[Checkins] SVN: z3ext.security/trunk/ Added 'checkPermissionForPrincipal' helper function
Nikolay Kim
fafhrd at datacom.kz
Wed Mar 25 06:01:11 EDT 2009
Log message for revision 98358:
Added 'checkPermissionForPrincipal' helper function
Changed:
U z3ext.security/trunk/CHANGES.txt
U z3ext.security/trunk/src/z3ext/security/interfaces.py
U z3ext.security/trunk/src/z3ext/security/securitypolicy.py
U z3ext.security/trunk/src/z3ext/security/utils.py
-=-
Modified: z3ext.security/trunk/CHANGES.txt
===================================================================
--- z3ext.security/trunk/CHANGES.txt 2009-03-25 09:21:56 UTC (rev 98357)
+++ z3ext.security/trunk/CHANGES.txt 2009-03-25 10:01:11 UTC (rev 98358)
@@ -2,6 +2,12 @@
CHANGES
=======
+1.2.6 (2009-03-25)
+------------------
+
+- Added 'checkPermissionForPrincipal' helper function
+
+
1.2.5 (2009-03-15)
------------------
Modified: z3ext.security/trunk/src/z3ext/security/interfaces.py
===================================================================
--- z3ext.security/trunk/src/z3ext/security/interfaces.py 2009-03-25 09:21:56 UTC (rev 98357)
+++ z3ext.security/trunk/src/z3ext/security/interfaces.py 2009-03-25 10:01:11 UTC (rev 98358)
@@ -18,6 +18,10 @@
from zope import interface
+class IZ3extSecurityPolicy(interface.Interface):
+ """ z3ext security policy """
+
+
class IPrincipalGroups(interface.Interface):
""" principal groups """
Modified: z3ext.security/trunk/src/z3ext/security/securitypolicy.py
===================================================================
--- z3ext.security/trunk/src/z3ext/security/securitypolicy.py 2009-03-25 09:21:56 UTC (rev 98357)
+++ z3ext.security/trunk/src/z3ext/security/securitypolicy.py 2009-03-25 10:01:11 UTC (rev 98358)
@@ -15,6 +15,7 @@
$Id$
"""
+from zope import interface
from zope.component import getAdapters
from zope.security.proxy import removeSecurityProxy
from zope.app.security.settings import Allow
@@ -30,7 +31,9 @@
from zope.securitypolicy.zopepolicy import globalRolesForPermission
from zope.securitypolicy.zopepolicy import globalPrincipalPermissionSetting
+from interfaces import IZ3extSecurityPolicy
+
class CacheEntry(object):
prinper = None
@@ -46,6 +49,7 @@
class SecurityPolicy(ZopeSecurityPolicy):
+ interface.implements(IZ3extSecurityPolicy)
def cache(self, parent):
cache = self._cache
Modified: z3ext.security/trunk/src/z3ext/security/utils.py
===================================================================
--- z3ext.security/trunk/src/z3ext/security/utils.py 2009-03-25 09:21:56 UTC (rev 98357)
+++ z3ext.security/trunk/src/z3ext/security/utils.py 2009-03-25 10:01:11 UTC (rev 98358)
@@ -16,10 +16,13 @@
$Id$
"""
from zope.component import getUtility
+from zope.security.proxy import removeSecurityProxy
from zope.security.management import queryInteraction
from zope.app.security.interfaces import IAuthentication, PrincipalLookupError
+from interfaces import IZ3extSecurityPolicy
+
def getPrincipal(id=None):
""" get current interaction principal """
if id is None:
@@ -34,3 +37,14 @@
return getUtility(IAuthentication).getPrincipal(id)
except PrincipalLookupError:
return None
+
+
+def checkPermissionForPrincipal(principal, permission, object):
+ interaction = queryInteraction()
+
+ if IZ3extSecurityPolicy.providedBy(interaction):
+ return interaction.cached_decision(
+ removeSecurityProxy(object), principal.id,
+ interaction._groupsFor(principal), permission)
+
+ return False
More information about the Checkins
mailing list