[Zope-Checkins] CVS: Zope3/lib/python/Zope/Security/tests - testChecker.py:1.1.2.7

Jim Fulton jim@zope.com
Fri, 26 Apr 2002 14:22:54 -0400


Update of /cvs-repository/Zope3/lib/python/Zope/Security/tests
In directory cvs.zope.org:/tmp/cvs-serv26237/lib/python/Zope/Security/tests

Modified Files:
      Tag: SecurityProxy-branch
	testChecker.py 
Log Message:
Changed security code to use security proxies and name-based
security. This has pretty far-reaching implications:

- You now protect names/operations, *not* values. This means it's as
  easy yo protect data attributes that have simple values as it is to
  protect methods.

- There is no longer a __permissions__ attribute. :)

- There is no longer a validate method in either security managers or
  policies. 

- No more need to have a special compiler for restricted code.
  In exchange, lots of objects are proxies and code sometimes needs to
  be prepared to remove proxies.

In addition:

- Basic objects (None, strings, numbers, etc.) are not wrapped in
  context wrappers.

- There is a test that fails unless Python 2.3 is used.



=== Zope3/lib/python/Zope/Security/tests/testChecker.py 1.1.2.6 => 1.1.2.7 ===
     # Zope.App.Security.ISecurityPolicy.
 
-    def validate(self, name, value, context):
-        'See Zope.App.Security.ISecurityPolicy.ISecurityPolicy'
-        permission = getattr(value, '__permission__', None)
-        if permission is None:
-            raise Forbidden(name, value)
-
-        if not self.checkPermission(permission, object, context):
-            raise Unauthorized(name, value)
-
     def checkPermission(self, permission, object, context):
         'See Zope.App.Security.ISecurityPolicy.ISecurityPolicy'