[Checkins] SVN: z3ext.permissionsmap/trunk/ Do not register named utility for default content permissions
Nikolay Kim
fafhrd91 at gmail.com
Wed Aug 5 08:46:29 EDT 2009
Log message for revision 102498:
Do not register named utility for default content permissions
Changed:
U z3ext.permissionsmap/trunk/CHANGES.txt
U z3ext.permissionsmap/trunk/setup.py
U z3ext.permissionsmap/trunk/src/z3ext/permissionsmap/README.txt
U z3ext.permissionsmap/trunk/src/z3ext/permissionsmap/interfaces.py
U z3ext.permissionsmap/trunk/src/z3ext/permissionsmap/permissionsmap.py
U z3ext.permissionsmap/trunk/src/z3ext/permissionsmap/tests.py
U z3ext.permissionsmap/trunk/src/z3ext/permissionsmap/zcml.py
-=-
Modified: z3ext.permissionsmap/trunk/CHANGES.txt
===================================================================
--- z3ext.permissionsmap/trunk/CHANGES.txt 2009-08-05 11:23:58 UTC (rev 102497)
+++ z3ext.permissionsmap/trunk/CHANGES.txt 2009-08-05 12:46:29 UTC (rev 102498)
@@ -2,6 +2,12 @@
CHANGES
=======
+1.2.3 (Unreleased)
+------------------
+
+- Do not register named utility for default content permissions
+
+
1.2.2 (2009-04-30)
------------------
Modified: z3ext.permissionsmap/trunk/setup.py
===================================================================
--- z3ext.permissionsmap/trunk/setup.py 2009-08-05 11:23:58 UTC (rev 102497)
+++ z3ext.permissionsmap/trunk/setup.py 2009-08-05 12:46:29 UTC (rev 102498)
@@ -59,10 +59,10 @@
'zope.component',
'zope.location',
'zope.annotation',
- 'zope.security',
+ 'zope.security',
'zope.securitypolicy',
'zope.configuration',
- 'z3ext.security',
+ 'z3ext.security',
],
extras_require = dict(test=['zope.app.testing',
'zope.testing',
Modified: z3ext.permissionsmap/trunk/src/z3ext/permissionsmap/README.txt
===================================================================
--- z3ext.permissionsmap/trunk/src/z3ext/permissionsmap/README.txt 2009-08-05 11:23:58 UTC (rev 102497)
+++ z3ext.permissionsmap/trunk/src/z3ext/permissionsmap/README.txt 2009-08-05 12:46:29 UTC (rev 102498)
@@ -157,6 +157,11 @@
>>> context = xmlconfig.string("""
... <configure xmlns="http://namespaces.zope.org/zope">
+ ... <permissions name="myPermissions1">
+ ... <grant permission="my.p1" role="r1 r2 r3" />
+ ... <deny permission="my.p2" role="r1 r3" />
+ ... <denyAll permission="my.p3" />
+ ... </permissions>
... <permissions name="myPermissions2" title="My Permissions2">
... <grant permission="my.p3" role="r1" />
... <grant permission="my.p2" role="r2" />
Modified: z3ext.permissionsmap/trunk/src/z3ext/permissionsmap/interfaces.py
===================================================================
--- z3ext.permissionsmap/trunk/src/z3ext/permissionsmap/interfaces.py 2009-08-05 11:23:58 UTC (rev 102497)
+++ z3ext.permissionsmap/trunk/src/z3ext/permissionsmap/interfaces.py 2009-08-05 12:46:29 UTC (rev 102498)
@@ -27,19 +27,19 @@
""" named IRolePermissionMap object """
name = schema.TextLine(
- title=u"Name",
- description=u"Permissions map identifier.",
- required=True)
+ title=u"Name",
+ description=u"Permissions map identifier.",
+ required=True)
title = schema.TextLine(
- title=u"Title",
- description=u"Permissions map title.",
- required=True)
+ title=u"Title",
+ description=u"Permissions map title.",
+ required=True)
description = schema.TextLine(
- title=u"Description",
- description=u"Permissions map description.",
- required=False)
+ title=u"Description",
+ description=u"Permissions map description.",
+ required=False)
class IDefaultPermissionsMap(interface.Interface):
Modified: z3ext.permissionsmap/trunk/src/z3ext/permissionsmap/permissionsmap.py
===================================================================
--- z3ext.permissionsmap/trunk/src/z3ext/permissionsmap/permissionsmap.py 2009-08-05 11:23:58 UTC (rev 102497)
+++ z3ext.permissionsmap/trunk/src/z3ext/permissionsmap/permissionsmap.py 2009-08-05 12:46:29 UTC (rev 102498)
@@ -55,7 +55,7 @@
settings.update(
[(pid, setting) for pid, setting in \
super(PermissionsMap, self).getPermissionsForRole(role_id)])
-
+
return settings.items()
else:
Modified: z3ext.permissionsmap/trunk/src/z3ext/permissionsmap/tests.py
===================================================================
--- z3ext.permissionsmap/trunk/src/z3ext/permissionsmap/tests.py 2009-08-05 11:23:58 UTC (rev 102497)
+++ z3ext.permissionsmap/trunk/src/z3ext/permissionsmap/tests.py 2009-08-05 12:46:29 UTC (rev 102498)
@@ -71,8 +71,8 @@
def tearDown(test):
setup.placelessTearDown()
-
+
def test_suite():
return unittest.TestSuite((
doctest.DocFileSuite(
Modified: z3ext.permissionsmap/trunk/src/z3ext/permissionsmap/zcml.py
===================================================================
--- z3ext.permissionsmap/trunk/src/z3ext/permissionsmap/zcml.py 2009-08-05 11:23:58 UTC (rev 102497)
+++ z3ext.permissionsmap/trunk/src/z3ext/permissionsmap/zcml.py 2009-08-05 12:46:29 UTC (rev 102498)
@@ -32,28 +32,28 @@
""" define permissions map directive"""
name = schema.TextLine(
- title=u"Name",
- description=u"Permissions map identifier.",
- required=True)
+ title=u"Name",
+ description=u"Permissions map identifier.",
+ required=True)
for_ = GlobalObject(
- title=u"For",
- required=False)
+ title=u"For",
+ required=False)
title = schema.TextLine(
- title=u"Title",
- description=u"Permissions map title.",
- required=False)
+ title=u"Title",
+ description=u"Permissions map title.",
+ required=False)
description = schema.TextLine(
- title=u"Description",
- description=u"Permissions map description.",
- required=False)
+ title=u"Description",
+ description=u"Permissions map description.",
+ required=False)
override = schema.Bool(
- title=u"Override",
- description=u"Allow override sub directives for this declaration.",
- required=False,
+ title=u"Override",
+ description=u"Allow override sub directives for this declaration.",
+ required=False,
default=True)
@@ -63,13 +63,13 @@
title=u"Role",
description=u"Specifies the role.",
required=True,
- value_type=schema.TextLine())
+ value_type=schema.TextLine())
permission = Tokens(
title=u"Permission",
description=u"Specifies the permission to be mapped.",
required=True,
- value_type=Permission())
+ value_type=Permission())
class IDenyDirective(interface.Interface):
@@ -78,7 +78,7 @@
title=u"Role",
description=u"Specifies the role.",
required=True,
- value_type=schema.TextLine())
+ value_type=schema.TextLine())
permission = Tokens(
title=u"Permission",
@@ -93,7 +93,7 @@
title=u"Role",
description=u"Specifies the role.",
required=True,
- value_type=schema.TextLine())
+ value_type=schema.TextLine())
permission = Tokens(
title=u"Permission",
@@ -137,30 +137,45 @@
def __call__(self, context):
return self.permissionsmap
+classPermissions = {}
+
def permissionsHandler(name, for_, title, description):
# check if map already exists
sm = globalregistry.globalSiteManager
- perms = sm.queryUtility(IPermissionsMap, name)
- if perms is not None:
- return
+ if for_ is not None:
+ global classPermissions
- # register map as utility
- perms = PermissionsMap(name, title, description)
- sm.registerUtility(perms, IPermissionsMap, name)
+ perms = classPermissions.get(for_)
+ if perms is not None:
+ return
- if for_ is not None:
+ perms = PermissionsMap(name, title, description)
+ classPermissions[for_] = perms
+ interface.alsoProvides(perms, IDefaultPermissionsMap)
+
# register map as adapter for for_
- interface.alsoProvides(perms, IDefaultPermissionsMap)
factory = ClassPermissionsFactory(perms)
sm.registerAdapter(factory, (for_,), IPermissionsMap, name)
+ else:
+ perms = sm.queryUtility(IPermissionsMap, name)
+ if perms is not None:
+ return
-def directiveHandler(name, method, permissions, roles, check=False):
+ # register map as utility
+ perms = PermissionsMap(name, title, description)
+ sm.registerUtility(perms, IPermissionsMap, name)
+
+
+def directiveHandler(name, method, permissions, roles, for_=None, check=False):
sm = globalregistry.globalSiteManager
- permissionmap = sm.getUtility(IPermissionsMap, name)
+ if for_ is not None:
+ permissionmap = classPermissions[for_]
+ else:
+ permissionmap = sm.getUtility(IPermissionsMap, name)
for role in roles:
for permission in permissions:
@@ -170,10 +185,13 @@
getattr(permissionmap, method)(permission, role)
-def directiveHandlerAll(name, method, permissions, attr):
+def directiveHandlerAll(name, method, permissions, attr, for_=None):
sm = globalregistry.globalSiteManager
- permissionmap = sm.getUtility(IPermissionsMap, name)
+ if for_ is not None:
+ permissionmap = classPermissions[for_]
+ else:
+ permissionmap = sm.getUtility(IPermissionsMap, name)
if attr == 'unsetall':
for role_id, role in getUtilitiesFor(IRole):
@@ -188,8 +206,9 @@
class permissionsMapDirective(object):
- def __init__(self, _context, name, for_=None,
+ def __init__(self, _context, name, for_=None,
title='', description='', override=True):
+ self.for_ = for_
self.name = name
self.override = override
@@ -206,48 +225,53 @@
def grant(self, _context, role, permission):
_context.action(
discriminator = self.discriminator(
- ('z3ext.permissions.grant',
- self.name, tuple(role), tuple(permission))),
+ ('z3ext.permissions.grant',
+ self.name, self.for_, tuple(role), tuple(permission))),
callable = directiveHandler,
- args = (self.name, 'grantPermissionToRole', permission, role))
+ args = (self.name, 'grantPermissionToRole',
+ permission, role, self.for_))
def deny(self, _context, role, permission):
_context.action(
discriminator = self.discriminator(
- ('z3ext.permissions.deny',
- self.name, tuple(role), tuple(permission))),
+ ('z3ext.permissions.deny',
+ self.name, self.for_, tuple(role), tuple(permission))),
callable = directiveHandler,
- args = (self.name, 'denyPermissionToRole', permission, role))
+ args = (self.name, 'denyPermissionToRole',
+ permission, role, self.for_))
def unset(self, _context, role, permission):
_context.action(
discriminator = self.discriminator(
- ('z3ext.permissions.unset',
- self.name, tuple(role), tuple(permission))),
+ ('z3ext.permissions.unset',
+ self.name, self.for_, tuple(role), tuple(permission))),
callable = directiveHandler,
args = (self.name, 'unsetPermissionFromRole',
- permission, role, True))
+ permission, role, self.for_, True))
def grantAll(self, _context, permission):
_context.action(
discriminator = self.discriminator(
- ('z3ext.permissions.grantAll',
- self.name, tuple(permission))),
+ ('z3ext.permissions.grantAll',
+ self.name, self.for_, tuple(permission))),
callable = directiveHandlerAll,
- args = (self.name, 'grantPermissionToRole', permission, 'grantall'))
+ args = (self.name, 'grantPermissionToRole',
+ permission, 'grantall', self.for_))
def denyAll(self, _context, permission):
_context.action(
discriminator = self.discriminator(
- ('z3ext.permissions.denyAll',
- self.name, tuple(permission))),
+ ('z3ext.permissions.denyAll',
+ self.name, self.for_, tuple(permission))),
callable = directiveHandlerAll,
- args = (self.name, 'denyPermissionToRole', permission, 'denyall'))
+ args = (self.name, 'denyPermissionToRole',
+ permission, 'denyall', self.for_))
def unsetAll(self, _context, permission):
_context.action(
discriminator = self.discriminator(
- ('z3ext.permissions.unsetAll',
- self.name, tuple(permission))),
+ ('z3ext.permissions.unsetAll',
+ self.name, self.for_, tuple(permission))),
callable = directiveHandlerAll,
- args = (self.name, 'unsetPermissionFromRole', permission, 'unsetall'))
+ args = (self.name, 'unsetPermissionFromRole',
+ permission, 'unsetall', self.for_))
More information about the Checkins
mailing list