[Checkins] SVN: z3c.securitytool/trunk/src/z3c/securitytool/
Changed mergePermissionsFromGroups to be a global function to
be used outside of the SecurityChecker class
Daniel Blackburn
blackburnd at gmail.com
Mon Jun 2 08:55:16 EDT 2008
Log message for revision 87099:
Changed mergePermissionsFromGroups to be a global function to be used outside of the SecurityChecker class
Changed:
U z3c.securitytool/trunk/src/z3c/securitytool/README.txt
U z3c.securitytool/trunk/src/z3c/securitytool/securitytool.py
-=-
Modified: z3c.securitytool/trunk/src/z3c/securitytool/README.txt
===================================================================
--- z3c.securitytool/trunk/src/z3c/securitytool/README.txt 2008-06-02 11:11:34 UTC (rev 87098)
+++ z3c.securitytool/trunk/src/z3c/securitytool/README.txt 2008-06-02 12:55:10 UTC (rev 87099)
@@ -55,7 +55,6 @@
'context',
'getPermissionSettingsForAllViews',
'getReadPerm',
- 'mergePermissionsFromGroups',
'populateMatrix',
'populatePermissionMatrix',
'updateRolePermissionSetting']
Modified: z3c.securitytool/trunk/src/z3c/securitytool/securitytool.py
===================================================================
--- z3c.securitytool/trunk/src/z3c/securitytool/securitytool.py 2008-06-02 11:11:34 UTC (rev 87098)
+++ z3c.securitytool/trunk/src/z3c/securitytool/securitytool.py 2008-06-02 12:55:10 UTC (rev 87099)
@@ -82,7 +82,7 @@
principals = zapi.principals()
getPrin = principals.getPrincipal
viewPrins = [getPrin(prin) for prin in self.viewMatrix]
- self.mergePermissionsFromGroups(viewPrins)
+ mergePermissionsFromGroups(viewPrins,self.viewMatrix)
def getReadPerm(self,view_reg):
""" Helper method which returns read_perm and view name"""
@@ -185,31 +185,6 @@
#If the permisison does not exist for the prin add it
continue
- def mergePermissionsFromGroups(self,principals):
- """
- This method recursively looks through all the principals in the
- viewPermMatrix and inspects the inherited permissions from groups
- assigned to the principal.
- """
- # Actually this does need a post-order depth first...
- # Thanks Jacob
- sysPrincipals = zapi.principals()
- matrix = self.viewMatrix
-
- for principal in principals:
- for group_id in principal.groups:
- group = sysPrincipals.getPrincipal(group_id)
- self.mergePermissionsFromGroups([sysPrincipals.getPrincipal(x) for x in principal.groups])
-
- if matrix.has_key(group_id):
- res = matrix[group_id]
- for item in res:
- # We only want the setting if we do not alread have it.
- # or if it is an Allow permission as the allow seems to
- # override the deny with conflicting group permissions.
- if item not in matrix[principal.id] or res[item] == 'Allow':
- matrix[principal.id][item] = res[item]
-
class MatrixDetails(object):
"""
This class creates the complex permissionDetails object
@@ -644,6 +619,7 @@
ob = getattr(ob, '__parent__', None)
# This is just to create an internal unique name for the object
# using the name and depth of the object.
+
if data.has_key('parentList'):
data['uid'] = data['parentList'][0]+"_" + \
str(len(data['parentList']))
@@ -653,7 +629,6 @@
result[-1][1]['parentList'] = ['Root Folder']
result[-1][1]['uid'] = 'Root Folder'
result[-1][1]['name'] = 'Root Folder'
-
data = {}
result.append(('global settings', data))
@@ -714,3 +689,26 @@
pass
+def mergePermissionsFromGroups(principals,matrix):
+ """
+ This method recursively looks through all the principals in the
+ viewPermMatrix and inspects the inherited permissions from groups
+ assigned to the principal.
+ """
+ # Actually this does need a post-order depth first...
+ # Thanks Jacob
+ sysPrincipals = zapi.principals()
+
+ for principal in principals:
+ for group_id in principal.groups:
+ group = sysPrincipals.getPrincipal(group_id)
+ mergePermissionsFromGroups([sysPrincipals.getPrincipal(x) for x in principal.groups],matrix)
+
+ if matrix.has_key(group_id):
+ res = matrix[group_id]
+ for item in res:
+ # We only want the setting if we do not alread have it.
+ # or if it is an Allow permission as the allow seems to
+ # override the deny with conflicting group permissions.
+ if item not in matrix[principal.id] or res[item] == 'Allow':
+ matrix[principal.id][item] = res[item]
More information about the Checkins
mailing list