[Checkins] SVN: five.grok/trunk/src/five/grok/ Views with security.
Lennart Regebro
regebro at gmail.com
Sat Apr 26 06:14:51 EDT 2008
Log message for revision 85754:
Views with security.
Changed:
U five.grok/trunk/src/five/grok/__init__.py
U five.grok/trunk/src/five/grok/components.py
U five.grok/trunk/src/five/grok/meta.py
A five.grok/trunk/src/five/grok/tests/test_secure_views.py
U five.grok/trunk/src/five/grok/tests/views.py
U five.grok/trunk/src/five/grok/util.py
-=-
Modified: five.grok/trunk/src/five/grok/__init__.py
===================================================================
--- five.grok/trunk/src/five/grok/__init__.py 2008-04-26 09:24:18 UTC (rev 85753)
+++ five.grok/trunk/src/five/grok/__init__.py 2008-04-26 10:14:51 UTC (rev 85754)
@@ -4,3 +4,4 @@
from zope.interface import implements
from components import View
+from directive import require
Modified: five.grok/trunk/src/five/grok/components.py
===================================================================
--- five.grok/trunk/src/five/grok/components.py 2008-04-26 09:24:18 UTC (rev 85753)
+++ five.grok/trunk/src/five/grok/components.py 2008-04-26 10:14:51 UTC (rev 85754)
@@ -1,7 +1,5 @@
from Products.Five import BrowserView
-from zope.publisher.browser import BrowserPage
-
class View(BrowserView):
pass
Modified: five.grok/trunk/src/five/grok/meta.py
===================================================================
--- five.grok/trunk/src/five/grok/meta.py 2008-04-26 09:24:18 UTC (rev 85753)
+++ five.grok/trunk/src/five/grok/meta.py 2008-04-26 10:14:51 UTC (rev 85754)
@@ -1,15 +1,15 @@
import martian
from martian import util
from zope import interface, component
+from zope.publisher.interfaces.browser import IDefaultBrowserLayer
+
from five import grok
-from five.grok.util import get_default_permission, make_checker
+from five.grok.util import get_default_permission
from grokcore.component.meta import get_context, get_name_classname
from grokcore.component.util import determine_class_directive
+from Products.Five.security import protectClass
+from Globals import InitializeClass as initializeClass
-from zope.publisher.interfaces.browser import IDefaultBrowserLayer
- #IBrowserRequest,
- #IBrowserPublisher,
- #IBrowserSkinType)
class ViewGrokker(martian.ClassGrokker):
component_class = grok.View
@@ -68,11 +68,18 @@
permission = get_default_permission(factory)
config.action(
- discriminator=('protectName', factory, '__call__'),
- callable=make_checker,
- args=(factory, factory, permission),
- )
+ discriminator = ('five:protectClass', factory),
+ callable = protectClass,
+ args = (factory, permission)
+ )
+ # Protect the class
+ config.action(
+ discriminator = ('five:initialize:class', factory),
+ callable = initializeClass,
+ args = (factory,)
+ )
+
return True
def checkTemplates(self, templates, module_info, factory):
Added: five.grok/trunk/src/five/grok/tests/test_secure_views.py
===================================================================
--- five.grok/trunk/src/five/grok/tests/test_secure_views.py (rev 0)
+++ five.grok/trunk/src/five/grok/tests/test_secure_views.py 2008-04-26 10:14:51 UTC (rev 85754)
@@ -0,0 +1,24 @@
+import unittest
+from Testing import ZopeTestCase
+from test_all import setUp
+
+from AccessControl import Unauthorized
+from OFS.SimpleItem import SimpleItem
+
+class TestViews(ZopeTestCase.ZopeTestCase):
+
+ def afterSetUp(self):
+ setUp()
+ self.folder._setObject('item', SimpleItem())
+ self.folder.item.id = 'item'
+
+ def test_views(self):
+ self.logout()
+ self.assertRaises(Unauthorized, self.folder.item.restrictedTraverse, ('@@aview',))
+
+ def test_views(self):
+ self.logout()
+ self.assertRaises(Unauthorized, self.folder.item.restrictedTraverse, ('@@aview',))
+
+def test_suite():
+ return unittest.makeSuite(TestViews)
\ No newline at end of file
Property changes on: five.grok/trunk/src/five/grok/tests/test_secure_views.py
___________________________________________________________________
Name: svn:keywords
+ Id
Modified: five.grok/trunk/src/five/grok/tests/views.py
===================================================================
--- five.grok/trunk/src/five/grok/tests/views.py 2008-04-26 09:24:18 UTC (rev 85753)
+++ five.grok/trunk/src/five/grok/tests/views.py 2008-04-26 10:14:51 UTC (rev 85754)
@@ -11,7 +11,7 @@
We should now be able to find the view:
- >>> view = item.unrestrictedTraverse('@@theview')
+ >>> view = item.unrestrictedTraverse('@@aview')
>>> view()
'item'
@@ -21,8 +21,8 @@
class SimpleItemView(grok.View):
grok.context(ISimpleItem)
- grok.name('theview')
+ grok.name('aview')
+ grok.require('zope2.ViewManagementScreens')
def __call__(self):
return self.context.getId()
-
\ No newline at end of file
Modified: five.grok/trunk/src/five/grok/util.py
===================================================================
--- five.grok/trunk/src/five/grok/util.py 2008-04-26 09:24:18 UTC (rev 85753)
+++ five.grok/trunk/src/five/grok/util.py 2008-04-26 10:14:51 UTC (rev 85754)
@@ -11,39 +11,6 @@
from martian.error import GrokError, GrokImportError
from martian.util import class_annotation, methods_from_class, scan_for_classes
-def check_adapts(class_):
- if component.adaptedBy(class_) is None:
- raise GrokError("%r must specify which contexts it adapts "
- "(use grok.adapts to specify)."
- % class_, class_)
-
-def make_checker(factory, view_factory, permission, method_names=None):
- """Make a checker for a view_factory associated with factory.
-
- These could be one and the same for normal views, or different
- in case we make method-based views such as for JSON and XMLRPC.
- """
- if method_names is None:
- method_names = ['__call__']
- if permission is not None:
- check_permission(factory, permission)
- if permission is None or permission == 'zope.Public':
- checker = NamesChecker(method_names)
- else:
- checker = NamesChecker(method_names, permission)
- defineChecker(view_factory, checker)
-
-def check_permission(factory, permission):
- """Check whether a permission is defined.
-
- If not, raise error for factory.
- """
- if component.queryUtility(IPermission,
- name=permission) is None:
- raise GrokError('Undefined permission %r in %r. Use '
- 'grok.Permission first.'
- % (permission, factory), factory)
-
def get_default_permission(factory):
"""Determine the default permission for a view.
@@ -51,7 +18,7 @@
"""
permissions = class_annotation(factory, 'grok.require', [])
if not permissions:
- return None
+ return 'zope.Public'
if len(permissions) > 1:
raise GrokError('grok.require was called multiple times in '
'%r. It may only be set once for a class.'
More information about the Checkins
mailing list