[Zope-Checkins] CVS: Zope3/lib/python/Zope/App/Security - IAuthenticationService.py:1.3 ZopeSecurityPolicy.py:1.3 configure.zcml:1.2 meta.zcml:1.2 metaConfigure.py:1.3 protectClass.py:1.3 AnnotationPrincipalPermissionManager.py:NONE AnnotationPrincipalRoleManager.py:NONE AnnotationRolePermissionManager.py:NONE IPermissionGroup.py:NONE IPermissionGroupService.py:NONE LocalSecurityMap.py:NONE PermissionRegistry.py:NONE PrincipalPermissionManager.py:NONE PrincipalPermissionView.py:NONE PrincipalRegistry.py:NONE PrincipalRoleManager.py:NONE PrincipalRoleView.py:NONE RegisteredObject.py:NONE Registry.py:NONE RolePermissionManager.py:NONE RolePermissionView.py:NONE RoleRegistry.py:NONE SecurityMap.py:NONE Zope3RoleManagement.py:NONE
Jim Fulton
jim@zope.com
Thu, 20 Jun 2002 11:55:30 -0400
Update of /cvs-repository/Zope3/lib/python/Zope/App/Security
In directory cvs.zope.org:/tmp/cvs-serv15462/lib/python/Zope/App/Security
Modified Files:
IAuthenticationService.py ZopeSecurityPolicy.py configure.zcml
meta.zcml metaConfigure.py protectClass.py
Removed Files:
AnnotationPrincipalPermissionManager.py
AnnotationPrincipalRoleManager.py
AnnotationRolePermissionManager.py IPermissionGroup.py
IPermissionGroupService.py LocalSecurityMap.py
PermissionRegistry.py PrincipalPermissionManager.py
PrincipalPermissionView.py PrincipalRegistry.py
PrincipalRoleManager.py PrincipalRoleView.py
RegisteredObject.py Registry.py RolePermissionManager.py
RolePermissionView.py RoleRegistry.py SecurityMap.py
Zope3RoleManagement.py
Log Message:
implemented:
http://dev.zope.org/Wikis/DevSite/Projects/ComponentArchitecture/MergeSecurityIntoZopeNamespace
While I was at it, I couldn't resist implementing a variation of:
http://dev.zope.org/Wikis/DevSite/Projects/ComponentArchitecture/SecurityPackageReorg
which was a lot more work.
=== Zope3/lib/python/Zope/App/Security/IAuthenticationService.py 1.2 => 1.3 ===
"""
- def defaultPrincipal():
+ def unauthenticatedPrincipal():
"""
- Return the id of the default principal, if one is defined;
- return None if no default principal is defined.
+ Return the id of the unauthenticated principal, if one is defined;
+ return None if no unauthenticated principal is defined.
"""
def unauthorized(id, request):
=== Zope3/lib/python/Zope/App/Security/ZopeSecurityPolicy.py 1.2 => 1.3 ===
import IPrincipalRoleManager
from Zope.App.Security.IRolePermissionManager import IRolePermissionManager
-from Zope.App.Security.PermissionRegistry import permissionRegistry
-from Zope.App.Security.PrincipalRegistry import principalRegistry
-from Zope.App.Security.RoleRegistry import roleRegistry
-from Zope.App.Security.PrincipalPermissionManager \
+from Zope.App.Security.Registries.PermissionRegistry import permissionRegistry
+from Zope.App.Security.Registries.PrincipalRegistry import principalRegistry
+from Zope.App.Security.Registries.RoleRegistry import roleRegistry
+from Zope.App.Security.Grants.Global.PrincipalPermissionManager \
import principalPermissionManager
-from Zope.App.Security.RolePermissionManager import rolePermissionManager
-from Zope.App.Security.PrincipalRoleManager import principalRoleManager
+from Zope.App.Security.Grants.Global.RolePermissionManager \
+ import rolePermissionManager
+from Zope.App.Security.Grants.Global.PrincipalRoleManager \
+ import principalRoleManager
from Zope.App.Security.Settings import Allow, Deny, Assign, Remove, Unset
from types import StringType, StringTypes, TupleType, ListType, IntType, MethodType, NoneType
=== Zope3/lib/python/Zope/App/Security/configure.zcml 1.1 => 1.2 ===
xmlns='http://namespaces.zope.org/zope'
- xmlns:security='http://namespaces.zope.org/security'
xmlns:zmi='http://namespaces.zope.org/zmi'
xmlns:browser='http://namespaces.zope.org/browser'
->
- <serviceType
- id="RoleService"
- interface="Zope.App.Security.IRoleService." />
- <service
- serviceType="RoleService"
- component="Zope.App.Security.RoleRegistry.roleRegistry" />
+ >
- <serviceType
- id="PermissionService"
- interface="Zope.App.Security.IPermissionService." />
- <service
- serviceType="PermissionService"
- component="Zope.App.Security.PermissionRegistry.permissionRegistry" />
+ <include package=".Registries" />
+ <include package=".Grants" />
- <serviceType
- id="AuthenticationService"
- interface="Zope.App.Security.IAuthenticationService." />
- <service
- serviceType="AuthenticationService"
- component="Zope.App.Security.PrincipalRegistry.principalRegistry" />
-
- <security:defaultPolicy
+ <securityPolicy
name="Zope.App.Security.ZopeSecurityPolicy.zopeSecurityPolicy" />
<adapter factory="Zope.App.Security.BasicAuthAdapter."
@@ -39,65 +21,6 @@
<adapter factory="Zope.App.Security.BasicVFSAuthAdapter."
provides="Zope.App.Security.ILoginPassword."
for="Zope.Publisher.VFS.IVFSCredentials." />
-
-
-<!-- Role-Permission management view -->
-
- <content class=".RolePermissionView.PermissionRoles.">
- <security:require
- permission="Zope.Security"
- attributes="roles rolesInfo"
- interface="Zope.App.Security.IRegisteredObject." />
- </content>
-
- <browser:view for="Zope.App.OFS.Annotation.IAnnotatable."
- permission="Zope.Security"
- factory="Zope.App.Security.RolePermissionView.">
-
- <browser:page name="AllRolePermissions.html"
- attribute="index" />
- <browser:page name="ChangeAllRolePermissions.html"
- attribute="action" />
- <browser:page name="RolePermissions.html"
- attribute="manage_RoleForm" />
- <browser:page name="ChangeRolePermissions.html"
- attribute="update_role" />
- <browser:page name="RolesWithPermission.html"
- attribute="manage_permissionForm" />
- <browser:page name="ChangeRolesWithPermission.html"
- attribute="update_permission" />
- </browser:view>
-
- <adapter factory=".AnnotationRolePermissionManager."
- provides=".IRolePermissionManager."
- for="Zope.App.OFS.Annotation.IAnnotatable." />
-
-
-<!-- Principal-Permission management view -->
-
- <content class=".PrincipalPermissionView.">
- <security:require
- permission="Zope.Security"
- attributes="index get_principal unsetPermissions denyPermissions
- grantPermissions getUnsetPermissionsForPrincipal
- getPermissionsForPrincipal" />
- </content>
-
- <browser:view
- name="PrincipalPermissionsManagement"
- for="Zope.App.OFS.Annotation.IAnnotatable."
- factory=".PrincipalPermissionView." />
-
- <adapter factory=".AnnotationPrincipalPermissionManager."
- provides=".IPrincipalPermissionManager."
- for="Zope.App.OFS.Annotation.IAnnotatable." />
-
-
- <!-- protect Roles and Permissions -->
- <content class=".RoleRegistry.Role">
- <security:allow
- interface="Zope.App.Security.IRegisteredObject." />
- </content>
</zopeConfigure>
=== Zope3/lib/python/Zope/App/Security/meta.zcml 1.1 => 1.2 ===
- <!-- Zope.App.Security -->
- <directives namespace="http://namespaces.zope.org/security">
- <directive name="permission"
- attributes="id title description"
- handler="Zope.App.Security.metaConfigure.definePermission" />
- <directive name="role"
- attributes="id title description"
- handler="Zope.App.Security.metaConfigure.defineRole" />
- <directive name="defaultPolicy" attributes="name"
- handler="Zope.App.Security.metaConfigure.defaultPolicy" />
- <directive name="principal" attributes="id title description"
- handler="Zope.App.Security.metaConfigure.principal" />
- <directive name="defaultPrincipal"
- attributes="principal title description"
- handler="Zope.App.Security.metaConfigure.defaultPrincipal" />
- <directive name="grantPermissionToRole" attributes="permission role"
- handler="Zope.App.Security.metaConfigure.grantPermissionToRole" />
- <directive
- name="grantPermissionToPrincipal"
- attributes="permission principal"
- handler="Zope.App.Security.metaConfigure.grantPermissionToPrincipal" />
- <directive name="assignRoleToPrincipal" attributes="role principal"
- handler="Zope.App.Security.metaConfigure.assignRoleToPrincipal" />
+ <include package=".Registries" file="meta.zcml" />
+ <include package=".Grants.Global" file="meta.zcml" />
+
+ <directives namespace="http://namespaces.zope.org/zope">
+ <directive name="securityPolicy" attributes="name"
+ handler="Zope.App.Security.metaConfigure.securityPolicy" />
</directives>
</zopeConfigure>
=== Zope3/lib/python/Zope/App/Security/metaConfigure.py 1.2 => 1.3 ===
$Id$
"""
-from PermissionRegistry import permissionRegistry as perm_reg
-from RoleRegistry import roleRegistry as role_reg
-from Zope.Security.SecurityManager import setSecurityPolicy
-from PrincipalRegistry import principalRegistry
-from RolePermissionManager import rolePermissionManager as role_perm_mgr
-from PrincipalPermissionManager import principalPermissionManager \
- as principal_perm_mgr
-from PrincipalRoleManager import principalRoleManager as principal_role_mgr
+
from Zope.Configuration.Action import Action
+from Zope.Security.SecurityManager import setSecurityPolicy
-def defaultPolicy(_context, name):
+def securityPolicy(_context, name):
policy = _context.resolve(name)
if callable(policy):
policy = policy()
@@ -36,70 +30,5 @@
args = (policy,),
)
]
-
-def definePermission(_context, id, title, description=''):
- return [
- Action(
- discriminator = ('definePermission', id),
- callable = perm_reg.definePermission,
- args = (id, title, description),
- )
- ]
-
-def defineRole(_context, id, title, description=''):
- return [
- Action(
- discriminator = ('defineRole', id),
- callable = role_reg.defineRole,
- args = (id, title, description),
- )
- ]
-
-def principal(_context, id, title, login, password, description=''):
- return [
- Action(
- discriminator = ('principal', id),
- callable = principalRegistry.definePrincipal,
- args = (id, title, description, login, password),
- )
- ]
-
-def defaultPrincipal(_context, id, title, description=''):
- return [
- Action(
- discriminator = 'defaultPrincipal',
- callable = principalRegistry.defineDefaultPrincipal,
- args = (id, title, description),
- )
- ]
-
-def grantPermissionToRole(_context, permission, role):
- return [
- Action(
- discriminator = ('grantPermissionToRole', permission, role),
- callable = role_perm_mgr.grantPermissionToRole,
- args = (permission, role),
- )
- ]
-
-def grantPermissionToPrincipal(_context, permission, principal):
- return [
- Action(
- discriminator = ('grantPermissionToPrincipal',
- permission,
- principal),
- callable = principal_perm_mgr.grantPermissionToPrincipal,
- args = (permission, principal),
- )
- ]
-
-def assignRoleToPrincipal(_context, role, principal):
- return [
- Action(
- discriminator = ('assignRoleToPrincipal', role, principal),
- callable = principal_role_mgr.assignRoleToPrincipal,
- args = (role, principal),
- )
- ]
=== Zope3/lib/python/Zope/App/Security/protectClass.py 1.2 => 1.3 ===
from Exceptions import UndefinedPermissionError
-from PermissionRegistry import permissionRegistry
+from Registries.PermissionRegistry import permissionRegistry
from Zope.Security.Checker import defineChecker, getCheckerForInstancesOf
from Zope.Security.Checker import Checker, CheckerPublic
=== Removed File Zope3/lib/python/Zope/App/Security/AnnotationPrincipalPermissionManager.py ===
=== Removed File Zope3/lib/python/Zope/App/Security/AnnotationPrincipalRoleManager.py ===
=== Removed File Zope3/lib/python/Zope/App/Security/AnnotationRolePermissionManager.py ===
=== Removed File Zope3/lib/python/Zope/App/Security/IPermissionGroup.py ===
=== Removed File Zope3/lib/python/Zope/App/Security/IPermissionGroupService.py ===
=== Removed File Zope3/lib/python/Zope/App/Security/LocalSecurityMap.py ===
=== Removed File Zope3/lib/python/Zope/App/Security/PermissionRegistry.py ===
=== Removed File Zope3/lib/python/Zope/App/Security/PrincipalPermissionManager.py ===
=== Removed File Zope3/lib/python/Zope/App/Security/PrincipalPermissionView.py ===
=== Removed File Zope3/lib/python/Zope/App/Security/PrincipalRegistry.py ===
=== Removed File Zope3/lib/python/Zope/App/Security/PrincipalRoleManager.py ===
=== Removed File Zope3/lib/python/Zope/App/Security/PrincipalRoleView.py ===
=== Removed File Zope3/lib/python/Zope/App/Security/RegisteredObject.py ===
=== Removed File Zope3/lib/python/Zope/App/Security/Registry.py ===
=== Removed File Zope3/lib/python/Zope/App/Security/RolePermissionManager.py ===
=== Removed File Zope3/lib/python/Zope/App/Security/RolePermissionView.py ===
=== Removed File Zope3/lib/python/Zope/App/Security/RoleRegistry.py ===
=== Removed File Zope3/lib/python/Zope/App/Security/SecurityMap.py ===
=== Removed File Zope3/lib/python/Zope/App/Security/Zope3RoleManagement.py ===