[Checkins]
SVN: z3c.securitytool/trunk/src/z3c/securitytool/demoSetup.py
Updated the demoSetup.py setup the proper environment to test
the group permission inheritance
Daniel Blackburn
blackburnd at gmail.com
Sun May 25 16:03:41 EDT 2008
Log message for revision 86945:
Updated the demoSetup.py setup the proper environment to test the group permission inheritance
Changed:
U z3c.securitytool/trunk/src/z3c/securitytool/demoSetup.py
-=-
Modified: z3c.securitytool/trunk/src/z3c/securitytool/demoSetup.py
===================================================================
--- z3c.securitytool/trunk/src/z3c/securitytool/demoSetup.py 2008-05-25 20:01:48 UTC (rev 86944)
+++ z3c.securitytool/trunk/src/z3c/securitytool/demoSetup.py 2008-05-25 20:03:41 UTC (rev 86945)
@@ -1,11 +1,9 @@
import transaction
-
from zope.app.folder import Folder
-
from zope.app import zapi
-
from zope.app.appsetup.bootstrap import getInformationFromEvent
-from zope.securitypolicy.interfaces import IPrincipalPermissionManager, IPrincipalRoleManager
+from zope.securitypolicy.interfaces import IPrincipalPermissionManager
+from zope.securitypolicy.interfaces import IPrincipalRoleManager
class Participation:
@@ -36,21 +34,20 @@
# Lets get the list of all principals on the system.
sysPrincipals = zapi.principals()
principals = [x.id for x in sysPrincipals.getPrincipals('')
- if x.id != 'group1']
+ if x.id not in ['group1','randy']]
# Here is where we begin to set the permissions for the root context level
roleManager = IPrincipalRoleManager(root)
permManager = IPrincipalPermissionManager(root)
roleManager.assignRoleToPrincipal('zope.Editor', 'zope.group1')
- # Here we assign the group group1 to zope.daniel
- daniel = sysPrincipals.getPrincipal('zope.daniel')
- group1 = sysPrincipals.getPrincipal('zope.group1')
- daniel.groups.append(group1)
+ # Here we assign the group group1 to zope.daniel and zope.randy
- # Here we assign the group group1 to zope.randy
- randy = sysPrincipals.getPrincipal('zope.randy')
group1 = sysPrincipals.getPrincipal('zope.group1')
+ daniel = sysPrincipals.getPrincipal('zope.daniel')
+ randy = sysPrincipals.getPrincipal('zope.randy')
+
+ daniel.groups.append(group1)
randy.groups.append(group1)
roleManager.assignRoleToPrincipal('zope.Writer', 'zope.daniel')
@@ -73,9 +70,6 @@
roleManager.assignRoleToPrincipal('zope.Janitor', 'zope.markus')
roleManager.assignRoleToPrincipal('zope.Writer', 'zope.daniel')
- permManager.denyPermissionToPrincipal('concord.DeleteIssue',
- group1.id)
-
for principal in principals:
permManager.denyPermissionToPrincipal('concord.ReadIssue',
principal)
@@ -84,6 +78,10 @@
permManager.grantPermissionToPrincipal('concord.CreateArticle',
principal)
+ permManager.denyPermissionToPrincipal('concord.DeleteIssue',
+ group1.id)
+ permManager.denyPermissionToPrincipal('concord.CreateIssue',
+ group1.id)
# Here is where we begin to set the permissions for the context level of
# /root/Folder1/Folder2.
More information about the Checkins
mailing list