[Checkins] SVN: z3c.securitytool/trunk/src/z3c/securitytool/securitytool.py - Fixed issue where the permissions directly defined for context on the

Mon Feb 18 08:36:48 EST 2008

Log message for revision 84021:
  
   - Fixed issue where the permissions directly defined for context on the
     principaldetail page does not show duplicates or permissions defined
     in less specific contexts ( if invalid ).
  
  
  

Changed:
  U   z3c.securitytool/trunk/src/z3c/securitytool/securitytool.py

-=-
Modified: z3c.securitytool/trunk/src/z3c/securitytool/securitytool.py
===================================================================

--- z3c.securitytool/trunk/src/z3c/securitytool/securitytool.py	2008-02-18 13:11:04 UTC (rev 84020)
+++ z3c.securitytool/trunk/src/z3c/securitytool/securitytool.py	2008-02-18 13:36:48 UTC (rev 84021)
@@ -234,8 +234,12 @@
 
     def orderRoleTree(self):
         # This is silly I know but I want global settings at the end
-        globalSettings = self.principalMatrix['roleTree'].pop(0)
-        self.principalMatrix['roleTree'].append(globalSettings)
+        try:
+            globalSettings = self.principalMatrix['roleTree'].pop(0)
+            self.principalMatrix['roleTree'].append(globalSettings)
+        except IndexError:
+            # Attempting to pop empty list
+            pass
 
     def populatePrincipalMatrix(self, settings):
         """ this method recursively populates the principal permissions
@@ -243,14 +247,14 @@
 
         for setting in settings:
             for name, item in setting.items():
+                self.populatePrincipalMatrixRoles(name,item)
                 self.populatePrincipalMatrixPermissions(item)
-                self.populatePrincipalMatrixRoles(name,item)
-
             for group_id in self.principal.groups:
                 group = self.principals.getPrincipal(group_id)
                 self.principalMatrix['groups'][group_id] = \
                     self.policyPermissions(group, settings)
 
+
     def populatePrincipalMatrixRoles(self, name, item):
         for curRole in item.get('principalRoles', ()):
             if curRole['principal'] != self.principal.id:
@@ -328,6 +332,7 @@
 
     def populatePrincipalMatrixPermissions(self, item):
         # Here we get all the permssions for this principal
+
         for prinPerms in item.get('principalPermissions', ()):
 
             if self.principal.id != prinPerms['principal']:
@@ -339,17 +344,22 @@
             if parentList:
                 self.populatePrincipalPermTree(item,parentList,prinPerms)
 
-            #TODO:
-            #Here we need to remove a permission if we had an
-            #Allow and now we get a Deny
             permission = prinPerms['permission']
             _setting = prinPerms['setting']
             mapping = {'permission': permission,
                        'setting': _setting}
-            if not mapping in self.principalMatrix['permissions']:
-                self.principalMatrix['permissions'].append(mapping)
 
+            dup = [x for x in self.principalMatrix['permissions'] \
+                   if x['permission'] == permission] 
 
+            if dup:
+                # This means we already have a record with this permission
+                # and the next record would be less specific so we continue
+                continue
+
+            self.principalMatrix['permissions'].append(mapping)
+
+
     def populatePrincipalPermTree(self,item,parentList,prinPerms):
         """ method responsible for creating permission tree """
         key = item.get('uid')

