[Checkins] SVN: z3ext.security/tags/1.2.2/ release tag
Nikolay Kim
fafhrd at datacom.kz
Fri Jan 9 02:37:19 EST 2009
Log message for revision 94671:
release tag
Changed:
A z3ext.security/tags/1.2.2/
D z3ext.security/tags/1.2.2/CHANGES.txt
A z3ext.security/tags/1.2.2/CHANGES.txt
U z3ext.security/tags/1.2.2/setup.py
D z3ext.security/tags/1.2.2/src/z3ext/security/securitypolicy.py
A z3ext.security/tags/1.2.2/src/z3ext/security/securitypolicy.py
-=-
Deleted: z3ext.security/tags/1.2.2/CHANGES.txt
===================================================================
--- z3ext.security/trunk/CHANGES.txt 2009-01-08 07:26:31 UTC (rev 94610)
+++ z3ext.security/tags/1.2.2/CHANGES.txt 2009-01-09 07:37:19 UTC (rev 94671)
@@ -1,36 +0,0 @@
-=======
-CHANGES
-=======
-
-1.2.1 (2008-09-02)
-------------------
-
-- Fixed bug in extended grant info
-
-
-1.2.0 (2008-03-21)
-------------------
-
-- Code cleanup
-
-- Move code to svn.zope.org
-
-
-1.1.1 (2008-02-16)
-------------------
-
-- Performance (Profiling)
-
-
-1.1.0 (2008-02-01)
-------------------
-
-- Code cleanup
-
-- Removed unused code
-
-
-1.0.0 (2007-12-08)
-------------------
-
-- Initial release.
Copied: z3ext.security/tags/1.2.2/CHANGES.txt (from rev 94670, z3ext.security/trunk/CHANGES.txt)
===================================================================
--- z3ext.security/tags/1.2.2/CHANGES.txt (rev 0)
+++ z3ext.security/tags/1.2.2/CHANGES.txt 2009-01-09 07:37:19 UTC (rev 94671)
@@ -0,0 +1,42 @@
+=======
+CHANGES
+=======
+
+1.2.2 (2009-01-09)
+------------------
+
+- Query all IPrincipalPermissionMap adapter for context
+
+
+1.2.1 (2008-09-02)
+------------------
+
+- Fixed bug in extended grant info
+
+
+1.2.0 (2008-03-21)
+------------------
+
+- Code cleanup
+
+- Move code to svn.zope.org
+
+
+1.1.1 (2008-02-16)
+------------------
+
+- Performance (Profiling)
+
+
+1.1.0 (2008-02-01)
+------------------
+
+- Code cleanup
+
+- Removed unused code
+
+
+1.0.0 (2007-12-08)
+------------------
+
+- Initial release.
Modified: z3ext.security/tags/1.2.2/setup.py
===================================================================
--- z3ext.security/trunk/setup.py 2009-01-08 07:26:31 UTC (rev 94610)
+++ z3ext.security/tags/1.2.2/setup.py 2009-01-09 07:37:19 UTC (rev 94671)
@@ -21,7 +21,7 @@
def read(*rnames):
return open(os.path.join(os.path.dirname(__file__), *rnames)).read()
-version = '1.2.2dev'
+version = '1.2.2'
setup(name='z3ext.security',
Deleted: z3ext.security/tags/1.2.2/src/z3ext/security/securitypolicy.py
===================================================================
--- z3ext.security/trunk/src/z3ext/security/securitypolicy.py 2009-01-08 07:26:31 UTC (rev 94610)
+++ z3ext.security/tags/1.2.2/src/z3ext/security/securitypolicy.py 2009-01-09 07:37:19 UTC (rev 94671)
@@ -1,200 +0,0 @@
-##############################################################################
-#
-# Copyright (c) 2007 Zope Corporation and Contributors.
-# All Rights Reserved.
-#
-# This software is subject to the provisions of the Zope Public License,
-# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
-# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
-# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
-# FOR A PARTICULAR PURPOSE.
-#
-##############################################################################
-"""
-
-$Id$
-"""
-from zope.component import getAdapters
-from zope.security.proxy import removeSecurityProxy
-from zope.app.security.settings import Allow
-
-from zope.securitypolicy.interfaces import IPrincipalRoleMap
-from zope.securitypolicy.interfaces import IRolePermissionMap
-from zope.securitypolicy.interfaces import IPrincipalPermissionMap
-
-from zope.securitypolicy.zopepolicy import ZopeSecurityPolicy
-
-from zope.securitypolicy.zopepolicy import SettingAsBoolean
-from zope.securitypolicy.zopepolicy import globalRolesForPrincipal
-from zope.securitypolicy.zopepolicy import globalRolesForPermission
-from zope.securitypolicy.zopepolicy import globalPrincipalPermissionSetting
-
-
-class CacheEntry(object):
-
- prinper = None
- roles_adapters = None
- principal_roles_adapters = None
-
- def __init__(self):
- self.prin = {}
- self.decision = {}
- self.roles = {}
- self.principal_roles = {}
-
-
-class SecurityPolicy(ZopeSecurityPolicy):
-
- def cache(self, parent):
- cache = self._cache
-
- if parent in cache:
- return cache[parent]
- else:
- cacheEntry = CacheEntry()
- cache[parent] = cacheEntry
- return cacheEntry
-
- def cached_roles(self, parent, permission, _allow=Allow):
- cache = self.cache(parent)
- cache_roles = cache.roles
- if permission in cache_roles:
- return cache_roles[permission]
-
- if parent is None:
- roles = dict(
- [(role, 1) for (role, setting) in globalRolesForPermission(permission)
- if setting is _allow])
- cache_roles[permission] = roles
- return roles
-
- roles = self.cached_roles(
- removeSecurityProxy(getattr(parent, '__parent__', None)), permission)
-
- # cache adaters
- rolepers = cache.roles_adapters
- if rolepers is None:
- rolepers = tuple(getAdapters((parent,), IRolePermissionMap))
- cache.roles_adapters = rolepers
-
- if rolepers:
- roles = roles.copy()
- for name, roleper in rolepers:
- for role, setting in roleper.getRolesForPermission(permission):
- if setting is _allow:
- roles[role] = 1
- elif role in roles:
- del roles[role]
-
- cache_roles[permission] = roles
- return roles
-
- def cached_principal_roles(self, parent, principal,
- SettingAsBoolean=SettingAsBoolean):
- cache = self.cache(parent)
- cache_principal_roles = cache.principal_roles
- if principal in cache_principal_roles:
- return cache_principal_roles[principal]
-
- if parent is None:
- roles = dict(
- [(role, SettingAsBoolean[setting])
- for (role, setting) in globalRolesForPrincipal(principal)]
- )
- roles['zope.Anonymous'] = True # Everybody has Anonymous
- cache_principal_roles[principal] = roles
- return roles
-
- roles = self.cached_principal_roles(
- removeSecurityProxy(getattr(parent, '__parent__', None)), principal)
-
- roles = roles.copy()
-
- # cache adaters
- adapters = cache.principal_roles_adapters
- if adapters is None:
- adapters = tuple(getAdapters((parent,), IPrincipalRoleMap))
- cache.principal_roles_adapters = adapters
-
- for name, prinrole in adapters:
- for role, setting in prinrole.getRolesForPrincipal(principal):
- roles[role] = SettingAsBoolean[setting]
-
- cache_principal_roles[principal] = roles
- return roles
-
- def cached_prinper(self, parent, principal, groups, permission):
- # Compute the permission, if any, for the principal.
- cache = self.cache(parent)
- cache_prin = cache.prin
-
- if principal in cache_prin:
- cache_prin_per = cache_prin[principal]
- else:
- cache_prin_per = cache_prin[principal] = {}
-
- if permission in cache_prin_per:
- return cache_prin_per[permission]
-
- if parent is None:
- prinper = SettingAsBoolean[
- globalPrincipalPermissionSetting(permission, principal, None)
- ]
- cache_prin_per[permission] = prinper
- return prinper
-
- prinper = cache.prinper
- if prinper is None:
- cache.prinper = prinper = IPrincipalPermissionMap(parent, None)
-
- if prinper is not None:
- prinper = SettingAsBoolean[
- prinper.getSetting(permission, principal, None)
- ]
- if prinper is not None:
- cache_prin_per[permission] = prinper
- return prinper
-
- parent = removeSecurityProxy(getattr(parent, '__parent__', None))
- prinper = self.cached_prinper(parent, principal, groups, permission)
- cache_prin_per[permission] = prinper
- return prinper
-
- def cached_decision(self, parent, principal, groups, permission):
- # Return the decision for a principal and permission
- cache = self.cache(parent)
- cache_decision = cache.decision
-
- if principal in cache_decision:
- cache_decision_prin = cache_decision[principal]
- else:
- cache_decision_prin = cache_decision[principal] = {}
-
- if permission in cache_decision_prin:
- return cache_decision_prin[permission]
-
- # cache_decision_prin[permission] is the cached
- # decision for a principal and permission.
- decision = self.cached_prinper(parent, principal, groups, permission)
- if (decision is None) and groups:
- decision = self._group_based_cashed_prinper(
- parent, principal, groups, permission)
-
- if decision is not None:
- cache_decision_prin[permission] = decision
- return decision
-
- roles = self.cached_roles(parent, permission)
- if roles:
- prin_roles = self.cached_principal_roles(parent, principal)
- if groups:
- prin_roles = self.cached_principal_roles_w_groups(
- parent, principal, groups, prin_roles)
- for role, setting in prin_roles.items():
- if setting and (role in roles):
- cache_decision_prin[permission] = decision = True
- return decision
-
- cache_decision_prin[permission] = decision = False
- return decision
Copied: z3ext.security/tags/1.2.2/src/z3ext/security/securitypolicy.py (from rev 94670, z3ext.security/trunk/src/z3ext/security/securitypolicy.py)
===================================================================
--- z3ext.security/tags/1.2.2/src/z3ext/security/securitypolicy.py (rev 0)
+++ z3ext.security/tags/1.2.2/src/z3ext/security/securitypolicy.py 2009-01-09 07:37:19 UTC (rev 94671)
@@ -0,0 +1,202 @@
+##############################################################################
+#
+# Copyright (c) 2007 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""
+
+$Id$
+"""
+from zope.component import getAdapters
+from zope.security.proxy import removeSecurityProxy
+from zope.app.security.settings import Allow
+
+from zope.securitypolicy.interfaces import IPrincipalRoleMap
+from zope.securitypolicy.interfaces import IRolePermissionMap
+from zope.securitypolicy.interfaces import IPrincipalPermissionMap
+
+from zope.securitypolicy.zopepolicy import ZopeSecurityPolicy
+
+from zope.securitypolicy.zopepolicy import SettingAsBoolean
+from zope.securitypolicy.zopepolicy import globalRolesForPrincipal
+from zope.securitypolicy.zopepolicy import globalRolesForPermission
+from zope.securitypolicy.zopepolicy import globalPrincipalPermissionSetting
+
+
+class CacheEntry(object):
+
+ prinper = None
+ roles_adapters = None
+ principal_roles_adapters = None
+ principal_permission_adapters = None
+
+ def __init__(self):
+ self.prin = {}
+ self.decision = {}
+ self.roles = {}
+ self.principal_roles = {}
+
+
+class SecurityPolicy(ZopeSecurityPolicy):
+
+ def cache(self, parent):
+ cache = self._cache
+
+ if parent in cache:
+ return cache[parent]
+ else:
+ cacheEntry = CacheEntry()
+ cache[parent] = cacheEntry
+ return cacheEntry
+
+ def cached_roles(self, parent, permission, _allow=Allow):
+ cache = self.cache(parent)
+ cache_roles = cache.roles
+ if permission in cache_roles:
+ return cache_roles[permission]
+
+ if parent is None:
+ roles = dict(
+ [(role, 1) for (role, setting) in globalRolesForPermission(permission)
+ if setting is _allow])
+ cache_roles[permission] = roles
+ return roles
+
+ roles = self.cached_roles(
+ removeSecurityProxy(getattr(parent, '__parent__', None)), permission)
+
+ # cache adaters
+ rolepers = cache.roles_adapters
+ if rolepers is None:
+ rolepers = tuple(getAdapters((parent,), IRolePermissionMap))
+ cache.roles_adapters = rolepers
+
+ if rolepers:
+ roles = roles.copy()
+ for name, roleper in rolepers:
+ for role, setting in roleper.getRolesForPermission(permission):
+ if setting is _allow:
+ roles[role] = 1
+ elif role in roles:
+ del roles[role]
+
+ cache_roles[permission] = roles
+ return roles
+
+ def cached_principal_roles(self, parent, principal,
+ SettingAsBoolean=SettingAsBoolean):
+ cache = self.cache(parent)
+ cache_principal_roles = cache.principal_roles
+ if principal in cache_principal_roles:
+ return cache_principal_roles[principal]
+
+ if parent is None:
+ roles = dict(
+ [(role, SettingAsBoolean[setting])
+ for (role, setting) in globalRolesForPrincipal(principal)]
+ )
+ roles['zope.Anonymous'] = True # Everybody has Anonymous
+ cache_principal_roles[principal] = roles
+ return roles
+
+ roles = self.cached_principal_roles(
+ removeSecurityProxy(getattr(parent, '__parent__', None)), principal)
+
+ roles = roles.copy()
+
+ # cache adaters
+ adapters = cache.principal_roles_adapters
+ if adapters is None:
+ adapters = tuple(getAdapters((parent,), IPrincipalRoleMap))
+ cache.principal_roles_adapters = adapters
+
+ for name, prinrole in adapters:
+ for role, setting in prinrole.getRolesForPrincipal(principal):
+ roles[role] = SettingAsBoolean[setting]
+
+ cache_principal_roles[principal] = roles
+ return roles
+
+ def cached_prinper(self, parent, principal, groups, permission):
+ # Compute the permission, if any, for the principal.
+ cache = self.cache(parent)
+ cache_prin = cache.prin
+
+ if principal in cache_prin:
+ cache_prin_per = cache_prin[principal]
+ else:
+ cache_prin_per = cache_prin[principal] = {}
+
+ if permission in cache_prin_per:
+ return cache_prin_per[permission]
+
+ if parent is None:
+ prinper = SettingAsBoolean[
+ globalPrincipalPermissionSetting(permission, principal, None)
+ ]
+ cache_prin_per[permission] = prinper
+ return prinper
+
+ # cache adaters
+ adapters = cache.principal_permission_adapters
+ if adapters is None:
+ adapters = tuple(getAdapters((parent,), IPrincipalPermissionMap))
+ cache.principal_permission_adapters = adapters
+
+ for name, prinper in adapters:
+ prinper = SettingAsBoolean[
+ prinper.getSetting(permission, principal, None)]
+ if prinper is not None:
+ cache_prin_per[permission] = prinper
+ return prinper
+
+ parent = removeSecurityProxy(getattr(parent, '__parent__', None))
+ prinper = self.cached_prinper(parent, principal, groups, permission)
+ cache_prin_per[permission] = prinper
+ return prinper
+
+ def cached_decision(self, parent, principal, groups, permission):
+ # Return the decision for a principal and permission
+ cache = self.cache(parent)
+ cache_decision = cache.decision
+
+ if principal in cache_decision:
+ cache_decision_prin = cache_decision[principal]
+ else:
+ cache_decision_prin = cache_decision[principal] = {}
+
+ if permission in cache_decision_prin:
+ return cache_decision_prin[permission]
+
+ # cache_decision_prin[permission] is the cached
+ # decision for a principal and permission.
+ decision = self.cached_prinper(parent, principal, groups, permission)
+ if (decision is None) and groups:
+ decision = self._group_based_cashed_prinper(
+ parent, principal, groups, permission)
+
+ if decision is not None:
+ cache_decision_prin[permission] = decision
+ return decision
+
+ roles = self.cached_roles(parent, permission)
+ if roles:
+ prin_roles = self.cached_principal_roles(parent, principal)
+ if groups:
+ prin_roles = self.cached_principal_roles_w_groups(
+ parent, principal, groups, prin_roles)
+ for role, setting in prin_roles.items():
+ if setting and (role in roles):
+ cache_decision_prin[permission] = decision = True
+ return decision
+
+ cache_decision_prin[permission] = decision = False
+ return decision
More information about the Checkins
mailing list