[Checkins] SVN: z3ext.permissionsmap/trunk/ - Allow empty permissionsmap name registered for 'class' or 'interface'

Nikolay Kim fafhrd91 at gmail.com
Sat Nov 21 19:39:01 EST 2009


Log message for revision 105953:
  - Allow empty permissionsmap name registered for 'class' or 'interface'
  
  - Tests updated, 100% coverage
  
  
  

Changed:
  U   z3ext.permissionsmap/trunk/CHANGES.txt
  U   z3ext.permissionsmap/trunk/src/z3ext/permissionsmap/README.txt
  U   z3ext.permissionsmap/trunk/src/z3ext/permissionsmap/permissionsmap.py
  U   z3ext.permissionsmap/trunk/src/z3ext/permissionsmap/zcml.py

-=-
Modified: z3ext.permissionsmap/trunk/CHANGES.txt
===================================================================
--- z3ext.permissionsmap/trunk/CHANGES.txt	2009-11-22 00:19:49 UTC (rev 105952)
+++ z3ext.permissionsmap/trunk/CHANGES.txt	2009-11-22 00:39:01 UTC (rev 105953)
@@ -2,10 +2,14 @@
 CHANGES
 =======
 
-1.3.1 (Unreleased)
+1.3.1 (2009-11-21)
 ------------------
 
+- Allow empty permissionsmap name registered for 'class' or 'interface'
 
+- Tests updated, 100% coverage
+
+
 1.3.0 (2009-08-11)
 ------------------
 

Modified: z3ext.permissionsmap/trunk/src/z3ext/permissionsmap/README.txt
===================================================================
--- z3ext.permissionsmap/trunk/src/z3ext/permissionsmap/README.txt	2009-11-22 00:19:49 UTC (rev 105952)
+++ z3ext.permissionsmap/trunk/src/z3ext/permissionsmap/README.txt	2009-11-22 00:39:01 UTC (rev 105953)
@@ -75,7 +75,7 @@
   ...        name="myPermissions1">
   ...
   ...     <grant permission="my.p1" role="r1 r2 r3" />
-  ...     <deny permission="my.p2" role="r1 r3" />
+  ...     <deny permission="my.p2" role="r2" />
   ...     <denyAll permission="my.p3" />
   ...   </permissions>
   ... </configure>""", context)
@@ -85,10 +85,76 @@
   >>> perms = component.getAdapter(content, \
   ...     interfaces.IPermissionsMap, 'myPermissions1')
 
+  >>> print perms.getPermissionsForRole('r1')
+  [('my.p1', PermissionSetting: Allow), ('my.p3', PermissionSetting: Deny)]
+
+We can define permissionsmap with same name and for multple times
+
+  >>> context = xmlconfig.string("""
+  ... <configure xmlns="http://namespaces.zope.org/zope">
+  ...   <permissions for="z3ext.permissionsmap.tests.TestContent1"
+  ...        name="myPermissions1">
+  ...     <deny permission="my.p2" role="r1" />
+  ...   </permissions>
+  ... </configure>""", context)
+
+  >>> print perms.getPermissionsForRole('r1')
+  [('my.p1', PermissionSetting: Allow), ('my.p3', PermissionSetting: Deny), ('my.p2', PermissionSetting: Deny)]
+
   >>> verifyObject(interfaces.IDefaultPermissionsMap, perms)
   True
 
+We can create permissionsmap without name, but in this case '__default_class__'
+name will be used.
 
+  >>> context = xmlconfig.string("""
+  ... <configure xmlns="http://namespaces.zope.org/zope">
+  ...   <permissions for="z3ext.permissionsmap.tests.TestContent1">
+  ...     <grant permission="my.p1" role="r1 r2 r3" />
+  ...     <deny permission="my.p2" role="r1 r3" />
+  ...     <grantAll permission="my.p3" />
+  ...   </permissions>
+  ... </configure>""", context)
+
+  >>> perms = component.getAdapter(content, \
+  ...     interfaces.IPermissionsMap, '__default_class__')
+
+  >>> verifyObject(interfaces.IDefaultPermissionsMap, perms)
+  True
+
+  >>> perms.getRolesForPermission('my.p3')
+  [(u'r1', PermissionSetting: Allow), (u'r2', PermissionSetting: Allow), (u'r3', PermissionSetting: Allow)]
+
+DenyAll is higher than GrantAll
+
+  >>> context = xmlconfig.string("""
+  ... <configure xmlns="http://namespaces.zope.org/zope">
+  ...   <permissions for="z3ext.permissionsmap.tests.TestContent1"
+  ...        name="myPermissions1">
+  ...     <denyAll permission="my.p3" />
+  ...     <grantAll permission="my.p3" />
+  ...   </permissions>
+  ... </configure>""", context)
+
+  >>> perms = component.getAdapter(
+  ...     content, interfaces.IPermissionsMap, 'myPermissions1')
+
+  >>> perms.getRolesForPermission('my.p3')
+  [(u'r1', PermissionSetting: Deny), (u'r2', PermissionSetting: Deny), (u'r3', PermissionSetting: Deny)]
+
+  >>> context = xmlconfig.string("""
+  ... <configure xmlns="http://namespaces.zope.org/zope">
+  ...
+  ...   <permissions>
+  ...     <grant permission="my.p1" role="r1 r2 r3" />
+  ...     <deny permission="my.p2" role="r1 r3" />
+  ...     <denyAll permission="my.p3" />
+  ...   </permissions>
+  ... </configure>""", context)
+  Traceback (most recent call last):
+  ...
+  ZopeXMLConfigurationError: ...
+
 We can assign permissions map to any annotatable content
 
   >>> from zope.annotation.interfaces import IAttributeAnnotatable

Modified: z3ext.permissionsmap/trunk/src/z3ext/permissionsmap/permissionsmap.py
===================================================================
--- z3ext.permissionsmap/trunk/src/z3ext/permissionsmap/permissionsmap.py	2009-11-22 00:19:49 UTC (rev 105952)
+++ z3ext.permissionsmap/trunk/src/z3ext/permissionsmap/permissionsmap.py	2009-11-22 00:39:01 UTC (rev 105953)
@@ -54,7 +54,7 @@
         if settings:
             settings.update(
                 [(pid, setting) for pid, setting in \
-                     super(PermissionsMap, self).getPermissionsForRole(role_id)])
+                     super(PermissionsMap,self).getPermissionsForRole(role_id)])
 
             return settings.items()
 
@@ -75,7 +75,8 @@
 
             settings.update(
                 [(rid, setting) for rid, setting in \
-                     super(PermissionsMap, self).getRolesForPermission(permission_id)])
+                     super(PermissionsMap, self).getRolesForPermission(
+                        permission_id)])
 
             return settings.items()
         else:

Modified: z3ext.permissionsmap/trunk/src/z3ext/permissionsmap/zcml.py
===================================================================
--- z3ext.permissionsmap/trunk/src/z3ext/permissionsmap/zcml.py	2009-11-22 00:19:49 UTC (rev 105952)
+++ z3ext.permissionsmap/trunk/src/z3ext/permissionsmap/zcml.py	2009-11-22 00:39:01 UTC (rev 105953)
@@ -21,6 +21,7 @@
 from zope import schema, interface, component
 from zope.security.zcml import Permission
 from zope.configuration.fields import Tokens, GlobalObject
+from zope.configuration.exceptions import ConfigurationError
 from zope.securitypolicy.interfaces import IRole
 
 from interfaces import IPermissionsMap
@@ -34,7 +35,7 @@
     name = schema.TextLine(
         title=u"Name",
         description=u"Permissions map identifier.",
-        required=True)
+        required=False)
 
     for_ = GlobalObject(
         title=u"For",
@@ -147,12 +148,12 @@
     if for_ is not None:
         global classPermissions
 
-        perms = classPermissions.get(for_)
+        perms = classPermissions.get((for_, name))
         if perms is not None:
             return
 
         perms = PermissionsMap(name, title, description)
-        classPermissions[for_] = perms
+        classPermissions[(for_, name)] = perms
         interface.alsoProvides(perms, IDefaultPermissionsMap)
 
         # register map as adapter for for_
@@ -173,7 +174,7 @@
     sm = globalregistry.globalSiteManager
 
     if for_ is not None:
-        permissionmap = classPermissions[for_]
+        permissionmap = classPermissions[(for_, name)]
     else:
         permissionmap = sm.getUtility(IPermissionsMap, name)
 
@@ -189,7 +190,7 @@
     sm = globalregistry.globalSiteManager
 
     if for_ is not None:
-        permissionmap = classPermissions[for_]
+        permissionmap = classPermissions[(for_, name)]
     else:
         permissionmap = sm.getUtility(IPermissionsMap, name)
 
@@ -206,8 +207,16 @@
 
 class permissionsMapDirective(object):
 
-    def __init__(self, _context, name, for_=None,
+    def __init__(self, _context, name=None, for_=None,
                  title='', description='', override=True):
+
+        if for_ is None and not name:
+            raise ConfigurationError(
+                "'for' or 'name' should be provided for permissionsmap declaration")
+
+        if not name:
+            name = '__default_class__'
+
         self.for_ = for_
         self.name = name
         self.override = override



More information about the checkins mailing list