[Checkins] SVN: grok/branches/jw-refer-to-permission-class/
grok.require() can refer to a grok.Permission derived class
Jan-Wijbrand Kolman
janwijbrand at gmail.com
Thu May 1 16:10:03 EDT 2008
Log message for revision 86030:
grok.require() can refer to a grok.Permission derived class
instead of just its id (name).
Changed:
U grok/branches/jw-refer-to-permission-class/CHANGES.txt
U grok/branches/jw-refer-to-permission-class/src/grok/directive.py
U grok/branches/jw-refer-to-permission-class/src/grok/ftests/security/require.py
A grok/branches/jw-refer-to-permission-class/src/grok/tests/security/not_a_permissionclass.py
-=-
Modified: grok/branches/jw-refer-to-permission-class/CHANGES.txt
===================================================================
--- grok/branches/jw-refer-to-permission-class/CHANGES.txt 2008-05-01 20:07:58 UTC (rev 86029)
+++ grok/branches/jw-refer-to-permission-class/CHANGES.txt 2008-05-01 20:10:02 UTC (rev 86030)
@@ -7,11 +7,16 @@
Feature changes
---------------
+* grok.require() can refer to subclasses of grok.Permission directly, instead
+ of their id. This, for one, avoids making typos in permission ids.
+ Permission components *do* still need the grok.name() directive for defining
+ the permission's id.
+
* Added an optional parameter 'data' to the method 'url()' that accepts
- a dictionary that is then converted to a query string. See
-
+ a dictionary that is then converted to a query string. See
+
http://grok.zope.org/documentation/how-to/generate-urls-with-the-url-function-in-views/view
-
+
* Added an OrderedContainer component.
* Introduced the new `sphinx`-based documentation engine. See
Modified: grok/branches/jw-refer-to-permission-class/src/grok/directive.py
===================================================================
--- grok/branches/jw-refer-to-permission-class/src/grok/directive.py 2008-05-01 20:07:58 UTC (rev 86029)
+++ grok/branches/jw-refer-to-permission-class/src/grok/directive.py 2008-05-01 20:10:02 UTC (rev 86030)
@@ -30,6 +30,7 @@
ClassOrModuleDirectiveContext)
from martian import util
from grokcore.component.directive import MultiValueOnceDirective
+from grok import components
class LocalUtilityDirective(MultipleTimesDirective):
def check_arguments(self, factory, provides=None, name=u'',
@@ -55,9 +56,20 @@
self.name_in_container = name_in_container
-class RequireDirective(BaseTextDirective, SingleValue, MultipleTimesDirective):
+class RequireDirective(SingleValue, MultipleTimesDirective):
+ def check_arguments(self, value):
+ if util.check_subclass(value, components.Permission):
+ return
+ if util.not_unicode_or_ascii(value):
+ raise GrokImportError(
+ "You can only pass unicode, ASCII, or a subclass "
+ "of grok.Permission %s." % self.name)
+
def store(self, frame, value):
+ if util.check_subclass(value, components.Permission):
+ value = getattr(value, '__grok_name__')
+
super(RequireDirective, self).store(frame, value)
values = frame.f_locals.get(self.local_name, [])
@@ -71,6 +83,7 @@
return func
return decorator
+
# Define grok directives
template = SingleTextDirective('grok.template', ClassDirectiveContext())
templatedir = SingleTextDirective('grok.templatedir', ModuleDirectiveContext())
Modified: grok/branches/jw-refer-to-permission-class/src/grok/ftests/security/require.py
===================================================================
--- grok/branches/jw-refer-to-permission-class/src/grok/ftests/security/require.py 2008-05-01 20:07:58 UTC (rev 86029)
+++ grok/branches/jw-refer-to-permission-class/src/grok/ftests/security/require.py 2008-05-01 20:10:02 UTC (rev 86030)
@@ -25,6 +25,26 @@
>>> browser.open("http://localhost/@@publicnudity")
>>> print browser.contents
Everybody can see this.
+
+To require permission one can refer either to the permission's id or the the
+permission class too::
+
+ >>> browser = Browser()
+ >>> browser.open("http://localhost/@@profanity")
+ Traceback (most recent call last):
+ HTTPError: HTTP Error 401: Unauthorized
+
+When we log in (e.g. as a manager), we can access the view just fine:
+
+ >>> from zope.securitypolicy.rolepermission import rolePermissionManager
+ >>> rolePermissionManager.grantPermissionToRole('cave.ViewPainting',
+ ... 'zope.Manager')
+ >>> browser.addHeader('Authorization', 'Basic mgr:mgrpw')
+ >>> browser.handleErrors = False
+ >>> browser.open("http://localhost/@@profanity")
+ >>> print browser.contents
+ Harsh words here.
+
"""
import grok
@@ -48,3 +68,11 @@
def render(self):
return 'Everybody can see this.'
+
+class Profanity(grok.View):
+
+ grok.context(zope.interface.Interface)
+ grok.require(ViewPainting)
+
+ def render(self):
+ return 'Harsh words here.'
Added: grok/branches/jw-refer-to-permission-class/src/grok/tests/security/not_a_permissionclass.py
===================================================================
--- grok/branches/jw-refer-to-permission-class/src/grok/tests/security/not_a_permissionclass.py (rev 0)
+++ grok/branches/jw-refer-to-permission-class/src/grok/tests/security/not_a_permissionclass.py 2008-05-01 20:10:02 UTC (rev 86030)
@@ -0,0 +1,23 @@
+"""
+When refering to a class in the grok.require() directive, this class needs
+to implement the zope.security.interfaces.IPermission interface::
+
+ >>> from zope.interface import Interface
+ >>> class NotAProperPermission(object):
+ ... pass
+ >>>
+ >>> class NoPermission(grok.View):
+ ... grok.context(zope.interface.Interface)
+ ... grok.require(NotAProperPermission)
+ ...
+ ... def render(self):
+ ... pass
+ Traceback (most recent call last):
+ ...
+ GrokImportError: You can only pass unicode, ASCII, or a subclass of
+ grok.Permission grok.require.
+
+"""
+
+import grok
+import zope.interface
More information about the Checkins
mailing list