[Zope-CMF] Re: [dev] checkPermission and proxy roles: proposal
yuppie
y.2004_ at wcm-solutions.de
Wed Feb 11 04:51:16 EST 2004
Hi!
Dieter Maurer wrote:
> I think, we should have both possibilities:
>
> [1] check whether the real user would have the permission
> (independent of proxy roles)
>
> [2] check whether the current context has the permission
> (dependent on the current proxy roles and other
> execution security aspects (such as ownership))
I'd like to replace utils._checkPermission in CMF HEAD with the attached
code. This would change the behavior of _checkPermission from [1] to
[2]. (If I didn't make a mistake.)
The way utils._checkPermission is used in CMF implies possibility [2]
would be the right behavior, the fact it implemented [1] looks like a
bug to me. I don't know of any code that'll break if we switch to [2].
I can see there might be a need for [1]. But in this case you can use
Zope's checkPermission method.
If there are no objections I'll soon make a CVS checkin of the attached
code.
Cheers,
Yuppie
security.declarePrivate('_checkPermission')
def _checkPermission(permission, obj):
""" Check if the current user has the permission on the given object.
"""
# this code is ported from ZopeSecurityPolicy.checkPermission
roles = rolesForPermissionOn(permission, obj)
if type(roles) in (StringType, UnicodeType):
roles = [roles]
context = getSecurityManager()._context
# check executable owner and proxy roles
# this code is ported from ZopeSecurityPolicy.validate
stack = context.stack
if stack:
eo = stack[-1]
owner = eo.getOwner()
if owner is not None:
if not owner.allowed(obj, roles):
return 0
proxy_roles = getattr(eo, '_proxy_roles', None)
if proxy_roles:
if obj is not aq_base(obj):
if not owner._check_context(obj):
return 0
for r in proxy_roles:
if r in roles:
return 1
return 0
return context.user.allowed(obj, roles)
More information about the Zope-CMF
mailing list