[Checkins] SVN: z3ext.preferences/trunk/ Use 'z3ext.ManagePreference' as default preference permission

Nikolay Kim fafhrd at datacom.kz
Tue Apr 15 03:40:47 EDT 2008 

Log message for revision 85365:
  Use 'z3ext.ManagePreference' as default preference permission

Changed:
  U   z3ext.preferences/trunk/CHANGES.txt
  U   z3ext.preferences/trunk/src/z3ext/preferences/README.txt
  U   z3ext.preferences/trunk/src/z3ext/preferences/configure.zcml
  A   z3ext.preferences/trunk/src/z3ext/preferences/roles.py
  U   z3ext.preferences/trunk/src/z3ext/preferences/root.py
  U   z3ext.preferences/trunk/src/z3ext/preferences/zcml.py

-=-
Modified: z3ext.preferences/trunk/CHANGES.txt
===================================================================
--- z3ext.preferences/trunk/CHANGES.txt	2008-04-15 01:50:39 UTC (rev 85364)
+++ z3ext.preferences/trunk/CHANGES.txt	2008-04-15 07:40:46 UTC (rev 85365)
@@ -2,6 +2,12 @@
 CHANGES
 =======
 
+1.1.1 (2008-04-15)
+------------------
+
+- Use 'z3ext.ManagePreference' as default preference permission
+
+
 1.1.0 (2008-04-11)
 ------------------
 

Modified: z3ext.preferences/trunk/src/z3ext/preferences/README.txt
===================================================================
--- z3ext.preferences/trunk/src/z3ext/preferences/README.txt	2008-04-15 01:50:39 UTC (rev 85364)
+++ z3ext.preferences/trunk/src/z3ext/preferences/README.txt	2008-04-15 07:40:46 UTC (rev 85365)
@@ -428,12 +428,10 @@
 --------
 
 You might already wonder under which permissions the preferences are
-available. They are actually available publicly (`CheckerPublic`), but that
-is not a problem, since the available values are looked up specifically for
-the current user. And why should a user not have full access to his/her
-preferences? But sometimes we need preferences which can be changed
+available. They are actually available with z3ext.ManagePreference
+permission. But sometimes we need preferences which can be changed
 only by manager. In this case we can provide default permission or
-even set security checks on field level, like in <class /> directive.
+even set security checks on attribute level, like in <class /> directive.
 
   >>> import zope.security
   >>> context = xmlconfig.file('meta.zcml', zope.security, context)

Modified: z3ext.preferences/trunk/src/z3ext/preferences/configure.zcml
===================================================================
--- z3ext.preferences/trunk/src/z3ext/preferences/configure.zcml	2008-04-15 01:50:39 UTC (rev 85364)
+++ z3ext.preferences/trunk/src/z3ext/preferences/configure.zcml	2008-04-15 07:40:46 UTC (rev 85365)
@@ -5,14 +5,14 @@
 
   <autoinclude package="z3ext.preferences" />
 
+  <permission
+     id="z3ext.ModifyPreference"
+     title="Modify preference" />
+
   <role
      id="preference.Owner"
      title="Preference group owner" />
 
-  <permission
-     id="z3ext.ModifyPreference"
-     title="Modifye preference" />
-
   <grant
      permission="z3ext.ModifyPreference"
      role="preference.Owner" />
@@ -29,9 +29,8 @@
                   zope.interface.common.mapping.IEnumerableMapping" />
   </class>
 
-  <class class=".preference.PreferenceGroup">
-    <implements interface="zope.annotation.interfaces.IAttributeAnnotatable" />
-  </class>
+  <!-- preference group roles -->
+  <adapter factory=".roles.PreferenceGroupRoles" />
 
   <!-- preference group publisher -->
   <adapter

Added: z3ext.preferences/trunk/src/z3ext/preferences/roles.py
===================================================================
--- z3ext.preferences/trunk/src/z3ext/preferences/roles.py	                        (rev 0)
+++ z3ext.preferences/trunk/src/z3ext/preferences/roles.py	2008-04-15 07:40:46 UTC (rev 85365)
@@ -0,0 +1,52 @@
+##############################################################################
+#
+# Copyright (c) 2008 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+""" 
+
+$Id$
+"""
+from zope import interface, component
+from zope.app.security.settings import Allow, Unset
+from zope.securitypolicy.interfaces import IPrincipalRoleMap
+
+from interfaces import IBound
+
+
+class PreferenceGroupRoles(object):
+    component.adapts(IBound)
+    interface.implements(IPrincipalRoleMap)
+
+    def __init__(self, context):
+        self.pid = context.__principal__.id
+
+    def getPrincipalsForRole(self, role_id):
+        if (role_id == 'preference.Owner'):
+            return ((self.pid, Allow),)
+        else:
+            return ()
+
+    def getRolesForPrincipal(self, principal_id,
+                             allow = (('preference.Owner', Allow),)):
+        if principal_id == self.pid:
+            return allow
+        else:
+            return ()
+
+    def getSetting(self, role_id, principal_id):
+        if (principal_id == self.pid) and (role_id == 'preference.Owner'):
+            return Allow
+        else:
+            return Unset
+
+    def getPrincipalsAndRoles(self):
+        return ()


Property changes on: z3ext.preferences/trunk/src/z3ext/preferences/roles.py
___________________________________________________________________
Name: svn:keywords
   + Id

Modified: z3ext.preferences/trunk/src/z3ext/preferences/root.py
===================================================================
--- z3ext.preferences/trunk/src/z3ext/preferences/root.py	2008-04-15 01:50:39 UTC (rev 85364)
+++ z3ext.preferences/trunk/src/z3ext/preferences/root.py	2008-04-15 07:40:46 UTC (rev 85365)
@@ -16,7 +16,6 @@
 $Id$
 """
 from zope import interface
-from zope.securitypolicy.interfaces import IPrincipalRoleManager
 from zope.app.security.interfaces import IUnauthenticatedPrincipal
 
 from i18n import _
@@ -41,13 +40,3 @@
         if IUnauthenticatedPrincipal.providedBy(self.__principal__):
             return False
         return True
-
-    def __bind__(self, principal=None, parent=None):
-        clone = super(PersonalPreferences, self).__bind__(principal, parent)
-
-        rmanager = IPrincipalRoleManager(clone, None)
-        if rmanager is not None:
-            rmanager.assignRoleToPrincipal(
-                'preference.Owner', clone.__principal__.id)
-
-        return clone

Modified: z3ext.preferences/trunk/src/z3ext/preferences/zcml.py
===================================================================
--- z3ext.preferences/trunk/src/z3ext/preferences/zcml.py	2008-04-15 01:50:39 UTC (rev 85364)
+++ z3ext.preferences/trunk/src/z3ext/preferences/zcml.py	2008-04-15 07:40:46 UTC (rev 85365)
@@ -102,9 +102,8 @@
 
     def __init__(self, _context, id, title,
                  for_=None, schema=interface.Interface,
-                 description=u'', category=False,
-                 class_=None, provides=[], permission=CheckerPublic,
-                 tests=(), order = 9999):
+                 description=u'', category=False, class_=None, provides=[],
+                 permission='z3ext.ModifyPreference', tests=(), order = 9999):
 
         Class = PreferenceType(str(id), schema, class_, title, description)
         Class.order = order

More information about the Checkins mailing list