[Zope-Checkins] CVS: Zope3/lib/python/Zope/App/ZopePublication - ZopePublication.py:1.1.2.19
Guido van Rossum
guido@python.org
Thu, 13 Dec 2001 17:11:08 -0500
Update of /cvs-repository/Zope3/lib/python/Zope/App/ZopePublication
In directory cvs.zope.org:/tmp/cvs-serv17699
Modified Files:
Tag: Zope-3x-branch
ZopePublication.py
Log Message:
Link in security manager stuff.
=== Zope3/lib/python/Zope/App/ZopePublication/ZopePublication.py 1.1.2.18 => 1.1.2.19 ===
from Zope.Publisher.Exceptions import Retry
from Zope.App.Security.SecurityManagement import getSecurityManager
+from Zope.App.Security.SecurityManagement import newSecurityManager
+from Zope.App.Security.PrincipalRegistry import globalRegistry as prin_reg
+from Zope.Exceptions import Unauthorized
from ZODB.POSException import ConflictError
from Zope.App.OFS.RootFolder import RootFolder
@@ -42,7 +45,7 @@
def commit(self): pass
-class ZopePublication (DefaultPublication):
+class ZopePublication(DefaultPublication):
"""Base Zope publication specification."""
version_cookie = 'Zope-Version'
@@ -54,6 +57,12 @@
self.db = db
def beforeTraversal(self, request):
+ id = prin_reg.authenticate(request)
+ if id is None:
+ id = prin_reg.defaultPrincipal()
+ if id is None:
+ raise Unauthorized # If there's no default principal
+ newSecurityManager(id)
get_transaction().begin()
def openedConnection(self, conn):
@@ -107,6 +116,13 @@
get_transaction().abort()
t, v = exc_info[:2]
+ # XXX This leaks exc_info...
+
+ # Delegate Unauthorized errors to the authentication service
+ if isinstance(v, Unauthorized):
+ sm = getSecurityManager()
+ id = sm.getPrincipal()
+ prin_reg.unauthorized(id, request) # May issue challenge
# Look for a component to handle the exception.
traversed = request.traversed