[Zope-Checkins] CVS: Zope3/lib/python/Zope/App/Security - Settings.py:1.1.2.4

Steve Alexander steve@cat-box.net
Sun, 17 Feb 2002 12:11:16 -0500 

Update of /cvs-repository/Zope3/lib/python/Zope/App/Security
In directory cvs.zope.org:/tmp/cvs-serv3039

Modified Files:
      Tag: Zope-3x-branch
	Settings.py 
Log Message:
Changed security settings to use pickle-proof symbolic-constant singletons.



=== Zope3/lib/python/Zope/App/Security/Settings.py 1.1.2.3 => 1.1.2.4 ===
 """ Security setting constants """
 
-# Explicit allow setting for permissions
-Allow = 'Allow'
+# PermissionSettingMetaClass and PermissionSetting function together to produce
+# typed constants. These constants (such as Allow, Deny, etc. below) can be
+# compared by identity, even when pickled and unpickled. This is because they
+# are stored in pickles just as the fully-qualified names of the classes
+# we're using for the constants.
+#
+# Methods and properties for PermissionSetting classes are set in the 
+# PermissionSettingMetaClass. See _setDescription and getDescription
+# for an example.
 
-# Explicit deny setting for permissions
-Deny = 'Deny'
+class PermissionSettingMetaClass(type):
+    def __init__(self, name, bases, namespace):
+        type.__init__(self, name, bases, namespace)
+        self._name=name
+        
+    def __str__(self):
+        return "PermissionSetting: %s" % self._name
+        
+    def _setDescription(self, description):
+        self._description=description
+    
+    def getDescription(self):
+        return self._description
+           
+class PermissionSetting(object):
+    __metaclass__=PermissionSettingMetaClass
+    def __init__(self):
+        raise TypeError, "Cannot instantiate PermissionSetting objects"
 
-# Unset constant that denotes no setting for permission and role
-Unset = 'Unset'
 
-# Explicit assign setting for roles
-Assign = 'Assign'
+class Allow(PermissionSetting): pass
+Allow._setDescription('Explicit allow setting for permissions')
 
-# Explicit remove setting for roles
-Remove = 'Remove'
+class Deny(PermissionSetting): pass
+Deny._setDescription('Explicit deny setting for permissions')
+
+class Unset(PermissionSetting): pass
+Unset._setDescription(
+  'Unset constant that denotes no setting for permission and role')
+
+class Assign(PermissionSetting): pass
+Assign._setDescription('Explicit assign setting for roles')
+
+class Remove(PermissionSetting): pass
+Remove._setDescription('Explicit remove setting for roles')