[Checkins] SVN: grok/branches/jw-refer-to-permission-class/ grok.require() can refer to a grok.Permission derived class

Jan-Wijbrand Kolman janwijbrand at gmail.com
Thu May 1 16:10:03 EDT 2008


Log message for revision 86030:
  grok.require() can refer to a grok.Permission derived class 
  instead of just its id (name).

Changed:
  U   grok/branches/jw-refer-to-permission-class/CHANGES.txt
  U   grok/branches/jw-refer-to-permission-class/src/grok/directive.py
  U   grok/branches/jw-refer-to-permission-class/src/grok/ftests/security/require.py
  A   grok/branches/jw-refer-to-permission-class/src/grok/tests/security/not_a_permissionclass.py

-=-
Modified: grok/branches/jw-refer-to-permission-class/CHANGES.txt
===================================================================
--- grok/branches/jw-refer-to-permission-class/CHANGES.txt	2008-05-01 20:07:58 UTC (rev 86029)
+++ grok/branches/jw-refer-to-permission-class/CHANGES.txt	2008-05-01 20:10:02 UTC (rev 86030)
@@ -7,11 +7,16 @@
 Feature changes
 ---------------
 
+* grok.require() can refer to subclasses of grok.Permission directly, instead
+  of their id. This, for one, avoids making typos in permission ids.
+  Permission components *do* still need the grok.name() directive for defining
+  the permission's id.
+
 * Added an optional parameter 'data' to the method 'url()' that accepts
-  a dictionary that is then converted to a query string. See 
-   
+  a dictionary that is then converted to a query string. See
+
   http://grok.zope.org/documentation/how-to/generate-urls-with-the-url-function-in-views/view
-  
+
 * Added an OrderedContainer component.
 
 * Introduced the new `sphinx`-based documentation engine. See

Modified: grok/branches/jw-refer-to-permission-class/src/grok/directive.py
===================================================================
--- grok/branches/jw-refer-to-permission-class/src/grok/directive.py	2008-05-01 20:07:58 UTC (rev 86029)
+++ grok/branches/jw-refer-to-permission-class/src/grok/directive.py	2008-05-01 20:10:02 UTC (rev 86030)
@@ -30,6 +30,7 @@
                                ClassOrModuleDirectiveContext)
 from martian import util
 from grokcore.component.directive import MultiValueOnceDirective
+from grok import components
 
 class LocalUtilityDirective(MultipleTimesDirective):
     def check_arguments(self, factory, provides=None, name=u'',
@@ -55,9 +56,20 @@
         self.name_in_container = name_in_container
 
 
-class RequireDirective(BaseTextDirective, SingleValue, MultipleTimesDirective):
+class RequireDirective(SingleValue, MultipleTimesDirective):
 
+    def check_arguments(self, value):
+        if util.check_subclass(value, components.Permission):
+            return
+        if util.not_unicode_or_ascii(value):
+            raise GrokImportError(
+                "You can only pass unicode, ASCII, or a subclass "
+                "of grok.Permission %s." % self.name)
+
     def store(self, frame, value):
+        if util.check_subclass(value, components.Permission):
+            value = getattr(value, '__grok_name__')
+
         super(RequireDirective, self).store(frame, value)
         values = frame.f_locals.get(self.local_name, [])
 
@@ -71,6 +83,7 @@
             return func
         return decorator
 
+
 # Define grok directives
 template = SingleTextDirective('grok.template', ClassDirectiveContext())
 templatedir = SingleTextDirective('grok.templatedir', ModuleDirectiveContext())

Modified: grok/branches/jw-refer-to-permission-class/src/grok/ftests/security/require.py
===================================================================
--- grok/branches/jw-refer-to-permission-class/src/grok/ftests/security/require.py	2008-05-01 20:07:58 UTC (rev 86029)
+++ grok/branches/jw-refer-to-permission-class/src/grok/ftests/security/require.py	2008-05-01 20:10:02 UTC (rev 86030)
@@ -25,6 +25,26 @@
   >>> browser.open("http://localhost/@@publicnudity")
   >>> print browser.contents
   Everybody can see this.
+
+To require permission one can refer either to the permission's id or the the
+permission class too::
+
+  >>> browser = Browser()
+  >>> browser.open("http://localhost/@@profanity")
+  Traceback (most recent call last):
+  HTTPError: HTTP Error 401: Unauthorized
+
+When we log in (e.g. as a manager), we can access the view just fine:
+
+  >>> from zope.securitypolicy.rolepermission import rolePermissionManager
+  >>> rolePermissionManager.grantPermissionToRole('cave.ViewPainting',
+  ...                                             'zope.Manager')
+  >>> browser.addHeader('Authorization', 'Basic mgr:mgrpw')
+  >>> browser.handleErrors = False
+  >>> browser.open("http://localhost/@@profanity")
+  >>> print browser.contents
+  Harsh words here.
+
 """
 
 import grok
@@ -48,3 +68,11 @@
 
     def render(self):
         return 'Everybody can see this.'
+
+class Profanity(grok.View):
+
+    grok.context(zope.interface.Interface)
+    grok.require(ViewPainting)
+
+    def render(self):
+        return 'Harsh words here.'

Added: grok/branches/jw-refer-to-permission-class/src/grok/tests/security/not_a_permissionclass.py
===================================================================
--- grok/branches/jw-refer-to-permission-class/src/grok/tests/security/not_a_permissionclass.py	                        (rev 0)
+++ grok/branches/jw-refer-to-permission-class/src/grok/tests/security/not_a_permissionclass.py	2008-05-01 20:10:02 UTC (rev 86030)
@@ -0,0 +1,23 @@
+"""
+When refering to a class in the grok.require() directive, this class needs
+to implement the zope.security.interfaces.IPermission interface::
+
+  >>> from zope.interface import Interface
+  >>> class NotAProperPermission(object):
+  ...   pass
+  >>>
+  >>> class NoPermission(grok.View):
+  ...     grok.context(zope.interface.Interface)
+  ...     grok.require(NotAProperPermission)
+  ...
+  ...     def render(self):
+  ...         pass
+  Traceback (most recent call last):
+  ...
+  GrokImportError: You can only pass unicode, ASCII, or a subclass of
+  grok.Permission grok.require.
+
+"""
+
+import grok
+import zope.interface



More information about the Checkins mailing list