[Checkins] SVN: five.grok/trunk/src/five/grok/ Views with security.

Lennart Regebro regebro at gmail.com
Sat Apr 26 06:14:51 EDT 2008


Log message for revision 85754:
  Views with security.
  

Changed:
  U   five.grok/trunk/src/five/grok/__init__.py
  U   five.grok/trunk/src/five/grok/components.py
  U   five.grok/trunk/src/five/grok/meta.py
  A   five.grok/trunk/src/five/grok/tests/test_secure_views.py
  U   five.grok/trunk/src/five/grok/tests/views.py
  U   five.grok/trunk/src/five/grok/util.py

-=-
Modified: five.grok/trunk/src/five/grok/__init__.py
===================================================================
--- five.grok/trunk/src/five/grok/__init__.py	2008-04-26 09:24:18 UTC (rev 85753)
+++ five.grok/trunk/src/five/grok/__init__.py	2008-04-26 10:14:51 UTC (rev 85754)
@@ -4,3 +4,4 @@
 from zope.interface import implements
 
 from components import View
+from directive import require

Modified: five.grok/trunk/src/five/grok/components.py
===================================================================
--- five.grok/trunk/src/five/grok/components.py	2008-04-26 09:24:18 UTC (rev 85753)
+++ five.grok/trunk/src/five/grok/components.py	2008-04-26 10:14:51 UTC (rev 85754)
@@ -1,7 +1,5 @@
 from Products.Five import BrowserView
 
-from zope.publisher.browser import BrowserPage
-
 class View(BrowserView):
     pass
 

Modified: five.grok/trunk/src/five/grok/meta.py
===================================================================
--- five.grok/trunk/src/five/grok/meta.py	2008-04-26 09:24:18 UTC (rev 85753)
+++ five.grok/trunk/src/five/grok/meta.py	2008-04-26 10:14:51 UTC (rev 85754)
@@ -1,15 +1,15 @@
 import martian
 from martian import util
 from zope import interface, component
+from zope.publisher.interfaces.browser import IDefaultBrowserLayer
+
 from five import grok
-from five.grok.util import get_default_permission, make_checker
+from five.grok.util import get_default_permission
 from grokcore.component.meta import get_context, get_name_classname
 from grokcore.component.util import determine_class_directive
+from Products.Five.security import protectClass
+from Globals import InitializeClass as initializeClass
 
-from zope.publisher.interfaces.browser import IDefaultBrowserLayer
-                                               #IBrowserRequest,
-                                               #IBrowserPublisher,
-                                               #IBrowserSkinType)
 
 class ViewGrokker(martian.ClassGrokker):
     component_class = grok.View
@@ -68,11 +68,18 @@
 
         permission = get_default_permission(factory)
         config.action(
-            discriminator=('protectName', factory, '__call__'),
-            callable=make_checker,
-            args=(factory, factory, permission),
-            )
+            discriminator = ('five:protectClass', factory),
+            callable = protectClass,
+            args = (factory, permission)
+        )
 
+        # Protect the class
+        config.action(
+            discriminator = ('five:initialize:class', factory),
+            callable = initializeClass,
+            args = (factory,)
+        )
+
         return True
 
     def checkTemplates(self, templates, module_info, factory):

Added: five.grok/trunk/src/five/grok/tests/test_secure_views.py
===================================================================
--- five.grok/trunk/src/five/grok/tests/test_secure_views.py	                        (rev 0)
+++ five.grok/trunk/src/five/grok/tests/test_secure_views.py	2008-04-26 10:14:51 UTC (rev 85754)
@@ -0,0 +1,24 @@
+import unittest
+from Testing import ZopeTestCase
+from test_all import setUp
+
+from AccessControl import Unauthorized
+from OFS.SimpleItem import SimpleItem
+
+class TestViews(ZopeTestCase.ZopeTestCase):
+    
+    def afterSetUp(self):
+        setUp()
+        self.folder._setObject('item', SimpleItem())
+        self.folder.item.id = 'item'
+        
+    def test_views(self):
+        self.logout()
+        self.assertRaises(Unauthorized, self.folder.item.restrictedTraverse, ('@@aview',))
+        
+    def test_views(self):
+        self.logout()
+        self.assertRaises(Unauthorized, self.folder.item.restrictedTraverse, ('@@aview',))
+        
+def test_suite():
+    return unittest.makeSuite(TestViews)
\ No newline at end of file


Property changes on: five.grok/trunk/src/five/grok/tests/test_secure_views.py
___________________________________________________________________
Name: svn:keywords
   + Id

Modified: five.grok/trunk/src/five/grok/tests/views.py
===================================================================
--- five.grok/trunk/src/five/grok/tests/views.py	2008-04-26 09:24:18 UTC (rev 85753)
+++ five.grok/trunk/src/five/grok/tests/views.py	2008-04-26 10:14:51 UTC (rev 85754)
@@ -11,7 +11,7 @@
 
 We should now be able to find the view:
 
-  >>> view = item.unrestrictedTraverse('@@theview')
+  >>> view = item.unrestrictedTraverse('@@aview')
   >>> view()
   'item'
 
@@ -21,8 +21,8 @@
 
 class SimpleItemView(grok.View):
     grok.context(ISimpleItem)
-    grok.name('theview')
+    grok.name('aview')
+    grok.require('zope2.ViewManagementScreens')
         
     def __call__(self):
         return self.context.getId()
-        
\ No newline at end of file

Modified: five.grok/trunk/src/five/grok/util.py
===================================================================
--- five.grok/trunk/src/five/grok/util.py	2008-04-26 09:24:18 UTC (rev 85753)
+++ five.grok/trunk/src/five/grok/util.py	2008-04-26 10:14:51 UTC (rev 85754)
@@ -11,39 +11,6 @@
 from martian.error import GrokError, GrokImportError
 from martian.util import class_annotation, methods_from_class, scan_for_classes
 
-def check_adapts(class_):
-    if component.adaptedBy(class_) is None:
-        raise GrokError("%r must specify which contexts it adapts "
-                        "(use grok.adapts to specify)."
-                        % class_, class_)
-
-def make_checker(factory, view_factory, permission, method_names=None):
-    """Make a checker for a view_factory associated with factory.
-
-    These could be one and the same for normal views, or different
-    in case we make method-based views such as for JSON and XMLRPC.
-    """
-    if method_names is None:
-        method_names = ['__call__']
-    if permission is not None:
-        check_permission(factory, permission)
-    if permission is None or permission == 'zope.Public':
-        checker = NamesChecker(method_names)
-    else:
-        checker = NamesChecker(method_names, permission)
-    defineChecker(view_factory, checker)
-
-def check_permission(factory, permission):
-    """Check whether a permission is defined.
-
-    If not, raise error for factory.
-    """
-    if component.queryUtility(IPermission,
-                              name=permission) is None:
-       raise GrokError('Undefined permission %r in %r. Use '
-                       'grok.Permission first.'
-                       % (permission, factory), factory)
-
 def get_default_permission(factory):
     """Determine the default permission for a view.
 
@@ -51,7 +18,7 @@
     """
     permissions = class_annotation(factory, 'grok.require', [])
     if not permissions:
-        return None
+        return 'zope.Public'
     if len(permissions) > 1:
         raise GrokError('grok.require was called multiple times in '
                         '%r. It may only be set once for a class.'



More information about the Checkins mailing list