[Zope-CVS] CVS: Products/VerboseSecurity - VerboseSecurityPolicy.py:1.5

Shane Hathaway shane@cvs.zope.org
Fri, 30 Aug 2002 12:36:52 -0400


Update of /cvs-repository/Products/VerboseSecurity
In directory cvs.zope.org:/tmp/cvs-serv8543

Modified Files:
	VerboseSecurityPolicy.py 
Log Message:
Show the place where the user is defined.


=== Products/VerboseSecurity/VerboseSecurityPolicy.py 1.4 => 1.5 ===
--- Products/VerboseSecurity/VerboseSecurityPolicy.py:1.4	Fri Aug 30 11:21:39 2002
+++ Products/VerboseSecurity/VerboseSecurityPolicy.py	Fri Aug 30 12:36:52 2002
@@ -249,16 +249,16 @@
                     accessed, container, name, value, context)
             elif userHasRolesButNotInContext(context.user, value, roles):
                 info = setUnauthorized(
-                    "Your user account, %s, is defined outside "
-                    "the context of the object being accessed" % context.user,
+                    "Your user account is defined outside "
+                    "the context of the object being accessed",
                     accessed, container, name, value, context,
-                    required_roles=roles)
+                    required_roles=roles, user=context.user)
             else:
                 info = setUnauthorized(
-                    "Your user account, %s, does not "
-                    "have the required permission" % context.user,
+                    "Your user account does not "
+                    "have the required permission",
                     accessed, container, name, value, context,
-                    required_roles=roles,
+                    required_roles=roles, user=context.user,
                     user_roles=getUserRolesInContext(context.user, value))
             if accessedbase is containerbase:
                 raise Unauthorized(info)
@@ -291,6 +291,7 @@
 def setUnauthorized(msg, accessed, container, name, value, context,
                     required_roles=None,
                     user_roles=None,
+                    user=None,
                     eo=None,
                     eo_owner=None,
                     eo_owner_roles=None,
@@ -305,6 +306,13 @@
     if aq_base(container) is not aq_base(accessed):
         s += ', acquired through %s,' % item_repr(accessed)
     info = [s + ' denied.']
+    if user is not None:
+        try:
+            ufolder = '/'.join(aq_parent(aq_inner(user)).getPhysicalPath())
+        except:
+            ufolder = '(unknown)'
+        info.append('Your user account, %s, exists at %s.' % (
+            str(user), ufolder))
     if required_roles is not None:
         p = None
         required_roles = list(required_roles)