[Checkins] SVN: grok/trunk/ grok.permissions() now can refer to grok.Permission classes not just permission ids
Jan-Wijbrand Kolman
janwijbrand at gmail.com
Tue Oct 13 06:01:38 EDT 2009
Log message for revision 105036:
grok.permissions() now can refer to grok.Permission classes not just permission ids
Changed:
U grok/trunk/CHANGES.txt
U grok/trunk/src/grok/directive.py
A grok/trunk/src/grok/tests/security/not_a_permission_class.py
A grok/trunk/src/grok/tests/security/not_a_permission_class_fixture.py
A grok/trunk/src/grok/tests/security/permissions.py
-=-
Modified: grok/trunk/CHANGES.txt
===================================================================
--- grok/trunk/CHANGES.txt 2009-10-13 10:00:42 UTC (rev 105035)
+++ grok/trunk/CHANGES.txt 2009-10-13 10:01:37 UTC (rev 105036)
@@ -4,6 +4,10 @@
1.1 (unreleased)
================
+* The ``grok.permissions()``, that is used in the ``grok.Role`` component now
+ accepts references to ``grok.Permission`` class, not just permission ids.
+ This behaviour is now symetrical to the ``grok.require()`` directive.
+
* Added an util function, ``create_application``, to create an
application and trigger the correct events during the process.
Modified: grok/trunk/src/grok/directive.py
===================================================================
--- grok/trunk/src/grok/directive.py 2009-10-13 10:00:42 UTC (rev 105035)
+++ grok/trunk/src/grok/directive.py 2009-10-13 10:01:37 UTC (rev 105036)
@@ -30,7 +30,9 @@
"""
+import grok
import martian
+import martian.util
from grokcore.view.directive import TaggedValueStoreOnce
@@ -63,9 +65,25 @@
store = martian.ONCE
default = []
- def factory(self, *args):
- return args
+ def validate(self, *values):
+ for value in values:
+ if martian.util.check_subclass(value, grok.Permission):
+ continue
+ if martian.util.not_unicode_or_ascii(value):
+ raise grok.GrokImportError(
+ "You can only pass unicode values, ASCII values, or "
+ "subclasses of grok.Permission to the '%s' directive."
+ % self.name)
+ def factory(self, *values):
+ permission_ids = []
+ for value in values:
+ if martian.util.check_subclass(value, grok.Permission):
+ permission_ids.append(grok.name.bind().get(value))
+ else:
+ permission_ids.append(value)
+ return permission_ids
+
class traversable(martian.Directive):
"""The `grok.traversable()` directive.
Added: grok/trunk/src/grok/tests/security/not_a_permission_class.py
===================================================================
--- grok/trunk/src/grok/tests/security/not_a_permission_class.py (rev 0)
+++ grok/trunk/src/grok/tests/security/not_a_permission_class.py 2009-10-13 10:01:37 UTC (rev 105036)
@@ -0,0 +1,11 @@
+"""
+The permissions() directive only accepts permission ids or permission classes:
+
+ >>> import grok
+ >>> grok.testing.grok('grok.tests.security.not_a_permission_class_fixture')
+ Traceback (most recent call last):
+ ...
+ GrokImportError: You can only pass unicode values, ASCII values, or
+ subclasses of grok.Permission to the 'permissions' directive.
+
+"""
Added: grok/trunk/src/grok/tests/security/not_a_permission_class_fixture.py
===================================================================
--- grok/trunk/src/grok/tests/security/not_a_permission_class_fixture.py (rev 0)
+++ grok/trunk/src/grok/tests/security/not_a_permission_class_fixture.py 2009-10-13 10:01:37 UTC (rev 105036)
@@ -0,0 +1,8 @@
+import grok
+
+class NotAPermissionSubclass(object):
+ grok.name('not really a permission')
+
+class MyRole(grok.Role):
+ grok.name('MyRole')
+ grok.permissions(NotAPermissionSubclass)
Added: grok/trunk/src/grok/tests/security/permissions.py
===================================================================
--- grok/trunk/src/grok/tests/security/permissions.py (rev 0)
+++ grok/trunk/src/grok/tests/security/permissions.py 2009-10-13 10:01:37 UTC (rev 105036)
@@ -0,0 +1,32 @@
+"""
+A Role component optionally defines what permission it comprises.
+
+The grok.permissions() directive is used to specify the set of permissions
+that are aggregated in the particular Role. The permissions can be referenced
+by "name" or by class.
+
+ >>> grok.testing.grok(__name__)
+"""
+
+import grok
+import zope.interface
+
+class FirstPermission(grok.Permission):
+ grok.name('first permission')
+
+class SecondPermission(grok.Permission):
+ grok.name('second permission')
+
+class RoleComprisingTwoPermissionsByName(grok.Role):
+ grok.name('ByName')
+ grok.permissions(
+ 'first permission',
+ 'second permission'
+ )
+
+class RoleComprisingTwoPermissionsByClass(grok.Role):
+ grok.name('ByClass')
+ grok.permissions(
+ FirstPermission,
+ SecondPermission
+ )
More information about the checkins
mailing list