[Checkins] SVN: zope.app.security/trunk/ Removed support for the <modules> ZCML directive from zope.app.security

Brandon Rhodes brandon at rhodesmill.org
Wed Jan 28 11:10:00 EST 2009


Log message for revision 95343:
  Removed support for the <modules> ZCML directive from zope.app.security
  so that it can live more happily in zope.security instead.
  

Changed:
  U   zope.app.security/trunk/CHANGES.txt
  U   zope.app.security/trunk/src/zope/app/security/meta.zcml
  U   zope.app.security/trunk/src/zope/app/security/metaconfigure.py
  U   zope.app.security/trunk/src/zope/app/security/metadirectives.py
  D   zope.app.security/trunk/src/zope/app/security/tests/redefineperms.zcml
  D   zope.app.security/trunk/src/zope/app/security/tests/test_directives.py

-=-
Modified: zope.app.security/trunk/CHANGES.txt
===================================================================
--- zope.app.security/trunk/CHANGES.txt	2009-01-28 16:00:22 UTC (rev 95342)
+++ zope.app.security/trunk/CHANGES.txt	2009-01-28 16:09:59 UTC (rev 95343)
@@ -12,6 +12,8 @@
 - Moved the `protectclass` module to `zope.security` leaving only a
   compatibility module here that imports from the new location.
 
+- Moved the <module> directive implementation to `zope.security`.
+
 3.5.3 (2008-12-11)
 ------------------
 

Modified: zope.app.security/trunk/src/zope/app/security/meta.zcml
===================================================================
--- zope.app.security/trunk/src/zope/app/security/meta.zcml	2009-01-28 16:00:22 UTC (rev 95342)
+++ zope.app.security/trunk/src/zope/app/security/meta.zcml	2009-01-28 16:09:59 UTC (rev 95343)
@@ -34,22 +34,4 @@
       schema=".metadirectives.IDefineEverybodyGroupDirective"
       handler=".metaconfigure.everybodyGroup" />
 
-  <meta:groupingDirective
-      name="module"
-      namespace="http://namespaces.zope.org/zope"
-      schema=".metadirectives.IModule"
-      handler="zope.configuration.config.GroupingContextDecorator" />
-
-  <meta:directive
-      name="allow"
-      namespace="http://namespaces.zope.org/zope"
-      schema=".metadirectives.IAllow"
-      handler=".metaconfigure.allow" />
-
-  <meta:directive
-      name="require"
-      namespace="http://namespaces.zope.org/zope"
-      schema=".metadirectives.IRequire"
-      handler=".metaconfigure.require" />
-
 </configure>

Modified: zope.app.security/trunk/src/zope/app/security/metaconfigure.py
===================================================================
--- zope.app.security/trunk/src/zope/app/security/metaconfigure.py	2009-01-28 16:00:22 UTC (rev 95342)
+++ zope.app.security/trunk/src/zope/app/security/metaconfigure.py	2009-01-28 16:09:59 UTC (rev 95343)
@@ -17,66 +17,11 @@
 """
 from zope import component
 from zope.component.zcml import utility
-from zope.security.checker import moduleChecker, Checker, defineChecker
-from zope.security.checker import CheckerPublic
 
 from zope.app.security import principalregistry
 from zope.app.security import interfaces
 
 
-def protectModule(module, name, permission):
-    """Set up a module checker to require a permission to access a name
-
-    If there isn't a checker for the module, create one.
-    """
-
-    checker = moduleChecker(module)
-    if checker is None:
-        checker = Checker({}, {})
-        defineChecker(module, checker)
-
-    if permission == 'zope.Public':
-        # Translate public permission to CheckerPublic
-        permission = CheckerPublic
-
-    # We know a dictionary get method was used because we set it
-    protections = checker.get_permissions
-    protections[name] = permission
-
-
-def _names(attributes, interfaces):
-    seen = {}
-    for name in attributes:
-        if not name in seen:
-            seen[name] = 1
-            yield name
-    for interface in interfaces:
-        for name in interface:
-            if not name in seen:
-                seen[name] = 1
-                yield name
-
-
-def allow(context, attributes=(), interface=()):
-
-    for name in _names(attributes, interface):
-        context.action(
-            discriminator=('http://namespaces.zope.org/zope:module',
-                           context.module, name),
-            callable = protectModule,
-            args = (context.module, name, 'zope.Public'),
-            )
-
-
-def require(context, permission, attributes=(), interface=()):
-    for name in _names(attributes, interface):
-        context.action(
-            discriminator=('http://namespaces.zope.org/zope:module',
-                           context.module, name),
-            callable = protectModule,
-            args = (context.module, name, permission),
-            )
-
 def _principal():
     group = component.queryUtility(interfaces.IAuthenticatedGroup)
     if group is not None:

Modified: zope.app.security/trunk/src/zope/app/security/metadirectives.py
===================================================================
--- zope.app.security/trunk/src/zope/app/security/metadirectives.py	2009-01-28 16:00:22 UTC (rev 95342)
+++ zope.app.security/trunk/src/zope/app/security/metadirectives.py	2009-01-28 16:09:59 UTC (rev 95343)
@@ -16,10 +16,7 @@
 $Id$
 """
 from zope.interface import Interface
-from zope.configuration.fields import GlobalObject, GlobalInterface
-from zope.configuration.fields import Tokens, PythonIdentifier
 from zope.schema import Id, TextLine
-from zope.security.zcml import Permission
 
 ##############################################################################
 # BBB 2006/04/03 -- to be removed after 12 months
@@ -33,56 +30,6 @@
 
 ##############################################################################
 
-class IModule(Interface):
-    """Group security declarations about a module"""
-
-    module = GlobalObject(
-        title=u"Module",
-        description=u"Pointer to the module object.",
-        required=True)
-
-
-class IAllow(Interface):
-    """Allow access to selected module attributes
-
-    Access is unconditionally allowed to any names provided directly
-    in the attributes attribute or to any names defined by
-    interfaces listed in the interface attribute.
-    """
-
-    attributes = Tokens(
-        title=u"Attributes",
-        description=u"The attributes to provide access to.",
-        value_type = PythonIdentifier(),
-        required=False)
-
-    interface = Tokens(
-        title=u"Interface",
-        description=u"Interfaces whos names to provide access to. Access "
-                    u"will be provided to all of the names defined by the "
-                    u"interface(s). Multiple interfaces can be supplied.",
-        value_type = GlobalInterface(),
-        required=False)
-
-
-class IRequire(Interface):
-    """Require a permission to access selected module attributes
-
-    The given permission is required to access any names provided
-    directly in the attributes attribute or any names defined by
-    interfaces listed in the interface attribute.  
-    """
-
-    attributes = Tokens(
-        title=u"Attributes",
-        description=u"The attributes to require permission for.",
-        value_type = PythonIdentifier(),
-        required=False)
-
-    permission = Permission(
-        title=u"Permission ID",
-        description=u"The id of the permission to require.")
-
 class IBasePrincipalDirective(Interface):
     """Base interface for principal definition directives."""
 

Deleted: zope.app.security/trunk/src/zope/app/security/tests/redefineperms.zcml
===================================================================
--- zope.app.security/trunk/src/zope/app/security/tests/redefineperms.zcml	2009-01-28 16:00:22 UTC (rev 95342)
+++ zope.app.security/trunk/src/zope/app/security/tests/redefineperms.zcml	2009-01-28 16:09:59 UTC (rev 95343)
@@ -1,33 +0,0 @@
-<configure
-    xmlns="http://namespaces.zope.org/zope"
-    xmlns:meta="http://namespaces.zope.org/meta"
-    i18n_domain="zope"
-    >
-
-  <include package="zope.app.security" file="meta.zcml" />
-
-  <meta:directive
-      name="dummy"
-      namespace="http://namespaces.zope.org/zope"
-      schema=".test_directives.IDummy"
-      handler=".test_directives.dummy" />
-
-  <permission
-      id="zope.View"
-      title="[view-permission] View"
-      />
-
-  <permission
-      id="zope.Security"
-      title="[change-security-settings-permission] Change security settings"
-      />
-
-  <meta:redefinePermission
-      from="zope.View"
-      to="zope.Security"
-      />
-
-  <dummy
-      perm="zope.View" />
-
-</configure>

Deleted: zope.app.security/trunk/src/zope/app/security/tests/test_directives.py
===================================================================
--- zope.app.security/trunk/src/zope/app/security/tests/test_directives.py	2009-01-28 16:00:22 UTC (rev 95342)
+++ zope.app.security/trunk/src/zope/app/security/tests/test_directives.py	2009-01-28 16:09:59 UTC (rev 95343)
@@ -1,245 +0,0 @@
-##############################################################################
-#
-# Copyright (c) 2003 Zope Corporation and Contributors.
-# All Rights Reserved.
-#
-# This software is subject to the provisions of the Zope Public License,
-# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
-# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
-# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
-# FOR A PARTICULAR PURPOSE.
-#
-##############################################################################
-"""Directives Tests
-
-$Id$
-"""
-import unittest
-from pprint import PrettyPrinter
-
-import zope.security.zcml
-from zope.interface import Interface, Attribute
-from zope.testing import doctest
-from zope.component.testing import setUp, tearDown, PlacelessSetup
-from zope.configuration import xmlconfig
-
-from zope.app.security import metaconfigure
-
-def pprint(ob, width=70):
-    PrettyPrinter(width=width).pprint(ob)
-
-class I1(Interface):
-    def x(): pass
-    y = Attribute("Y")
-
-class I2(I1):
-    def a(): pass
-    b = Attribute("B")
-
-test_perm = 'zope.app.security.metaconfigure.test'
-test_bad_perm = 'zope.app.security.metaconfigure.bad'
-
-def test_protectModule():
-    """
-    >>> from zope.app.security.tests import test_directives
-    >>> from zope.security.interfaces import IPermission
-    >>> from zope.security.permission import Permission
-
-    >>> from zope.component import provideUtility
-
-    Initially, there's no checker defined for the module:
-
-    >>> from zope.security.checker import moduleChecker
-    >>> moduleChecker(test_directives)
-        
-    >>> perm = Permission(test_perm, '')
-    >>> provideUtility(perm, IPermission, test_perm)
-    >>> metaconfigure.protectModule(test_directives, 'foo', test_perm)
-
-    Now, the checker should exist and have an access dictionary with the
-    name and permission:
-
-    >>> checker = moduleChecker(test_directives)
-    >>> cdict = checker.get_permissions
-    >>> pprint(cdict)
-    {'foo': 'zope.app.security.metaconfigure.test'}
-    
-    If we define additional names, they will be added to the dict:
-
-    >>> metaconfigure.protectModule(test_directives, 'bar', test_perm)
-    >>> metaconfigure.protectModule(test_directives, 'baz', test_perm)
-    >>> pprint(cdict)
-    {'bar': 'zope.app.security.metaconfigure.test',
-     'baz': 'zope.app.security.metaconfigure.test',
-     'foo': 'zope.app.security.metaconfigure.test'}
-        
-    """
-
-def test_allow():
-    """
-
-    The allow directive creates actions for each named defined
-    directly, or via interface:
-
-    >>> class Context(object):
-    ...     def __init__(self):
-    ...         self.actions = []
-    ...
-    ...     def action(self, discriminator, callable, args):
-    ...         self.actions.append(
-    ...             {'discriminator': discriminator,
-    ...              'callable': int(callable is metaconfigure.protectModule),
-    ...              'args': args})
-    ...
-    ...     module='testmodule'
-
-    >>> context = Context()
-    >>> metaconfigure.allow(context, attributes=['foo', 'bar'],
-    ...                     interface=[I1, I2])
-
-    >>> context.actions.sort(
-    ...    lambda a, b: cmp(a['discriminator'], b['discriminator']))
-    >>> pprint(context.actions)
-    [{'args': ('testmodule', 'a', 'zope.Public'),
-      'callable': 1,
-      'discriminator': ('http://namespaces.zope.org/zope:module',
-                        'testmodule',
-                        'a')},
-     {'args': ('testmodule', 'b', 'zope.Public'),
-      'callable': 1,
-      'discriminator': ('http://namespaces.zope.org/zope:module',
-                        'testmodule',
-                        'b')},
-     {'args': ('testmodule', 'bar', 'zope.Public'),
-      'callable': 1,
-      'discriminator': ('http://namespaces.zope.org/zope:module',
-                        'testmodule',
-                        'bar')},
-     {'args': ('testmodule', 'foo', 'zope.Public'),
-      'callable': 1,
-      'discriminator': ('http://namespaces.zope.org/zope:module',
-                        'testmodule',
-                        'foo')},
-     {'args': ('testmodule', 'x', 'zope.Public'),
-      'callable': 1,
-      'discriminator': ('http://namespaces.zope.org/zope:module',
-                        'testmodule',
-                        'x')},
-     {'args': ('testmodule', 'y', 'zope.Public'),
-      'callable': 1,
-      'discriminator': ('http://namespaces.zope.org/zope:module',
-                        'testmodule',
-                        'y')}]
-
-    """
-
-def test_require():
-    """
-
-    The allow directive creates actions for each named defined
-    directly, or via interface:
-
-    >>> class Context(object):
-    ...     def __init__(self):
-    ...         self.actions = []
-    ...
-    ...     def action(self, discriminator, callable, args):
-    ...         self.actions.append(
-    ...             {'discriminator': discriminator,
-    ...              'callable': int(callable is metaconfigure.protectModule),
-    ...              'args': args})
-    ...
-    ...     module='testmodule'
-
-    >>> context = Context()
-    >>> metaconfigure.require(context, attributes=['foo', 'bar'],
-    ...                       interface=[I1, I2], permission='p')
-
-    >>> context.actions.sort(
-    ...    lambda a, b: cmp(a['discriminator'], b['discriminator']))
-    >>> pprint(context.actions)
-    [{'args': ('testmodule', 'a', 'p'),
-      'callable': 1,
-      'discriminator': ('http://namespaces.zope.org/zope:module',
-                        'testmodule',
-                        'a')},
-     {'args': ('testmodule', 'b', 'p'),
-      'callable': 1,
-      'discriminator': ('http://namespaces.zope.org/zope:module',
-                        'testmodule',
-                        'b')},
-     {'args': ('testmodule', 'bar', 'p'),
-      'callable': 1,
-      'discriminator': ('http://namespaces.zope.org/zope:module',
-                        'testmodule',
-                        'bar')},
-     {'args': ('testmodule', 'foo', 'p'),
-      'callable': 1,
-      'discriminator': ('http://namespaces.zope.org/zope:module',
-                        'testmodule',
-                        'foo')},
-     {'args': ('testmodule', 'x', 'p'),
-      'callable': 1,
-      'discriminator': ('http://namespaces.zope.org/zope:module',
-                        'testmodule',
-                        'x')},
-     {'args': ('testmodule', 'y', 'p'),
-      'callable': 1,
-      'discriminator': ('http://namespaces.zope.org/zope:module',
-                        'testmodule',
-                        'y')}]
-    
-    """
-
-class IDummy(Interface):
-
-    perm = zope.security.zcml.Permission(title=u'')
-
-perms = []
-
-def dummy(context_, perm):
-    global perms
-    perms.append(perm)
-
-
-class DirectivesTest(PlacelessSetup, unittest.TestCase):
-
-    def setUp(self):
-        super(DirectivesTest, self).setUp()
-        from zope.app.security import tests
-        self.context = xmlconfig.file("redefineperms.zcml", tests)
-
-    def tearDown(self):
-        super(DirectivesTest, self).tearDown()
-        perms.remove('zope.Security')
-
-    def testRedefinePermission(self):
-        self.assertEqual(perms, ['zope.Security'])
-
-def setUpAuth(test=None):
-    setUp(test)
-    from zope.app.authentication.placelesssetup import PlacelessSetup
-    PlacelessSetup().setUp()
-
-def zcml(s):
-    context = xmlconfig.file('meta.zcml', package=zope.app.security)
-    xmlconfig.string(s, context)
-
-def reset():
-    tearDown()
-    setUpAuth()
-
-def test_suite():
-    return unittest.TestSuite((
-        doctest.DocTestSuite(setUp=setUp, tearDown=tearDown),
-        doctest.DocTestSuite('zope.security.zcml'),
-        unittest.makeSuite(DirectivesTest),
-        doctest.DocFileSuite(
-            '../globalprincipals.txt',
-            globs={'zcml': zcml, 'reset': reset},
-            setUp=setUpAuth, tearDown=tearDown,
-            )
-        ))
-
-if __name__ == '__main__': unittest.main()



More information about the Checkins mailing list