[Zope-Checkins] CVS: Zope/lib/python/AccessControl - SecurityInfo.py:1.9.32.2

Tres Seaver tseaver@zope.com
Thu, 1 Aug 2002 13:47:08 -0400


Update of /cvs-repository/Zope/lib/python/AccessControl
In directory cvs.zope.org:/tmp/cvs-serv26081/lib/python/AccessControl

Modified Files:
      Tag: Zope-2_4-branch
	SecurityInfo.py 
Log Message:
 - Backport proper caching of ModuleSecurityInfo objects from 2.5.

=== Zope/lib/python/AccessControl/SecurityInfo.py 1.9.32.1 => 1.9.32.2 ===
     modsec.apply(module.__dict__)
     return module
 
-class ModuleSecurityInfo(SecurityInfo):
+def ModuleSecurityInfo(module_name=None):
+    if module_name is not None:
+        modsec = _moduleSecurity.get(module_name, None)
+        if modsec is not None:
+            return modsec
+        dot = module_name.rfind('.')
+        if dot > 0:
+            # If the module is in a package, recursively make sure
+            # there are security declarations for the package steps
+            # leading to the module
+            modname = module_name[dot + 1:]
+            pmodsec = ModuleSecurityInfo(module_name[:dot])
+            if not pmodsec.names.has_key(modname):
+                pmodsec.declarePublic(modname)
+    return _ModuleSecurityInfo(module_name)
+
+class _ModuleSecurityInfo(SecurityInfo):
     """Encapsulate security information for modules."""
 
     __roles__ = ACCESS_PRIVATE
@@ -328,3 +344,25 @@
         """Cannot set default roles for permissions in a module."""
         pass
 
+# Handy little utility functions
+
+def allow_module(module_name):
+    """Allow a module and all its contents to be used from a
+    restricted Script. The argument module_name may be a simple
+    or dotted module or package name. Note that if a package
+    path is given, all modules in the path will be available."""
+    ModuleSecurityInfo(module_name).setDefaultAccess(1)
+    dot = module_name.find('.')
+    while dot > 0:
+        ModuleSecurityInfo(module_name[:dot]).setDefaultAccess(1)
+        dot = module_name.find('.', dot + 1)
+
+def allow_class(Class):
+    """Allow a class and all of its methods to be used from a
+    restricted Script.  The argument Class must be a class."""
+    Class._security = sec = ClassSecurityInfo()
+    sec.declareObjectPublic()
+    sec.setDefaultAccess(1)
+    sec.apply(Class)
+    from Globals import InitializeClass
+    InitializeClass(Class)