[Checkins]
SVN: z3c.securitytool/trunk/src/z3c/securitytool/securitytool.py
- Fixed issue where the permissions directly defined for
context on the
Daniel Blackburn
blackburnd at gmail.com
Mon Feb 18 08:36:48 EST 2008
Log message for revision 84021:
- Fixed issue where the permissions directly defined for context on the
principaldetail page does not show duplicates or permissions defined
in less specific contexts ( if invalid ).
Changed:
U z3c.securitytool/trunk/src/z3c/securitytool/securitytool.py
-=-
Modified: z3c.securitytool/trunk/src/z3c/securitytool/securitytool.py
===================================================================
--- z3c.securitytool/trunk/src/z3c/securitytool/securitytool.py 2008-02-18 13:11:04 UTC (rev 84020)
+++ z3c.securitytool/trunk/src/z3c/securitytool/securitytool.py 2008-02-18 13:36:48 UTC (rev 84021)
@@ -234,8 +234,12 @@
def orderRoleTree(self):
# This is silly I know but I want global settings at the end
- globalSettings = self.principalMatrix['roleTree'].pop(0)
- self.principalMatrix['roleTree'].append(globalSettings)
+ try:
+ globalSettings = self.principalMatrix['roleTree'].pop(0)
+ self.principalMatrix['roleTree'].append(globalSettings)
+ except IndexError:
+ # Attempting to pop empty list
+ pass
def populatePrincipalMatrix(self, settings):
""" this method recursively populates the principal permissions
@@ -243,14 +247,14 @@
for setting in settings:
for name, item in setting.items():
+ self.populatePrincipalMatrixRoles(name,item)
self.populatePrincipalMatrixPermissions(item)
- self.populatePrincipalMatrixRoles(name,item)
-
for group_id in self.principal.groups:
group = self.principals.getPrincipal(group_id)
self.principalMatrix['groups'][group_id] = \
self.policyPermissions(group, settings)
+
def populatePrincipalMatrixRoles(self, name, item):
for curRole in item.get('principalRoles', ()):
if curRole['principal'] != self.principal.id:
@@ -328,6 +332,7 @@
def populatePrincipalMatrixPermissions(self, item):
# Here we get all the permssions for this principal
+
for prinPerms in item.get('principalPermissions', ()):
if self.principal.id != prinPerms['principal']:
@@ -339,17 +344,22 @@
if parentList:
self.populatePrincipalPermTree(item,parentList,prinPerms)
- #TODO:
- #Here we need to remove a permission if we had an
- #Allow and now we get a Deny
permission = prinPerms['permission']
_setting = prinPerms['setting']
mapping = {'permission': permission,
'setting': _setting}
- if not mapping in self.principalMatrix['permissions']:
- self.principalMatrix['permissions'].append(mapping)
+ dup = [x for x in self.principalMatrix['permissions'] \
+ if x['permission'] == permission]
+ if dup:
+ # This means we already have a record with this permission
+ # and the next record would be less specific so we continue
+ continue
+
+ self.principalMatrix['permissions'].append(mapping)
+
+
def populatePrincipalPermTree(self,item,parentList,prinPerms):
""" method responsible for creating permission tree """
key = item.get('uid')
More information about the Checkins
mailing list