[Checkins] SVN: z3c.securitytool/trunk/src/z3c/securitytool/ Cleanup of some python code and changed instructions on page-template

Daniel Blackburn blackburnd at gmail.com
Tue Feb 19 11:41:34 EST 2008 

Log message for revision 84061:
  Cleanup of some python code and changed instructions on page-template

Changed:
  U   z3c.securitytool/trunk/src/z3c/securitytool/browser/principalinfo.pt
  U   z3c.securitytool/trunk/src/z3c/securitytool/securitytool.py

-=-
Modified: z3c.securitytool/trunk/src/z3c/securitytool/browser/principalinfo.pt
===================================================================
--- z3c.securitytool/trunk/src/z3c/securitytool/browser/principalinfo.pt	2008-02-19 14:39:04 UTC (rev 84060)
+++ z3c.securitytool/trunk/src/z3c/securitytool/browser/principalinfo.pt	2008-02-19 16:41:33 UTC (rev 84061)
@@ -12,8 +12,8 @@
        <p class="description"> The detailed permissions, groups and
          roles for the selected principal are listed below. These are
          all the settings applied to the principal in the system
-         with respect to the context or view. The settings Allow or Deny
-         are also listed next to each permission.You can go back to
+         with respect to the context or view. The settings `Allow` or `Deny`
+         can be determined by the legend listed below. You can go back to
          the matrix page by selecting the `Security Matrix` link
          above. <i>Anything listed in the `global settings` is either in
          the zcml or programatically added permissions and roles.</i>

Modified: z3c.securitytool/trunk/src/z3c/securitytool/securitytool.py
===================================================================
--- z3c.securitytool/trunk/src/z3c/securitytool/securitytool.py	2008-02-19 14:39:04 UTC (rev 84060)
+++ z3c.securitytool/trunk/src/z3c/securitytool/securitytool.py	2008-02-19 16:41:33 UTC (rev 84061)
@@ -42,7 +42,8 @@
         except TypeError:
             pass
 
-    def getPermissionSettingsForAllViews(self,interfaces,skin=IBrowserRequest,
+    def getPermissionSettingsForAllViews(self,interfaces,
+                                         skin=IBrowserRequest,
                                          selectedPermission=None):
         """ retrieves permission settings for all views"""
         request = TestRequest()
@@ -63,32 +64,35 @@
                 if viewInstance:
                     self.populateMatrix(viewInstance,view_reg)
 
-        # Two matricies are created a role matrix and a permission matrix.
+        self.aggregateMatrices()
+        return [self.viewMatrix,self.views,self.permissions]
 
-        # The reason for the viewRoleMatrix is so lower roles in the tree
-        # can overite higher roles. And the assigned permissions in roles
-        # can be organized seperately than the assigned permissions to
-        # objects.
+    def aggregateMatrices(self):
+        """
+        This method is used to aggregate the two matricies together.
+        There is a role matrix and a permission matrix. The reason for
+        the role matrix is that we can have lower level assignments to
+        override higher level assingments seperately from the direct
+        assignments of permissions. We need to merge these together to
+        have a complete matrix, When there is a conflict between
+        permissions and role-permissions  permissions will always win.
+        """
 
-        # Here we will merge the two matricies where the permission matrix
-        # will always win
-
         for item in self.viewRoleMatrix:
             if not  self.viewMatrix.has_key(item):
                 self.viewMatrix[item] = {}
             for viewSetting in self.viewRoleMatrix[item]:
-                val = self.viewRoleMatrix[item][viewSetting] and 'Allow' or '--'
+                val = self.viewRoleMatrix[item][viewSetting] \
+                                               and 'Allow' or '--'
                 self.viewMatrix[item].update({viewSetting:val})
-
+        
         for item in self.viewPermMatrix:
             if not  self.viewMatrix.has_key(item):
                 self.viewMatrix[item] = {}
             for viewSetting in self.viewPermMatrix[item]:
                 self.viewMatrix[item].update(
-                          {viewSetting:self.viewPermMatrix[item][viewSetting]})
-
-        return [self.viewMatrix,self.views,self.permissions]
-
+                      {viewSetting:self.viewPermMatrix[item][viewSetting]})
+    
     def getReadPerm(self,view_reg):
         """ Helper method which returns read_perm and view name"""
         info = getViewInfoDictionary(view_reg)
@@ -270,9 +274,11 @@
                     # Here we see if we have added a security setting with
                     # this role before, if it is now denied we remove it.
                     del self.principalMatrix['roles'][role]
-                except KeyError:
+                except:
+                    #Cannot delete something that is not there
                     pass
                 continue
+                    
 
             else:
                 self.populatePrincipalRoles(item,role,curRole)
@@ -328,27 +334,23 @@
                         self.principalMatrix['roles'][role].append(mapping)
 
     def populatePrincipalMatrixPermissions(self, item):
-        # Here we get all the permssions for this principal
+        """ Here we get all the permissions for the given principal
+            on the item passed.
+        """
 
         for prinPerms in item.get('principalPermissions', ()):
-
             if self.principal.id != prinPerms['principal']:
                 continue
 
-            parentList = item.get('parentList',None)
-            setting = prinPerms['setting'].getName()
+            if item.get('parentList',None):
+                self.populatePrincipalPermTree(item,prinPerms)
 
-            if parentList:
-                self.populatePrincipalPermTree(item,parentList,prinPerms)
+            mapping = {'permission': prinPerms['permission'],
+                       'setting'   : prinPerms['setting'],}
 
-            permission = prinPerms['permission']
-            _setting = prinPerms['setting']
-            mapping = {'permission': permission,
-                       'setting': _setting}
+            dup = [perm for perm in self.principalMatrix['permissions'] \
+                   if perm['permission'] == mapping['permission']] 
 
-            dup = [x for x in self.principalMatrix['permissions'] \
-                   if x['permission'] == permission] 
-
             if dup:
                 # This means we already have a record with this permission
                 # and the next record would be less specific so we continue
@@ -357,25 +359,25 @@
             self.principalMatrix['permissions'].append(mapping)
 
 
-    def populatePrincipalPermTree(self,item,parentList,prinPerms):
+    def populatePrincipalPermTree(self,item,prinPerms):
         """ method responsible for creating permission tree """
+        
         key = item.get('uid')
         keys =  [x.keys()[0] for x in\
                  self.principalMatrix['permissionTree']]
 
         if key not in keys:
-            self.principalMatrix['permissionTree'].append({
-                                         key:{}})
+            self.principalMatrix['permissionTree'].append({key:{}})
             place = -1
         else:
             place = keys.index(key)
 
         # Each key is unique so we just get the list index to edit
-        # we keep it as a list so the order stays the same.
+        # We keep it as a list so the order stays the same.
 
         self.principalMatrix['permissionTree'][place]\
              [key]['parentList'] = \
-             parentList
+             item.get('parentList')
 
         self.principalMatrix['permissionTree'][place]\
              [key]['name'] = item.get('name')

More information about the Checkins mailing list