[Checkins] SVN: z3ext.security/trunk/ Added 'checkPermissionForPrincipal' helper function

Nikolay Kim fafhrd at datacom.kz
Wed Mar 25 06:01:11 EDT 2009 

Log message for revision 98358:
  Added 'checkPermissionForPrincipal' helper function

Changed:
  U   z3ext.security/trunk/CHANGES.txt
  U   z3ext.security/trunk/src/z3ext/security/interfaces.py
  U   z3ext.security/trunk/src/z3ext/security/securitypolicy.py
  U   z3ext.security/trunk/src/z3ext/security/utils.py

-=-
Modified: z3ext.security/trunk/CHANGES.txt
===================================================================
--- z3ext.security/trunk/CHANGES.txt	2009-03-25 09:21:56 UTC (rev 98357)
+++ z3ext.security/trunk/CHANGES.txt	2009-03-25 10:01:11 UTC (rev 98358)
@@ -2,6 +2,12 @@
 CHANGES
 =======
 
+1.2.6 (2009-03-25)
+------------------
+
+- Added 'checkPermissionForPrincipal' helper function
+
+
 1.2.5 (2009-03-15)
 ------------------
 

Modified: z3ext.security/trunk/src/z3ext/security/interfaces.py
===================================================================
--- z3ext.security/trunk/src/z3ext/security/interfaces.py	2009-03-25 09:21:56 UTC (rev 98357)
+++ z3ext.security/trunk/src/z3ext/security/interfaces.py	2009-03-25 10:01:11 UTC (rev 98358)
@@ -18,6 +18,10 @@
 from zope import interface
 
 
+class IZ3extSecurityPolicy(interface.Interface):
+    """ z3ext security policy """
+
+
 class IPrincipalGroups(interface.Interface):
     """ principal groups """
 

Modified: z3ext.security/trunk/src/z3ext/security/securitypolicy.py
===================================================================
--- z3ext.security/trunk/src/z3ext/security/securitypolicy.py	2009-03-25 09:21:56 UTC (rev 98357)
+++ z3ext.security/trunk/src/z3ext/security/securitypolicy.py	2009-03-25 10:01:11 UTC (rev 98358)
@@ -15,6 +15,7 @@
 
 $Id$
 """
+from zope import interface
 from zope.component import getAdapters
 from zope.security.proxy import removeSecurityProxy
 from zope.app.security.settings import Allow
@@ -30,7 +31,9 @@
 from zope.securitypolicy.zopepolicy import globalRolesForPermission
 from zope.securitypolicy.zopepolicy import globalPrincipalPermissionSetting
 
+from interfaces import IZ3extSecurityPolicy
 
+
 class CacheEntry(object):
 
     prinper = None
@@ -46,6 +49,7 @@
 
 
 class SecurityPolicy(ZopeSecurityPolicy):
+    interface.implements(IZ3extSecurityPolicy)
 
     def cache(self, parent):
         cache = self._cache

Modified: z3ext.security/trunk/src/z3ext/security/utils.py
===================================================================
--- z3ext.security/trunk/src/z3ext/security/utils.py	2009-03-25 09:21:56 UTC (rev 98357)
+++ z3ext.security/trunk/src/z3ext/security/utils.py	2009-03-25 10:01:11 UTC (rev 98358)
@@ -16,10 +16,13 @@
 $Id$
 """
 from zope.component import getUtility
+from zope.security.proxy import removeSecurityProxy
 from zope.security.management import queryInteraction
 from zope.app.security.interfaces import IAuthentication, PrincipalLookupError
 
+from interfaces import IZ3extSecurityPolicy
 
+
 def getPrincipal(id=None):
     """ get current interaction principal """
     if id is None:
@@ -34,3 +37,14 @@
             return getUtility(IAuthentication).getPrincipal(id)
         except PrincipalLookupError:
             return None
+
+
+def checkPermissionForPrincipal(principal, permission, object):
+    interaction = queryInteraction()
+
+    if IZ3extSecurityPolicy.providedBy(interaction):
+        return interaction.cached_decision(
+            removeSecurityProxy(object), principal.id,
+            interaction._groupsFor(principal), permission)
+
+    return False

More information about the Checkins mailing list