[Zope-Checkins] CVS: Zope/lib/python/AccessControl - DTML.py:1.8 PermissionRole.py:1.13 SecurityManagement.py:1.5 SecurityManager.py:1.8 ZopeGuards.py:1.8 ZopeSecurityPolicy.py:1.15 cAccessControl.c:1.12

Matthew T. Kromer matt@zope.com
Fri, 26 Oct 2001 12:07:51 -0400


Update of /cvs-repository/Zope/lib/python/AccessControl
In directory cvs.zope.org:/tmp/cvs-serv2260/lib/python/AccessControl

Modified Files:
	DTML.py PermissionRole.py SecurityManagement.py 
	SecurityManager.py ZopeGuards.py ZopeSecurityPolicy.py 
	cAccessControl.c 
Log Message:
Document Template accelerations and additonal C Security Manager accelerations
from cAccessControl-review-branch.


=== Zope/lib/python/AccessControl/DTML.py 1.7 => 1.8 ===
 import DocumentTemplate.sequence
 
-from ZopeGuards import guarded_getattr, guarded_getitem, _marker
+from ZopeGuards import guarded_getattr, guarded_getitem
 
 class RestrictedDTML:
     '''
     A mix-in for derivatives of DT_String.String that adds Zope security.
     '''
-    def guarded_getattr(self, ob, name, default=_marker):
-        return guarded_getattr(ob, name, default)
+    def guarded_getattr(self, *args): # ob, name [, default]
+        return guarded_getattr(*args)
 
     def guarded_getitem(self, ob, index):
         return guarded_getitem(ob, index)
 
+
+try:
+    #raise ImportError
+    import os
+    if os.environ.get("ZOPE_SECURITY_POLICY", None) == "PYTHON":
+        raise ImportError # :)
+    from cAccessControl import RestrictedDTMLMixin
+except ImportError:
+    pass
+else:
+
+    class RestrictedDTML(RestrictedDTMLMixin, RestrictedDTML):
+        '''
+        A mix-in for derivatives of DT_String.String that adds Zope security.
+        '''
+    
 
 # Allow access to unprotected attributes
 DT_Util.TemplateDict.__allow_access_to_unprotected_subobjects__=1


=== Zope/lib/python/AccessControl/PermissionRole.py 1.12 => 1.13 ===


=== Zope/lib/python/AccessControl/SecurityManagement.py 1.4 => 1.5 ===
 __version__='$Revision$'[11:-2]
 
+def getSecurityManager():
+    """Get a security manager, for the current thread.
+    """
+    thread_id=get_ident()
+    manager=_managers.get(thread_id, None)
+    if manager is None:
+        manager=SecurityManager(
+            thread_id,
+            SecurityContext(SpecialUsers.nobody))
+        _managers[thread_id]=manager
+        
+    return manager
+
 import SpecialUsers
 from SecurityManager import SecurityManager
 try:    import thread
@@ -109,19 +122,6 @@
     try: del _managers[get_ident()]
     except: pass
     
-
-def getSecurityManager():
-    """Get a security manager, for the current thread.
-    """
-    thread_id=get_ident()
-    manager=_managers.get(thread_id, None)
-    if manager is None:
-        manager=SecurityManager(
-            thread_id,
-            SecurityContext(SpecialUsers.nobody))
-        _managers[thread_id]=manager
-        
-    return manager
 
 def setSecurityPolicy(aSecurityPolicy):
     """Set the system default security policy. 


=== Zope/lib/python/AccessControl/SecurityManager.py 1.7 => 1.8 ===
 except: max_stack_size=100
 
-_defaultPolicy=ZopeSecurityPolicy.ZopeSecurityPolicy()
+if os.environ.has_key("ZSP_OWNEROUS_SKIP"): ownerous=0
+else: ownerous=1
+if os.environ.has_key("ZSP_AUTHENTICATION_SKIP"): authenticated=0
+else: authenticated=1
+_defaultPolicy=ZopeSecurityPolicy.ZopeSecurityPolicy(ownerous=ownerous,
+    authenticated=authenticated)
 def setSecurityPolicy(aSecurityPolicy):
     """Set the system default security policy. 
 
@@ -107,6 +112,7 @@
     _defaultPolicy=aSecurityPolicy
     return last
 
+
 class SecurityManager:
     """A security manager provides methods for checking access and managing
     executable context and policies
@@ -116,35 +122,34 @@
         'validate': 1, 'validateValue': 1, 'checkPermission': 1,
         'getUser': 1, 'calledByExecutable': 1
         }
-    
+
     def __init__(self, thread_id, context):
         self._thread_id=thread_id
         self._context=context
-        self._policy=None
+        self._policy=_defaultPolicy
 
     def validate(self, accessed=None, container=None, name=None, value=None,
                  roles=_noroles):
         """Validate access.
 
         Arguments:
-        
+
         accessed -- the object that was being accessed
-        
+
         container -- the object the value was found in
-        
+
         name -- The name used to access the value
-        
+
         value -- The value retrieved though the access.
 
         roles -- The roles of the object if already known.
-        
+
         The arguments may be provided as keyword arguments. Some of these
         arguments may be ommitted, however, the policy may reject access
         in some cases when arguments are ommitted.  It is best to provide
         all the values possible.
         """
         policy=self._policy
-        if policy is None: policy=_defaultPolicy
         if roles is _noroles:
             return policy.validate(accessed, container, name, value,
                                    self._context)
@@ -153,19 +158,19 @@
                                    self._context, roles)
 
     def DTMLValidate(self, accessed=None, container=None, name=None,
-                    value=None,md=None):
+                    value=None, md=None):
 
         """Validate access.
         * THIS EXISTS FOR DTML COMPATIBILITY *
 
         Arguments:
-        
+
         accessed -- the object that was being accessed
-        
+
         container -- the object the value was found in
-        
+
         name -- The name used to access the value
-        
+
         value -- The value retrieved though the access.
 
         md -- multidict for DTML (ignored)
@@ -177,7 +182,6 @@
 
         """
         policy=self._policy
-        if policy is None: policy=_defaultPolicy
         return policy.validate(accessed, container, name, value,
                                self._context)
 
@@ -185,7 +189,6 @@
         """Convenience for common case of simple value validation.
         """
         policy=self._policy
-        if policy is None: policy=_defaultPolicy
         if roles is _noroles:
             return policy.validate(None, None, None, value,
                                    self._context)
@@ -198,13 +201,12 @@
         the given object.
 
         Arguments:
-        
+
         permission -- A permission name
-        
+
         object -- The object being accessed according to the permission
         """
         policy=self._policy
-        if policy is None: policy=_defaultPolicy
         return policy.checkPermission(permission, object,
                                       self._context)
 
@@ -218,7 +220,10 @@
             raise SystemError, 'Excessive recursion'
         stack.append(anExecutableObject)
         p=getattr(anExecutableObject, '_customSecurityPolicy', None)
-        if p is not None: p=p()
+        if p is not None:
+            p=p()
+        else:
+            p=_defaultPolicy
         self._policy=p
 
     def removeContext(self, anExecutableObject,
@@ -245,10 +250,13 @@
         if stack:
             top=stack[-1]
             p=getattr(top, '_customSecurityPolicy', None)
-            if p is not None: p=p()
+            if p is not None:
+                p=p()
+            else:
+                p=_defaultPolicy
             self._policy=p
         else:
-            self._policy=None
+            self._policy=_defaultPolicy
 
     def getUser(self):
         """Get the current authenticated user"""
@@ -260,3 +268,17 @@
         return len(self._context.stack)
 
 
+try:
+    #raise ImportError
+    import os
+    if os.environ.get("ZOPE_SECURITY_POLICY", None) == "PYTHON":
+        raise ImportError # :)
+    from cAccessControl import SecurityManager as cSecurityManager
+except ImportError:
+    pass
+else:
+
+    class SecurityManager(cSecurityManager, SecurityManager):
+        """A security manager provides methods for checking access and managing
+        executable context and policies
+        """


=== Zope/lib/python/AccessControl/ZopeGuards.py 1.7 => 1.8 ===
 safe_builtins.update(utility_builtins)
 
-def aq_validate(inst, obj, name, v, validate):
-    return validate(inst, obj, name, v)
+try:
+
+    #raise ImportError
+    import os
+    if os.environ.get("ZOPE_SECURITY_POLICY", None) == "PYTHON":
+        raise ImportError # :)
+    from cAccessControl import aq_validate, guarded_getattr
+
+except ImportError:
+
+    def aq_validate(inst, obj, name, v, validate):
+        return validate(inst, obj, name, v)
+
+
+    def guarded_getattr(inst, name, default=_marker):
+        if name[:1] != '_':
+            # Try to get the attribute normally so that unusual
+            # exceptions are caught early.
+            try: v = getattr(inst, name)
+            except AttributeError:
+                if default is not _marker:
+                    return default
+                raise
+            if Containers(type(inst)):
+                # Simple type.  Short circuit.
+                return v
+            validate = getSecurityManager().validate
+            # Filter out the objects we can't access.
+            if hasattr(inst, 'aq_acquire'):
+                return inst.aq_acquire(name, aq_validate, validate)
+            # Or just try to get the attribute directly.
+            if validate(inst, inst, name, v):
+                return v
+        raise Unauthorized, name
 
-def guarded_getattr(inst, name, default=_marker):
-    if name[:1] != '_':
-        # Try to get the attribute normally so that unusual
-        # exceptions are caught early.
-        try: v = getattr(inst, name)
-        except AttributeError:
-            if default is not _marker:
-                return default
-            raise
-        if Containers(type(inst)):
-            # Simple type.  Short circuit.
-            return v
-        validate = getSecurityManager().validate
-        # Filter out the objects we can't access.
-        if hasattr(inst, 'aq_acquire'):
-            return inst.aq_acquire(name, aq_validate, validate)
-        # Or just try to get the attribute directly.
-        if validate(inst, inst, name, v):
-            return v
-    raise Unauthorized, name
 safe_builtins['getattr'] = guarded_getattr
 
 def guarded_hasattr(object, name):


=== Zope/lib/python/AccessControl/ZopeSecurityPolicy.py 1.14 => 1.15 ===
     class ZopeSecurityPolicy:
 
-        def __init__(self, ownerous=1):
+        def __init__(self, ownerous=1, authenticated=1):
+            """Create a Zope security policy.
+
+            Two optional keyword arguments may be provided:
+
+            ownerous -- Untrusted users can create code
+                        (e.g. Python scripts or templates),
+                        so check that code owners can access resources.
+                        The argument must have a truth value.
+                        The default is true.
+
+            authenticated -- Allow access to resources based on the
+                        privaledges of the authenticated user.  
+                        The argument must have a truth value.
+                        The default is true.
+
+                        This (somewhat experimental) option can be set
+                        to false on sites that allow only public
+                        (unauthenticated) access. An anticipated
+                        scenario is a ZEO configuration in which some
+                        clients allow only public access and other
+                        clients allow full management.
+            """
+            
             self._ownerous=ownerous
+            self._authenticated=authenticated
 
         def validate(self, accessed, container, name, value, context,
                      roles=_noroles, None=None, type=type, IntType=type(0),
@@ -239,7 +263,8 @@
 
 
             try:
-                if context.user.allowed(value, roles): return 1
+                if self._authenticated and context.user.allowed(value, roles):
+                    return 1
             except AttributeError: pass
 
             # We don't want someone to acquire if they can't get an unacquired!
@@ -254,4 +279,3 @@
             if type(roles) is StringType:
                 roles=[roles]
             return context.user.allowed(object, roles)
-


=== Zope/lib/python/AccessControl/cAccessControl.c 1.11 => 1.12 === (809/909 lines abridged)
 
 #include <stdio.h>
+#include <stdlib.h>
 
 #include "ExtensionClass.h"
 #include "Acquisition.h"
@@ -66,18 +67,24 @@
 #define OBJECT(o) ((PyObject *) (o))
 
 static PyObject *
-callmethod1(PyObject *self, PyObject *name, PyObject *arg)
+callfunction1(PyObject *function, PyObject *arg)
 {
-  UNLESS(self = PyObject_GetAttr(self,name)) return NULL;
-  name = PyTuple_New(1);
-  if (name == NULL) {
-    Py_DECREF(self);
+  PyObject *t, *r;
+  t = PyTuple_New(1);
+  if (t == NULL)
     return NULL;
-  }
   Py_INCREF(arg);
-  PyTuple_SET_ITEM(name, 0, arg);
-  ASSIGN(self, PyObject_CallObject(self, name));
-  Py_DECREF(name);
+  PyTuple_SET_ITEM(t, 0, arg);
+  r = PyObject_CallObject(function, t);
+  Py_DECREF(t);
+  return r;
+}
+
+static PyObject *
+callmethod1(PyObject *self, PyObject *name, PyObject *arg)
+{
+  UNLESS(self = PyObject_GetAttr(self,name)) return NULL;
+  ASSIGN(self, callfunction1(self, arg));
   return self;
 }
 
@@ -97,6 +104,198 @@
   return r;
 }
 
+static PyObject *
+callfunction3(PyObject *function, 
+              PyObject *arg0, PyObject *arg1, 
+              PyObject *arg2
+              )
+{

[-=- -=- -=- 809 lines omitted -=- -=- -=-]

-		OBJECT(&PermissionRoleType));
-
-	imPermissionRoleType.ob_type = &PyType_Type;
-	PyDict_SetItemString(dict, "imPermissionRoleType", 
-		OBJECT(&imPermissionRoleType));
-
 	PyDict_SetItemString(dict, "__version__",
 		PyString_FromStringAndSize(rev+11,strlen(rev+11)-2));
 
 	PyDict_SetItemString(dict, "_what_not_even_god_should_do",
 		_what_not_even_god_should_do);
 
+        PyExtensionClass_Export(dict, "RestrictedDTMLMixin",
+                                RestrictedDTMLMixinType);
+
 	PyExtensionClass_Export(dict, "ZopeSecurityPolicy",
 		ZopeSecurityPolicyType);
 
+        PyExtensionClass_Export(dict,"SecurityManager",
+                SecurityManagerType);
+
 	PyExtensionClass_Export(dict, "PermissionRole",
 		PermissionRoleType);
 
 	PyExtensionClass_Export(dict, "imPermissionRole",
 		imPermissionRoleType);
 
- 	imPermissionRoleObj = PyDict_GetItemString(dict, "imPermissionRole");
+ 	imPermissionRoleObj = PyMapping_GetItemString(dict, 
+                                                      "imPermissionRole");
+
+        aq_validate = PyMapping_GetItemString(dict, "aq_validate");
 
 	/*| from SimpleObjectPolicies import Containers
 	*/
@@ -1504,6 +2142,14 @@
 
 	IMPORT(module, "AccessControl.unauthorized");
 	GETATTR(module, Unauthorized);
+	Py_DECREF(module);
+	module = NULL;
+
+	/*| from AccessControl.SecurityManagement import getSecurityManager
+	*/
+
+	IMPORT(module, "AccessControl.SecurityManagement");
+	GETATTR(module, getSecurityManager);
 	Py_DECREF(module);
 	module = NULL;