[Checkins] SVN: z3c.authenticator/trunk/ - bugfix, the method specialGroups applied groups everytime the method get called even if the group was already applied.

Roger Ineichen roger at projekt01.ch
Tue Aug 18 19:11:00 EDT 2009 

Log message for revision 102926:
  - bugfix, the method specialGroups applied groups everytime the method get called even if the group was already applied.
  - prepare for release
  

Changed:
  U   z3c.authenticator/trunk/CHANGES.txt
  U   z3c.authenticator/trunk/setup.py
  U   z3c.authenticator/trunk/src/z3c/authenticator/README.txt
  U   z3c.authenticator/trunk/src/z3c/authenticator/group.py
  U   z3c.authenticator/trunk/src/z3c/authenticator/group.txt

-=-
Modified: z3c.authenticator/trunk/CHANGES.txt
===================================================================
--- z3c.authenticator/trunk/CHANGES.txt	2009-08-18 22:36:06 UTC (rev 102925)
+++ z3c.authenticator/trunk/CHANGES.txt	2009-08-18 23:11:00 UTC (rev 102926)
@@ -2,19 +2,23 @@
 CHANGES
 =======
 
-Version 0.7.1 (unreleased)
---------------------------
+0.7.1 (2009-08-19)
+------------------
 
+- Bugfix: the method specialGroups applied groups everytime the method get
+  called even if the group was already applied. This is a problem if the
+  global shared unauthenticated principal instance is used because it will
+  apply similar groups till the server get restarted and a new principal
+  instance is used.
+
 - Feature: added getUserByLogin to IUserContainer
 
-- Added a test for user migration (that they can keep their ID)
+- Added a test for user migration (that they will keep their ID)
 
-- ...
 
+0.7.0 (2009-05-11)
+------------------
 
-Version 0.7.0 (2009-05-11)
---------------------------
-
 - Update dependencies:
 
    * Use ``zope.container`` instead of ``zope.app.container``.
@@ -27,9 +31,21 @@
 - Drop dependency on z3c.i18n and recreate a message factory instead.
 
 
-Version 0.6.0 (2009-01-04)
---------------------------
+0.6.1 (2009-08-19)
+------------------
 
+- Backport bugfix 0.7.1 to 0.6.1. See branches/roger-0.6.0
+  
+  the method specialGroups applied groups everytime the method get
+  called even if the group was already applied. This is a problem if the
+  global shared unauthenticated principal instance is used because it will
+  apply similar groups till the server get restarted and a new principal
+  instance is used.
+
+
+0.6.0 (2009-01-04)
+------------------
+
 - Feature: added support for local IUnauthenticatedPrincipal. This is usefull
   if you need to apply local roles to IUnauthenticatedPrincipal. This was not
   possible before and is not possible in zope.app.authentication
@@ -69,13 +85,13 @@
 - Added documentation for Pypi home page.
 
 
-Version 0.5.1 (2008-04-16)
---------------------------
+0.5.1 (2008-04-16)
+------------------
 
 - Cleanup imports and adjust dependencies
 
 
-Version 0.5.0 (2008-04-16)
---------------------------
+0.5.0 (2008-04-16)
+------------------
 
 - Initial Release

Modified: z3c.authenticator/trunk/setup.py
===================================================================
--- z3c.authenticator/trunk/setup.py	2009-08-18 22:36:06 UTC (rev 102925)
+++ z3c.authenticator/trunk/setup.py	2009-08-18 23:11:00 UTC (rev 102926)
@@ -23,7 +23,7 @@
 
 setup (
     name='z3c.authenticator',
-    version='0.7.1dev',
+    version='0.7.1',
     author = "Roger Ineichen and the Zope Community",
     author_email = "zope-dev at zope.org",
     description = "IAuthentication implementation for for Zope3",

Modified: z3c.authenticator/trunk/src/z3c/authenticator/README.txt
===================================================================
--- z3c.authenticator/trunk/src/z3c/authenticator/README.txt	2009-08-18 22:36:06 UTC (rev 102925)
+++ z3c.authenticator/trunk/src/z3c/authenticator/README.txt	2009-08-18 23:11:00 UTC (rev 102926)
@@ -88,13 +88,13 @@
 
 How should I set permission for principals?
 
-  You can apply a roles to groups
+  You can apply roles to groups
   and apply permissions to roles. Or you can directly apply local permisssions
   to groups or to principals. After setup this mappings you can grant roles to
   groups. I always recommend a principal - group and permission - role mapping,
   then this gives you the most possible abstraction which is useful if it comes
   to manage permission and principals without to invoke directly principals and
-  permissions itself. but of corse you can grant permissions to groups or the
+  permissions itself. But of corse you can grant permissions to groups or the
   worst thing directly to principals. Grant permission to principals is only
   useful if it comes to selective local permission settings for selected
   principals e.g. a ownership like permission setup.

Modified: z3c.authenticator/trunk/src/z3c/authenticator/group.py
===================================================================
--- z3c.authenticator/trunk/src/z3c/authenticator/group.py	2009-08-18 22:36:06 UTC (rev 102925)
+++ z3c.authenticator/trunk/src/z3c/authenticator/group.py	2009-08-18 23:11:00 UTC (rev 102926)
@@ -249,18 +249,21 @@
 
     # global utility registered by everybodyGroup directive
     everyone = zope.component.queryUtility(IEveryoneGroup)
-    if everyone is not None and everyone.id != principal.id:
+    if everyone is not None and everyone.id != principal.id and \
+        everyone.id not in principal.groups:
         principal.groups.append(everyone.id)
 
     if IUnauthenticatedPrincipal.providedBy(principal):
         # global utility registered by unauthenticatedGroup directive
         unAuthGroup = zope.component.queryUtility(IUnauthenticatedGroup)
-        if unAuthGroup is not None and unAuthGroup.id != principal.id:
+        if unAuthGroup is not None and unAuthGroup.id != principal.id and \
+            unAuthGroup.id not in principal.groups:
             principal.groups.append(unAuthGroup.id)
     else:
         # global utility registered by authenticatedGroup directive
         authGroup = zope.component.queryUtility(IAuthenticatedGroup)
-        if authGroup is not None and authGroup.id != principal.id:
+        if authGroup is not None and authGroup.id != principal.id and \
+            authGroup.id not in principal.groups:
             principal.groups.append(authGroup.id)
 
 

Modified: z3c.authenticator/trunk/src/z3c/authenticator/group.txt
===================================================================
--- z3c.authenticator/trunk/src/z3c/authenticator/group.txt	2009-08-18 22:36:06 UTC (rev 102925)
+++ z3c.authenticator/trunk/src/z3c/authenticator/group.txt	2009-08-18 23:11:00 UTC (rev 102926)
@@ -477,7 +477,15 @@
   >>> found.groups
   [u'groups.all', u'groups.authenticated']
 
+It is important that we do not apply a group twice since the
+UnauthenticatedPrincipal is a single instance in the securitypolicy. This issue
+is fixed in version 0.6.1 and 0.7.1
 
+  >>> specialGroups(event)
+  >>> found.groups
+  [u'groups.all', u'groups.authenticated']
+
+
 allGroups
 ---------

More information about the Checkins mailing list