[Checkins] SVN: z3c.securitytool/trunk/ Refactored the viewRoleMatrix population to a seperate method and updated README

Daniel Blackburn blackburnd at gmail.com
Wed Jun 11 18:45:13 EDT 2008


Log message for revision 87318:
  Refactored the viewRoleMatrix population to a seperate method and updated README

Changed:
  U   z3c.securitytool/trunk/TODO.txt
  U   z3c.securitytool/trunk/src/z3c/securitytool/README.txt
  U   z3c.securitytool/trunk/src/z3c/securitytool/securitytool.py

-=-
Modified: z3c.securitytool/trunk/TODO.txt
===================================================================
--- z3c.securitytool/trunk/TODO.txt	2008-06-11 19:27:04 UTC (rev 87317)
+++ z3c.securitytool/trunk/TODO.txt	2008-06-11 22:45:12 UTC (rev 87318)
@@ -1,19 +1,14 @@
 
 
- TODO
-===============
+TODO
+====
 
-     NEED FOR BETA RELEASE
-    ==============================
-           
-    * Show the permission details as a graph ??
+PrincipalDetails and Permission Details
+=======================================
+    * Strike through role - permissions which are denied 
+      by specific permission deny settings
 
-    PrincipalDetails and Permission Details
-    ===================================================
-        * Strike through role - permissions which are denied 
-          by specific permission deny settings
 
-
                                             DONE
 ==============================================================================
     * Make sure the group settings are taken into account and

Modified: z3c.securitytool/trunk/src/z3c/securitytool/README.txt
===================================================================
--- z3c.securitytool/trunk/src/z3c/securitytool/README.txt	2008-06-11 19:27:04 UTC (rev 87317)
+++ z3c.securitytool/trunk/src/z3c/securitytool/README.txt	2008-06-11 22:45:12 UTC (rev 87318)
@@ -57,7 +57,7 @@
      'getReadPerm',
      'populateMatrix',
      'populatePermissionMatrix',
-     'updateRolePermissionSetting']
+     'populateViewRoleMatrix']
         
 
     To get all the security settings for particular context level the

Modified: z3c.securitytool/trunk/src/z3c/securitytool/securitytool.py
===================================================================
--- z3c.securitytool/trunk/src/z3c/securitytool/securitytool.py	2008-06-11 19:27:04 UTC (rev 87317)
+++ z3c.securitytool/trunk/src/z3c/securitytool/securitytool.py	2008-06-11 22:45:12 UTC (rev 87318)
@@ -78,7 +78,7 @@
                       {viewSetting:self.viewPermMatrix[item][viewSetting]})
 
         # Now we will inherit the permissions from groups assigned to each
-        # principal
+        # principal and digest them accordingly
         principals = zapi.principals()
         getPrin = principals.getPrincipal
         viewPrins = [getPrin(prin) for prin in self.viewMatrix]
@@ -101,14 +101,28 @@
 
         self.name, read_perm = self.getReadPerm(view_reg)
 
+        # If we are not viewing the permission the user has selected 
         if self.selectedPermission and self.selectedPermission != read_perm:
             return
+
         self.views[self.name] = read_perm
 
         allSettings, settings = getSettingsForMatrix(viewInstance)
+
         rolePermMap = allSettings.get('rolePermissions', ())
+        self.populateViewRoleMatrix(rolePermMap,settings,read_perm)     
 
-        for name,setting in settings:
+        prinPermissions = allSettings.get('principalPermissions',[])
+        self.populatePermissionMatrix(read_perm,prinPermissions)
+
+    def populateViewRoleMatrix(self,rolePermMap,settings,read_perm):
+        """
+        This method is responsible for populating the viewRoleMatrix
+        of the security matrix this will be merged with the permissionMatrix
+        after both are fully populated.
+        """
+        
+        for name, setting in settings:
             principalRoles = setting.get('principalRoles', [])
             for role in principalRoles:
                 principal = role['principal']
@@ -125,6 +139,8 @@
                         # this role before, if it is now denied we remove it.
                         del self.viewRoleMatrix[principal]\
                                        [self.name][role['role']]
+                        continue
+
                     except KeyError:
                         pass
 
@@ -134,28 +150,15 @@
                     permSetting =  principalRoleProvidesPermission(
                                    principalRoles, rolePermMap,
                                    principal, read_perm,
-                                   role['role']
-                                )
+                                   role['role'])
+                    
+                # The role is either Allow or zope.public so we add
+                # it to the viewRoleMatrix.
                 if permSetting[1]:
-                    self.updateRolePermissionSetting(permSetting[1],
-                                                     principal,
-                                                     role['role'],
-                                                     self.name)
+                    self.viewRoleMatrix[principal].setdefault(self.name,{})
+                    self.viewRoleMatrix[principal]\
+                          [self.name].update({role['role']:permSetting[1]})
 
-            prinPermissions = allSettings.get('principalPermissions',[])
-            self.populatePermissionMatrix(read_perm,prinPermissions)
-
-    def updateRolePermissionSetting(self,permSetting,principal,role,name):
-        """
-        Updates permission setting for current role if necessary this
-        populates the viewRoleMatrix which is used with viewPermMatrix to
-        determine the objects permission for the securityMatrix.html page
-
-        """
-        if permSetting != 'Deny':
-            self.viewRoleMatrix[principal].setdefault(name,{})
-            self.viewRoleMatrix[principal][name].update({role:permSetting})
-
     def populatePermissionMatrix(self,read_perm,principalPermissions):
         """ This method populates the principal permission section of
             the view matrix, it is half responsible for the 'Allow' and



More information about the Checkins mailing list