipalLookupError:
+ # It's bad if we have an undefined principal,
+ # but we don't want to fail here. But we won't
+ # honor any grants for the group. We'll just skip it.
+ continue
+
+ result.append((group_id,
+ self._findGroupsFor(group, getPrincipal, seen)))
+ seen.pop()
+
+ return tuple(result)
+
+ def _groupsFor(self, principal):
+ groups = self._cache.get(principal.id)
+ if groups is None:
+ groups = getattr(principal, 'groups', ())
+ if groups:
+ getPrincipal = zapi.principals().getPrincipal
+ groups = self._findGroupsFor(principal, getPrincipal, [])
+ else:
+ groups = ()
+
+ self._cache[principal.id] = groups
+
+ return groups
+
+def settingsForObject(ob):
+ """Analysis tool to show all of the grants to a process
+ """
+ result = []
+ while ob is not None:
+ data = {}
+ result.append((getattr(ob, '__name__', '(no name)'), data))
+
+ principalPermissions = IPrincipalPermissionMap(ob, None)
+ if principalPermissions is not None:
+ settings = principalPermissions.getPrincipalsAndPermissions()
+ settings.sort()
+ data['principalPermissions'] = [
+ {'principal': pr, 'permission': p, 'setting': s}
+ for (p, pr, s) in settings]
+
+ principalRoles = IPrincipalRoleMap(ob, None)
+ if principalRoles is not None:
+ settings = principalRoles.getPrincipalsAndRoles()
+ data['principalRoles'] = [
+ {'principal': p, 'role': r, 'setting': s}
+ for (r, p, s) in settings]
+
+ rolePermissions = IRolePermissionMap(ob, None)
+ if rolePermissions is not None:
+ settings = rolePermissions.getRolesAndPermissions()
+ data['rolePermissions'] = [
+ {'permission': p, 'role': r, 'setting': s}
+ for (p, r, s) in settings]
+
+ ob = getattr(ob, '__parent__', None)
+
+ data = {}
+ result.append(('global settings', data))
+
+ settings = principalPermissionManager.getPrincipalsAndPermissions()
+ settings.sort()
+ data['principalPermissions'] = [
+ {'principal': pr, 'permission': p, 'setting': s}
+ for (p, pr, s) in settings]
+
+ settings = principalRoleManager.getPrincipalsAndRoles()
+ data['principalRoles'] = [
+ {'principal': p, 'role': r, 'setting': s}
+ for (r, p, s) in settings]
+
+ settings = rolePermissionManager.getRolesAndPermissions()
+ data['rolePermissions'] = [
+ {'permission': p, 'role': r, 'setting': s}
+ for (p, r, s) in settings]
+
+ return result
+
Deleted: zope.securitypolicy/trunk/src/zope/securitypolicy/zopepolicy.txt
===================================================================
--- zope.securitypolicy/trunk/src/zope/app/securitypolicy/zopepolicy.txt 2007-09-26 14:51:44 UTC (rev 80106)
+++ zope.securitypolicy/trunk/src/zope/securitypolicy/zopepolicy.txt 2007-09-26 15:02:36 UTC (rev 80108)
@@ -1,653 +0,0 @@
-Classic Zope Security Policy
-============================
-
-This package implements a role-based security policy similar to the
-policy found in Zope 2. The security policy is responsible for
-deciding whether an interaction has a permission on an object. This
-security policy does this using grant and denial information. Managers
-can grant or deny:
-
- - roles to principals,
-
- - permissions to principals, and
-
- - permissions to roles
-
-Grants and denials are stored as annotations on objects. To store
-grants and denials, objects must be annotatable:
-
- >>> import zope.interface
- >>> from zope.annotation.interfaces import IAttributeAnnotatable
- >>> class Ob:
- ... zope.interface.implements(IAttributeAnnotatable)
-
- >>> ob = Ob()
-
-We use objects to represent principals. These objects implement an
-interface named `IPrincipal`, but the security policy only uses the `id`
-and `groups` attributes:
-
- >>> class Principal:
- ... def __init__(self, id):
- ... self.id = id
- ... self.groups = []
-
- >>> principal = Principal('bob')
-
-Roles and permissions are also represented by objects, however, for
-the purposes of the security policy, only string `ids` are used.
-
-The security policy provides a factory for creating interactions:
-
- >>> import zope.app.securitypolicy.zopepolicy
- >>> interaction = zope.app.securitypolicy.zopepolicy.ZopeSecurityPolicy()
-
-An interaction represents a specific interaction between some
-principals (normally users) and the system. Normally, we are only
-concerned with the interaction of one principal with the system, although
-we can have interactions of multiple principals. Multiple-principal
-interactions normally occur when untrusted users store code on a
-system for later execution. When untrusted code is executing, the
-authors of the code participate in the interaction. An
-interaction has a permission on an object only if all of the
-principals participating in the interaction have access to the object.
-
-The `checkPermission` method on interactions is used to test whether
-an interaction has a permission for an object. An interaction without
-participants always has every permission:
-
- >>> interaction.checkPermission('P1', ob)
- True
-
-In this example, 'P1' is a permission id.
-
-Normally, interactions have participants:
-
- >>> class Participation:
- ... interaction = None
- >>> participation = Participation()
- >>> participation.principal = principal
- >>> interaction.add(participation)
-
-If we have participants, then we don't have a permission unless there
-are grants:
-
- >>> interaction.checkPermission('P1', ob)
- False
-
-Note, however, that we always have the CheckerPublic permission:
-
- >>> from zope.security.checker import CheckerPublic
- >>> interaction.checkPermission(CheckerPublic, ob)
- True
-
-We make grants and denials on objects by adapting them to various
-granting interfaces. The objects returned from the adaptation are
-object-specific manager objects:
-
- >>> from zope.app.securitypolicy import interfaces
- >>> roleper = interfaces.IRolePermissionManager(ob)
- >>> prinrole = interfaces.IPrincipalRoleManager(ob)
- >>> prinper = interfaces.IPrincipalPermissionManager(ob)
-
-The computations involved in checking permissions can be
-significant. To reduce the computational cost, caching is used
-extensively. We could invalidate the cache as we make grants, but the
-adapters for making grants will automatically invalidate the cache of
-the current interaction. They use the security-management apis to do
-this. To take advantage of the cache invalidation, we'll need to let
-the security-management system manage our interactions. First, we'll
-set our security policy as the default:
-
- >>> import zope.security.management
- >>> oldpolicy = zope.security.management.setSecurityPolicy(
- ... zope.app.securitypolicy.zopepolicy.ZopeSecurityPolicy)
-
-and then we'll create a new interaction:
-
- >>> participation = Participation()
- >>> participation.principal = principal
- >>> zope.security.management.newInteraction(participation)
- >>> interaction = zope.security.management.getInteraction()
-
-We normally provide access by granting permissions to roles for an object:
-
- >>> roleper.grantPermissionToRole('P1', 'R1')
-
-and then granting roles to principals for an object (local roles):
-
- >>> prinrole.assignRoleToPrincipal('R1', 'bob')
-
-The combination of these grants, which we call a role-based grant,
-provides the permission:
-
- >>> interaction.checkPermission('P1', ob)
- True
-
-We can also provide a permission directly:
-
- >>> prinper.grantPermissionToPrincipal('P2', 'bob')
- >>> interaction.checkPermission('P2', ob)
- True
-
-Permission grants or denials override role-based grant or denials. So
-if we deny P1:
-
- >>> prinper.denyPermissionToPrincipal('P1', 'bob')
-
-we cause the interaction to lack the permission, despite the role
-grants:
-
- >>> interaction.checkPermission('P1', ob)
- False
-
-Similarly, even if we have a role-based denial of P2:
-
- >>> roleper.denyPermissionToRole('P2', 'R1')
-
-we still have access, because of the permission-based grant:
-
- >>> interaction.checkPermission('P2', ob)
- True
-
-A role-based denial doesn't actually deny a permission; rather it
-prevents the granting of a permission. So, if we have both grants and
-denials based on roles, we have access:
-
- >>> roleper.grantPermissionToRole('P3', 'R1')
- >>> roleper.grantPermissionToRole('P3', 'R2')
- >>> roleper.denyPermissionToRole('P3', 'R3')
- >>> prinrole.removeRoleFromPrincipal('R2', 'bob')
- >>> prinrole.assignRoleToPrincipal('R3', 'bob')
-
- >>> interaction.checkPermission('P3', ob)
- True
-
-Global grants
--------------
-
-Grants made to an object are said to be "local". We can also make
-global grants:
-
- >>> from zope.app.securitypolicy.rolepermission \
- ... import rolePermissionManager as roleperG
- >>> from zope.app.securitypolicy.principalpermission \
- ... import principalPermissionManager as prinperG
- >>> from zope.app.securitypolicy.principalrole \
- ... import principalRoleManager as prinroleG
-
-And the same rules apply to global grants and denials.
-
- >>> roleperG.grantPermissionToRole('P1G', 'R1G', False)
-
-In these tests, we aren't bothering to define any roles, permissions,
-or principals, so we pass an extra argument that tells the granting
-routines not to check the validity of the values.
-
- >>> prinroleG.assignRoleToPrincipal('R1G', 'bob', False)
- >>> interaction.checkPermission('P1G', ob)
- True
-
- >>> prinperG.grantPermissionToPrincipal('P2G', 'bob', False)
- >>> interaction.checkPermission('P2G', ob)
- True
-
- >>> prinperG.denyPermissionToPrincipal('P1G', 'bob', False)
- >>> interaction.checkPermission('P1G', ob)
- False
-
- >>> roleperG.denyPermissionToRole('P2G', 'R1G', False)
- >>> interaction.checkPermission('P2G', ob)
- True
-
- >>> roleperG.grantPermissionToRole('P3G', 'R1G', False)
- >>> roleperG.grantPermissionToRole('P3G', 'R2G', False)
- >>> roleperG.denyPermissionToRole('P3G', 'R3G', False)
- >>> prinroleG.removeRoleFromPrincipal('R2G', 'bob', False)
- >>> prinroleG.assignRoleToPrincipal('R3G', 'bob', False)
- >>> interaction.checkPermission('P3G', ob)
- True
-
-Local versus global grants
---------------------------
-
-We, of course, acquire global grants by default:
-
- >>> interaction.checkPermission('P1G', ob)
- False
- >>> interaction.checkPermission('P2G', ob)
- True
- >>> interaction.checkPermission('P3G', ob)
- True
-
-Local role-based grants do not override global principal-specific denials:
-
- >>> roleper.grantPermissionToRole('P1G', 'R1G')
- >>> prinrole.assignRoleToPrincipal('R1G', 'bob')
- >>> interaction.checkPermission('P1G', ob)
- False
-
-And local role-based denials don't override global
-principal-grants:
-
- >>> roleper.denyPermissionToRole('P2G', 'R1G')
- >>> interaction.checkPermission('P2G', ob)
- True
-
-A local role-based deny can cancel a global role-based grant:
-
- >>> roleper.denyPermissionToRole('P3G', 'R1G')
- >>> interaction.checkPermission('P3G', ob)
- False
-
-and a local role-based grant can override a global role-based denial:
-
- >>> roleperG.denyPermissionToRole('P4G', 'R1G', False)
- >>> prinroleG.assignRoleToPrincipal('R1G', "bob", False)
- >>> interaction.checkPermission('P4G', ob)
- False
- >>> roleper.grantPermissionToRole('P4G', 'R1G')
- >>> interaction.checkPermission('P4G', ob)
- True
- >>> prinroleG.removeRoleFromPrincipal('R1G', "bob", False)
- >>> interaction.checkPermission('P4G', ob)
- True
-
-Of course, a local permission-based grant or denial overrides any
-global setting and overrides local role-based grants or denials:
-
- >>> prinper.grantPermissionToPrincipal('P3G', 'bob')
- >>> interaction.checkPermission('P3G', ob)
- True
-
- >>> prinper.denyPermissionToPrincipal('P2G', 'bob')
- >>> interaction.checkPermission('P2G', ob)
- False
-
-Sublocations
-------------
-
-We can have sub-locations. A sublocation of a location is an object
-whose `__parent__` attribute is the location:
-
- >>> ob2 = Ob()
- >>> ob2.__parent__ = ob
-
-By default, sublocations acquire grants from higher locations:
-
- >>> interaction.checkPermission('P1', ob2)
- False
- >>> interaction.checkPermission('P2', ob2)
- True
- >>> interaction.checkPermission('P3', ob2)
- True
- >>> interaction.checkPermission('P1G', ob2)
- False
- >>> interaction.checkPermission('P2G', ob2)
- False
- >>> interaction.checkPermission('P3G', ob2)
- True
- >>> interaction.checkPermission('P4G', ob2)
- True
-
-Sublocation role-based grants do not override their parent
-principal-specific denials:
-
- >>> roleper2 = interfaces.IRolePermissionManager(ob2)
- >>> prinrole2 = interfaces.IPrincipalRoleManager(ob2)
- >>> prinper2 = interfaces.IPrincipalPermissionManager(ob2)
-
- >>> roleper2.grantPermissionToRole('P1', 'R1')
- >>> prinrole2.assignRoleToPrincipal('R1', 'bob')
- >>> interaction.checkPermission('P1', ob2)
- False
-
-And local role-based denials don't override their parents
-principal-grant:
-
- >>> roleper2.denyPermissionToRole('P2', 'R1')
- >>> interaction.checkPermission('P2', ob2)
- True
-
-A local role-based deny can cancel a parent role-based grant:
-
- >>> roleper2.denyPermissionToRole('P3', 'R1')
- >>> interaction.checkPermission('P3', ob2)
- False
-
-and a local role-based grant can override a parent role-based denial:
-
- >>> roleper.denyPermissionToRole('P4', 'R1')
- >>> prinrole.assignRoleToPrincipal('R1', 'bob')
- >>> interaction.checkPermission('P4', ob2)
- False
- >>> roleper2.grantPermissionToRole('P4', 'R1')
- >>> interaction.checkPermission('P4', ob2)
- True
- >>> prinrole.removeRoleFromPrincipal('R1', 'bob')
- >>> interaction.checkPermission('P4', ob2)
- True
-
-
-Of course, a local permission-based grant or denial overrides any
-global setting and overrides local role-based grants or denials:
-
- >>> prinper.grantPermissionToPrincipal('P3', 'bob')
- >>> interaction.checkPermission('P3', ob2)
- True
-
- >>> prinper.denyPermissionToPrincipal('P2', 'bob')
- >>> interaction.checkPermission('P2', ob2)
- False
-
-If an object is not annotatable, but does have a parent, it will get
-its grants from its parent:
-
- >>> class C:
- ... pass
-
- >>> ob3 = C()
- >>> ob3.__parent__ = ob
-
- >>> interaction.checkPermission('P1', ob3)
- False
- >>> interaction.checkPermission('P2', ob3)
- False
- >>> interaction.checkPermission('P3', ob3)
- True
- >>> interaction.checkPermission('P1G', ob3)
- False
- >>> interaction.checkPermission('P2G', ob3)
- False
- >>> interaction.checkPermission('P3G', ob3)
- True
- >>> interaction.checkPermission('P4G', ob3)
- True
-
-The same results will be had if there are multiple non-annotatable
-objects:
-
- >>> ob3.__parent__ = C()
- >>> ob3.__parent__.__parent__ = ob
-
- >>> interaction.checkPermission('P1', ob3)
- False
- >>> interaction.checkPermission('P2', ob3)
- False
- >>> interaction.checkPermission('P3', ob3)
- True
- >>> interaction.checkPermission('P1G', ob3)
- False
- >>> interaction.checkPermission('P2G', ob3)
- False
- >>> interaction.checkPermission('P3G', ob3)
- True
- >>> interaction.checkPermission('P4G', ob3)
- True
-
-and if an object doesn't have a parent:
-
- >>> ob4 = C()
-
-it will have whatever grants were made globally:
-
- >>> interaction.checkPermission('P1', ob4)
- False
- >>> interaction.checkPermission('P2', ob4)
- False
- >>> interaction.checkPermission('P3', ob4)
- False
- >>> interaction.checkPermission('P1G', ob4)
- False
- >>> interaction.checkPermission('P2G', ob4)
- True
- >>> interaction.checkPermission('P3G', ob4)
- False
- >>> interaction.checkPermission('P4G', ob4)
- False
-
- >>> prinroleG.assignRoleToPrincipal('R1G', "bob", False)
- >>> interaction.checkPermission('P3G', ob4)
- True
-
-We'll get the same result if we have a non-annotatable parent without a
-parent:
-
- >>> ob3.__parent__ = C()
-
- >>> interaction.checkPermission('P1', ob3)
- False
- >>> interaction.checkPermission('P2', ob3)
- False
- >>> interaction.checkPermission('P3', ob3)
- False
- >>> interaction.checkPermission('P1G', ob3)
- False
- >>> interaction.checkPermission('P2G', ob3)
- True
- >>> interaction.checkPermission('P3G', ob3)
- True
- >>> interaction.checkPermission('P4G', ob3)
- False
-
-The Anonymous role
-------------------
-
-The security policy defines a special role named "zope.Anonymous". All
-principals have this role and the role cannot be taken away.
-
- >>> roleperG.grantPermissionToRole('P5', 'zope.Anonymous', False)
- >>> interaction.checkPermission('P5', ob2)
- True
-
-Proxies
--------
-
-Objects may be proxied:
-
- >>> from zope.security.checker import ProxyFactory
- >>> ob = ProxyFactory(ob)
- >>> interaction.checkPermission('P1', ob)
- False
- >>> interaction.checkPermission('P2', ob)
- False
- >>> interaction.checkPermission('P3', ob)
- True
- >>> interaction.checkPermission('P1G', ob)
- False
- >>> interaction.checkPermission('P2G', ob)
- False
- >>> interaction.checkPermission('P3G', ob)
- True
- >>> interaction.checkPermission('P4G', ob)
- True
-
-as may their parents:
-
- >>> ob3 = C()
- >>> ob3.__parent__ = ob
-
- >>> interaction.checkPermission('P1', ob3)
- False
- >>> interaction.checkPermission('P2', ob3)
- False
- >>> interaction.checkPermission('P3', ob3)
- True
- >>> interaction.checkPermission('P1G', ob3)
- False
- >>> interaction.checkPermission('P2G', ob3)
- False
- >>> interaction.checkPermission('P3G', ob3)
- True
- >>> interaction.checkPermission('P4G', ob3)
- True
-
-Groups
-------
-
-Principals may have groups. Groups are also principals (and, thus,
-may have groups).
-
-If a principal has groups, the groups are available as group ids in
-the principal's `groups` attribute. The interaction has to convert
-these group ids to group objects, so that it can tell whether the
-groups have groups. It does this by calling the `getPrincipal` method
-on the principal authentication service, which is responsible for,
-among other things, converting a principal id to a principal.
-For our examples here, we'll create and register a stub principal
-authentication service:
-
- >>> from zope.app.security.interfaces import IAuthentication
- >>> class FauxPrincipals(dict):
- ... zope.interface.implements(IAuthentication)
- ... def getPrincipal(self, id):
- ... return self[id]
-
- >>> auth = FauxPrincipals()
-
- >>> from zope.app.testing import ztapi
- >>> ztapi.provideUtility(IAuthentication, auth)
- >>> from zope.app import zapi
-
-Let's define a group:
-
- >>> auth['g1'] = Principal('g1')
-
-Let's put the principal in our group. We do that by adding the group id
-to the new principals groups:
-
- >>> principal.groups.append('g1')
-
-Of course, the principal doesn't have permissions not granted:
-
- >>> interaction.checkPermission('gP1', ob)
- False
-
-Now, if we grant a permission to the group:
-
- >>> prinper.grantPermissionToPrincipal('gP1', 'g1')
-
-We see that our principal has the permission:
-
- >>> interaction.checkPermission('gP1', ob)
- True
-
-This works even if the group grant is global:
-
- >>> interaction.checkPermission('gP1G', ob)
- False
-
- >>> prinperG.grantPermissionToPrincipal('gP1G', 'g1', True)
-
- >>> interaction.checkPermission('gP1G', ob)
- True
-
-Grants are, of course, acquired:
-
- >>> interaction.checkPermission('gP1', ob2)
- True
-
- >>> interaction.checkPermission('gP1G', ob2)
- True
-
-Inner grants can override outer grants:
-
- >>> prinper2.denyPermissionToPrincipal('gP1', 'g1')
- >>> interaction.checkPermission('gP1', ob2)
- False
-
-But principal grants always trump group grants:
-
- >>> prinper2.grantPermissionToPrincipal('gP1', 'bob')
- >>> interaction.checkPermission('gP1', ob2)
- True
-
-Groups can have groups too:
-
- >>> auth['g2'] = Principal('g2')
- >>> auth['g1'].groups.append('g2')
-
-If we grant to the new group:
-
- >>> prinper.grantPermissionToPrincipal('gP2', 'g2')
-
-Then we, of course have that permission too:
-
- >>> interaction.checkPermission('gP2', ob2)
- True
-
-Just as principal grants override group grants, group grants can
-override other group grants:
-
- >>> prinper.denyPermissionToPrincipal('gP2', 'g1')
- >>> interaction.checkPermission('gP2', ob2)
- False
-
-Principals can be in more than one group. Let's define a new group:
-
- >>> auth['g3'] = Principal('g3')
- >>> principal.groups.append('g3')
- >>> prinper.grantPermissionToPrincipal('gP2', 'g3')
-
-Now, the principal has two groups. In one group, the permission 'gP2'
-is denied, but in the other, it is allowed. In a case like this, the
-permission is allowed:
-
- >>> interaction.checkPermission('gP2', ob2)
- True
-
-In a case where a principal has two or more groups, the group denies
-prevent allows from their parents. They don't prevent the principal
-from getting an allow from another principal.
-
-Grants can be inherited from ancestor groups through multiple paths.
-Let's grant a permission to g2 and deny it to g1:
-
- >>> prinper.grantPermissionToPrincipal('gP3', 'g2')
- >>> prinper.denyPermissionToPrincipal('gP3', 'g1')
-
-Now, as before, the deny in g1 blocks the grant in g2:
-
- >>> interaction.checkPermission('gP3', ob2)
- False
-
-Let's make g2 a group of g3:
-
- >>> auth['g3'].groups.append('g2')
-
-Now, we get g2's grant through g3, and access is allowed:
-
- >>> interaction.invalidate_cache()
- >>> interaction.checkPermission('gP3', ob2)
- True
-
-We can assign roles to groups:
-
- >>> prinrole.assignRoleToPrincipal('gR1', 'g2')
-
-and get permissions through the roles:
-
- >>> roleper.grantPermissionToRole('gP4', 'gR1')
- >>> interaction.checkPermission('gP4', ob2)
- True
-
-we can override role assignments to groups through subgroups:
-
- >>> prinrole.removeRoleFromPrincipal('gR1', 'g1')
- >>> prinrole.removeRoleFromPrincipal('gR1', 'g3')
- >>> interaction.checkPermission('gP4', ob2)
- False
-
-and through principals:
-
- >>> prinrole.assignRoleToPrincipal('gR1', 'bob')
- >>> interaction.checkPermission('gP4', ob2)
- True
-
-Cleanup
--------
-
-We clean up the changes we made in these examples:
-
- >>> zope.security.management.endInteraction()
- >>> ignore = zope.security.management.setSecurityPolicy(oldpolicy)
Copied: zope.securitypolicy/trunk/src/zope/securitypolicy/zopepolicy.txt (from rev 80107, zope.securitypolicy/trunk/src/zope/app/securitypolicy/zopepolicy.txt)
===================================================================
--- zope.securitypolicy/trunk/src/zope/securitypolicy/zopepolicy.txt (rev 0)
+++ zope.securitypolicy/trunk/src/zope/securitypolicy/zopepolicy.txt 2007-09-26 15:02:36 UTC (rev 80108)
@@ -0,0 +1,653 @@
+Classic Zope Security Policy
+============================
+
+This package implements a role-based security policy similar to the
+policy found in Zope 2. The security policy is responsible for
+deciding whether an interaction has a permission on an object. This
+security policy does this using grant and denial information. Managers
+can grant or deny:
+
+ - roles to principals,
+
+ - permissions to principals, and
+
+ - permissions to roles
+
+Grants and denials are stored as annotations on objects. To store
+grants and denials, objects must be annotatable:
+
+ >>> import zope.interface
+ >>> from zope.annotation.interfaces import IAttributeAnnotatable
+ >>> class Ob:
+ ... zope.interface.implements(IAttributeAnnotatable)
+
+ >>> ob = Ob()
+
+We use objects to represent principals. These objects implement an
+interface named `IPrincipal`, but the security policy only uses the `id`
+and `groups` attributes:
+
+ >>> class Principal:
+ ... def __init__(self, id):
+ ... self.id = id
+ ... self.groups = []
+
+ >>> principal = Principal('bob')
+
+Roles and permissions are also represented by objects, however, for
+the purposes of the security policy, only string `ids` are used.
+
+The security policy provides a factory for creating interactions:
+
+ >>> import zope.securitypolicy.zopepolicy
+ >>> interaction = zope.securitypolicy.zopepolicy.ZopeSecurityPolicy()
+
+An interaction represents a specific interaction between some
+principals (normally users) and the system. Normally, we are only
+concerned with the interaction of one principal with the system, although
+we can have interactions of multiple principals. Multiple-principal
+interactions normally occur when untrusted users store code on a
+system for later execution. When untrusted code is executing, the
+authors of the code participate in the interaction. An
+interaction has a permission on an object only if all of the
+principals participating in the interaction have access to the object.
+
+The `checkPermission` method on interactions is used to test whether
+an interaction has a permission for an object. An interaction without
+participants always has every permission:
+
+ >>> interaction.checkPermission('P1', ob)
+ True
+
+In this example, 'P1' is a permission id.
+
+Normally, interactions have participants:
+
+ >>> class Participation:
+ ... interaction = None
+ >>> participation = Participation()
+ >>> participation.principal = principal
+ >>> interaction.add(participation)
+
+If we have participants, then we don't have a permission unless there
+are grants:
+
+ >>> interaction.checkPermission('P1', ob)
+ False
+
+Note, however, that we always have the CheckerPublic permission:
+
+ >>> from zope.security.checker import CheckerPublic
+ >>> interaction.checkPermission(CheckerPublic, ob)
+ True
+
+We make grants and denials on objects by adapting them to various
+granting interfaces. The objects returned from the adaptation are
+object-specific manager objects:
+
+ >>> from zope.securitypolicy import interfaces
+ >>> roleper = interfaces.IRolePermissionManager(ob)
+ >>> prinrole = interfaces.IPrincipalRoleManager(ob)
+ >>> prinper = interfaces.IPrincipalPermissionManager(ob)
+
+The computations involved in checking permissions can be
+significant. To reduce the computational cost, caching is used
+extensively. We could invalidate the cache as we make grants, but the
+adapters for making grants will automatically invalidate the cache of
+the current interaction. They use the security-management apis to do
+this. To take advantage of the cache invalidation, we'll need to let
+the security-management system manage our interactions. First, we'll
+set our security policy as the default:
+
+ >>> import zope.security.management
+ >>> oldpolicy = zope.security.management.setSecurityPolicy(
+ ... zope.securitypolicy.zopepolicy.ZopeSecurityPolicy)
+
+and then we'll create a new interaction:
+
+ >>> participation = Participation()
+ >>> participation.principal = principal
+ >>> zope.security.management.newInteraction(participation)
+ >>> interaction = zope.security.management.getInteraction()
+
+We normally provide access by granting permissions to roles for an object:
+
+ >>> roleper.grantPermissionToRole('P1', 'R1')
+
+and then granting roles to principals for an object (local roles):
+
+ >>> prinrole.assignRoleToPrincipal('R1', 'bob')
+
+The combination of these grants, which we call a role-based grant,
+provides the permission:
+
+ >>> interaction.checkPermission('P1', ob)
+ True
+
+We can also provide a permission directly:
+
+ >>> prinper.grantPermissionToPrincipal('P2', 'bob')
+ >>> interaction.checkPermission('P2', ob)
+ True
+
+Permission grants or denials override role-based grant or denials. So
+if we deny P1:
+
+ >>> prinper.denyPermissionToPrincipal('P1', 'bob')
+
+we cause the interaction to lack the permission, despite the role
+grants:
+
+ >>> interaction.checkPermission('P1', ob)
+ False
+
+Similarly, even if we have a role-based denial of P2:
+
+ >>> roleper.denyPermissionToRole('P2', 'R1')
+
+we still have access, because of the permission-based grant:
+
+ >>> interaction.checkPermission('P2', ob)
+ True
+
+A role-based denial doesn't actually deny a permission; rather it
+prevents the granting of a permission. So, if we have both grants and
+denials based on roles, we have access:
+
+ >>> roleper.grantPermissionToRole('P3', 'R1')
+ >>> roleper.grantPermissionToRole('P3', 'R2')
+ >>> roleper.denyPermissionToRole('P3', 'R3')
+ >>> prinrole.removeRoleFromPrincipal('R2', 'bob')
+ >>> prinrole.assignRoleToPrincipal('R3', 'bob')
+
+ >>> interaction.checkPermission('P3', ob)
+ True
+
+Global grants
+-------------
+
+Grants made to an object are said to be "local". We can also make
+global grants:
+
+ >>> from zope.securitypolicy.rolepermission import \
+ ... rolePermissionManager as roleperG
+ >>> from zope.securitypolicy.principalpermission import \
+ ... principalPermissionManager as prinperG
+ >>> from zope.securitypolicy.principalrole import \
+ ... principalRoleManager as prinroleG
+
+And the same rules apply to global grants and denials.
+
+ >>> roleperG.grantPermissionToRole('P1G', 'R1G', False)
+
+In these tests, we aren't bothering to define any roles, permissions,
+or principals, so we pass an extra argument that tells the granting
+routines not to check the validity of the values.
+
+ >>> prinroleG.assignRoleToPrincipal('R1G', 'bob', False)
+ >>> interaction.checkPermission('P1G', ob)
+ True
+
+ >>> prinperG.grantPermissionToPrincipal('P2G', 'bob', False)
+ >>> interaction.checkPermission('P2G', ob)
+ True
+
+ >>> prinperG.denyPermissionToPrincipal('P1G', 'bob', False)
+ >>> interaction.checkPermission('P1G', ob)
+ False
+
+ >>> roleperG.denyPermissionToRole('P2G', 'R1G', False)
+ >>> interaction.checkPermission('P2G', ob)
+ True
+
+ >>> roleperG.grantPermissionToRole('P3G', 'R1G', False)
+ >>> roleperG.grantPermissionToRole('P3G', 'R2G', False)
+ >>> roleperG.denyPermissionToRole('P3G', 'R3G', False)
+ >>> prinroleG.removeRoleFromPrincipal('R2G', 'bob', False)
+ >>> prinroleG.assignRoleToPrincipal('R3G', 'bob', False)
+ >>> interaction.checkPermission('P3G', ob)
+ True
+
+Local versus global grants
+--------------------------
+
+We, of course, acquire global grants by default:
+
+ >>> interaction.checkPermission('P1G', ob)
+ False
+ >>> interaction.checkPermission('P2G', ob)
+ True
+ >>> interaction.checkPermission('P3G', ob)
+ True
+
+Local role-based grants do not override global principal-specific denials:
+
+ >>> roleper.grantPermissionToRole('P1G', 'R1G')
+ >>> prinrole.assignRoleToPrincipal('R1G', 'bob')
+ >>> interaction.checkPermission('P1G', ob)
+ False
+
+And local role-based denials don't override global
+principal-grants:
+
+ >>> roleper.denyPermissionToRole('P2G', 'R1G')
+ >>> interaction.checkPermission('P2G', ob)
+ True
+
+A local role-based deny can cancel a global role-based grant:
+
+ >>> roleper.denyPermissionToRole('P3G', 'R1G')
+ >>> interaction.checkPermission('P3G', ob)
+ False
+
+and a local role-based grant can override a global role-based denial:
+
+ >>> roleperG.denyPermissionToRole('P4G', 'R1G', False)
+ >>> prinroleG.assignRoleToPrincipal('R1G', "bob", False)
+ >>> interaction.checkPermission('P4G', ob)
+ False
+ >>> roleper.grantPermissionToRole('P4G', 'R1G')
+ >>> interaction.checkPermission('P4G', ob)
+ True
+ >>> prinroleG.removeRoleFromPrincipal('R1G', "bob", False)
+ >>> interaction.checkPermission('P4G', ob)
+ True
+
+Of course, a local permission-based grant or denial overrides any
+global setting and overrides local role-based grants or denials:
+
+ >>> prinper.grantPermissionToPrincipal('P3G', 'bob')
+ >>> interaction.checkPermission('P3G', ob)
+ True
+
+ >>> prinper.denyPermissionToPrincipal('P2G', 'bob')
+ >>> interaction.checkPermission('P2G', ob)
+ False
+
+Sublocations
+------------
+
+We can have sub-locations. A sublocation of a location is an object
+whose `__parent__` attribute is the location:
+
+ >>> ob2 = Ob()
+ >>> ob2.__parent__ = ob
+
+By default, sublocations acquire grants from higher locations:
+
+ >>> interaction.checkPermission('P1', ob2)
+ False
+ >>> interaction.checkPermission('P2', ob2)
+ True
+ >>> interaction.checkPermission('P3', ob2)
+ True
+ >>> interaction.checkPermission('P1G', ob2)
+ False
+ >>> interaction.checkPermission('P2G', ob2)
+ False
+ >>> interaction.checkPermission('P3G', ob2)
+ True
+ >>> interaction.checkPermission('P4G', ob2)
+ True
+
+Sublocation role-based grants do not override their parent
+principal-specific denials:
+
+ >>> roleper2 = interfaces.IRolePermissionManager(ob2)
+ >>> prinrole2 = interfaces.IPrincipalRoleManager(ob2)
+ >>> prinper2 = interfaces.IPrincipalPermissionManager(ob2)
+
+ >>> roleper2.grantPermissionToRole('P1', 'R1')
+ >>> prinrole2.assignRoleToPrincipal('R1', 'bob')
+ >>> interaction.checkPermission('P1', ob2)
+ False
+
+And local role-based denials don't override their parents
+principal-grant:
+
+ >>> roleper2.denyPermissionToRole('P2', 'R1')
+ >>> interaction.checkPermission('P2', ob2)
+ True
+
+A local role-based deny can cancel a parent role-based grant:
+
+ >>> roleper2.denyPermissionToRole('P3', 'R1')
+ >>> interaction.checkPermission('P3', ob2)
+ False
+
+and a local role-based grant can override a parent role-based denial:
+
+ >>> roleper.denyPermissionToRole('P4', 'R1')
+ >>> prinrole.assignRoleToPrincipal('R1', 'bob')
+ >>> interaction.checkPermission('P4', ob2)
+ False
+ >>> roleper2.grantPermissionToRole('P4', 'R1')
+ >>> interaction.checkPermission('P4', ob2)
+ True
+ >>> prinrole.removeRoleFromPrincipal('R1', 'bob')
+ >>> interaction.checkPermission('P4', ob2)
+ True
+
+
+Of course, a local permission-based grant or denial overrides any
+global setting and overrides local role-based grants or denials:
+
+ >>> prinper.grantPermissionToPrincipal('P3', 'bob')
+ >>> interaction.checkPermission('P3', ob2)
+ True
+
+ >>> prinper.denyPermissionToPrincipal('P2', 'bob')
+ >>> interaction.checkPermission('P2', ob2)
+ False
+
+If an object is not annotatable, but does have a parent, it will get
+its grants from its parent:
+
+ >>> class C:
+ ... pass
+
+ >>> ob3 = C()
+ >>> ob3.__parent__ = ob
+
+ >>> interaction.checkPermission('P1', ob3)
+ False
+ >>> interaction.checkPermission('P2', ob3)
+ False
+ >>> interaction.checkPermission('P3', ob3)
+ True
+ >>> interaction.checkPermission('P1G', ob3)
+ False
+ >>> interaction.checkPermission('P2G', ob3)
+ False
+ >>> interaction.checkPermission('P3G', ob3)
+ True
+ >>> interaction.checkPermission('P4G', ob3)
+ True
+
+The same results will be had if there are multiple non-annotatable
+objects:
+
+ >>> ob3.__parent__ = C()
+ >>> ob3.__parent__.__parent__ = ob
+
+ >>> interaction.checkPermission('P1', ob3)
+ False
+ >>> interaction.checkPermission('P2', ob3)
+ False
+ >>> interaction.checkPermission('P3', ob3)
+ True
+ >>> interaction.checkPermission('P1G', ob3)
+ False
+ >>> interaction.checkPermission('P2G', ob3)
+ False
+ >>> interaction.checkPermission('P3G', ob3)
+ True
+ >>> interaction.checkPermission('P4G', ob3)
+ True
+
+and if an object doesn't have a parent:
+
+ >>> ob4 = C()
+
+it will have whatever grants were made globally:
+
+ >>> interaction.checkPermission('P1', ob4)
+ False
+ >>> interaction.checkPermission('P2', ob4)
+ False
+ >>> interaction.checkPermission('P3', ob4)
+ False
+ >>> interaction.checkPermission('P1G', ob4)
+ False
+ >>> interaction.checkPermission('P2G', ob4)
+ True
+ >>> interaction.checkPermission('P3G', ob4)
+ False
+ >>> interaction.checkPermission('P4G', ob4)
+ False
+
+ >>> prinroleG.assignRoleToPrincipal('R1G', "bob", False)
+ >>> interaction.checkPermission('P3G', ob4)
+ True
+
+We'll get the same result if we have a non-annotatable parent without a
+parent:
+
+ >>> ob3.__parent__ = C()
+
+ >>> interaction.checkPermission('P1', ob3)
+ False
+ >>> interaction.checkPermission('P2', ob3)
+ False
+ >>> interaction.checkPermission('P3', ob3)
+ False
+ >>> interaction.checkPermission('P1G', ob3)
+ False
+ >>> interaction.checkPermission('P2G', ob3)
+ True
+ >>> interaction.checkPermission('P3G', ob3)
+ True
+ >>> interaction.checkPermission('P4G', ob3)
+ False
+
+The Anonymous role
+------------------
+
+The security policy defines a special role named "zope.Anonymous". All
+principals have this role and the role cannot be taken away.
+
+ >>> roleperG.grantPermissionToRole('P5', 'zope.Anonymous', False)
+ >>> interaction.checkPermission('P5', ob2)
+ True
+
+Proxies
+-------
+
+Objects may be proxied:
+
+ >>> from zope.security.checker import ProxyFactory
+ >>> ob = ProxyFactory(ob)
+ >>> interaction.checkPermission('P1', ob)
+ False
+ >>> interaction.checkPermission('P2', ob)
+ False
+ >>> interaction.checkPermission('P3', ob)
+ True
+ >>> interaction.checkPermission('P1G', ob)
+ False
+ >>> interaction.checkPermission('P2G', ob)
+ False
+ >>> interaction.checkPermission('P3G', ob)
+ True
+ >>> interaction.checkPermission('P4G', ob)
+ True
+
+as may their parents:
+
+ >>> ob3 = C()
+ >>> ob3.__parent__ = ob
+
+ >>> interaction.checkPermission('P1', ob3)
+ False
+ >>> interaction.checkPermission('P2', ob3)
+ False
+ >>> interaction.checkPermission('P3', ob3)
+ True
+ >>> interaction.checkPermission('P1G', ob3)
+ False
+ >>> interaction.checkPermission('P2G', ob3)
+ False
+ >>> interaction.checkPermission('P3G', ob3)
+ True
+ >>> interaction.checkPermission('P4G', ob3)
+ True
+
+Groups
+------
+
+Principals may have groups. Groups are also principals (and, thus,
+may have groups).
+
+If a principal has groups, the groups are available as group ids in
+the principal's `groups` attribute. The interaction has to convert
+these group ids to group objects, so that it can tell whether the
+groups have groups. It does this by calling the `getPrincipal` method
+on the principal authentication service, which is responsible for,
+among other things, converting a principal id to a principal.
+For our examples here, we'll create and register a stub principal
+authentication service:
+
+ >>> from zope.app.security.interfaces import IAuthentication
+ >>> class FauxPrincipals(dict):
+ ... zope.interface.implements(IAuthentication)
+ ... def getPrincipal(self, id):
+ ... return self[id]
+
+ >>> auth = FauxPrincipals()
+
+ >>> from zope.app.testing import ztapi
+ >>> ztapi.provideUtility(IAuthentication, auth)
+ >>> from zope.app import zapi
+
+Let's define a group:
+
+ >>> auth['g1'] = Principal('g1')
+
+Let's put the principal in our group. We do that by adding the group id
+to the new principals groups:
+
+ >>> principal.groups.append('g1')
+
+Of course, the principal doesn't have permissions not granted:
+
+ >>> interaction.checkPermission('gP1', ob)
+ False
+
+Now, if we grant a permission to the group:
+
+ >>> prinper.grantPermissionToPrincipal('gP1', 'g1')
+
+We see that our principal has the permission:
+
+ >>> interaction.checkPermission('gP1', ob)
+ True
+
+This works even if the group grant is global:
+
+ >>> interaction.checkPermission('gP1G', ob)
+ False
+
+ >>> prinperG.grantPermissionToPrincipal('gP1G', 'g1', True)
+
+ >>> interaction.checkPermission('gP1G', ob)
+ True
+
+Grants are, of course, acquired:
+
+ >>> interaction.checkPermission('gP1', ob2)
+ True
+
+ >>> interaction.checkPermission('gP1G', ob2)
+ True
+
+Inner grants can override outer grants:
+
+ >>> prinper2.denyPermissionToPrincipal('gP1', 'g1')
+ >>> interaction.checkPermission('gP1', ob2)
+ False
+
+But principal grants always trump group grants:
+
+ >>> prinper2.grantPermissionToPrincipal('gP1', 'bob')
+ >>> interaction.checkPermission('gP1', ob2)
+ True
+
+Groups can have groups too:
+
+ >>> auth['g2'] = Principal('g2')
+ >>> auth['g1'].groups.append('g2')
+
+If we grant to the new group:
+
+ >>> prinper.grantPermissionToPrincipal('gP2', 'g2')
+
+Then we, of course have that permission too:
+
+ >>> interaction.checkPermission('gP2', ob2)
+ True
+
+Just as principal grants override group grants, group grants can
+override other group grants:
+
+ >>> prinper.denyPermissionToPrincipal('gP2', 'g1')
+ >>> interaction.checkPermission('gP2', ob2)
+ False
+
+Principals can be in more than one group. Let's define a new group:
+
+ >>> auth['g3'] = Principal('g3')
+ >>> principal.groups.append('g3')
+ >>> prinper.grantPermissionToPrincipal('gP2', 'g3')
+
+Now, the principal has two groups. In one group, the permission 'gP2'
+is denied, but in the other, it is allowed. In a case like this, the
+permission is allowed:
+
+ >>> interaction.checkPermission('gP2', ob2)
+ True
+
+In a case where a principal has two or more groups, the group denies
+prevent allows from their parents. They don't prevent the principal
+from getting an allow from another principal.
+
+Grants can be inherited from ancestor groups through multiple paths.
+Let's grant a permission to g2 and deny it to g1:
+
+ >>> prinper.grantPermissionToPrincipal('gP3', 'g2')
+ >>> prinper.denyPermissionToPrincipal('gP3', 'g1')
+
+Now, as before, the deny in g1 blocks the grant in g2:
+
+ >>> interaction.checkPermission('gP3', ob2)
+ False
+
+Let's make g2 a group of g3:
+
+ >>> auth['g3'].groups.append('g2')
+
+Now, we get g2's grant through g3, and access is allowed:
+
+ >>> interaction.invalidate_cache()
+ >>> interaction.checkPermission('gP3', ob2)
+ True
+
+We can assign roles to groups:
+
+ >>> prinrole.assignRoleToPrincipal('gR1', 'g2')
+
+and get permissions through the roles:
+
+ >>> roleper.grantPermissionToRole('gP4', 'gR1')
+ >>> interaction.checkPermission('gP4', ob2)
+ True
+
+we can override role assignments to groups through subgroups:
+
+ >>> prinrole.removeRoleFromPrincipal('gR1', 'g1')
+ >>> prinrole.removeRoleFromPrincipal('gR1', 'g3')
+ >>> interaction.checkPermission('gP4', ob2)
+ False
+
+and through principals:
+
+ >>> prinrole.assignRoleToPrincipal('gR1', 'bob')
+ >>> interaction.checkPermission('gP4', ob2)
+ True
+
+Cleanup
+-------
+
+We clean up the changes we made in these examples:
+
+ >>> zope.security.management.endInteraction()
+ >>> ignore = zope.security.management.setSecurityPolicy(oldpolicy)
More information about the Checkins
mailing list