[Zope3-checkins] CVS: Zope3/src/zope/app/security/grants - principalpermission.py:1.1 principalrole.py:1.1 rolepermission.py:1.1 securitymap.py:1.1 configure.zcml:1.3 metaconfigure.py:1.3 annotationprincipalpermissionmanager.py:NONE annotationprincipalrolemanager.py:NONE annotationrolepermissionmanager.py:NONE localsecuritymap.py:NONE persistentlocalsecuritymap.py:NONE principalpermissionmanager.py:NONE principalrolemanager.py:NONE rolepermissionmanager.py:NONE rolepermissions.py:NONE

Jim Fulton jim@zope.com
Thu, 26 Dec 2002 13:49:38 -0500


Update of /cvs-repository/Zope3/src/zope/app/security/grants
In directory cvs.zope.org:/tmp/cvs-serv19745/grants

Modified Files:
	configure.zcml metaconfigure.py 
Added Files:
	principalpermission.py principalrole.py rolepermission.py 
	securitymap.py 
Removed Files:
	annotationprincipalpermissionmanager.py 
	annotationprincipalrolemanager.py 
	annotationrolepermissionmanager.py localsecuritymap.py 
	persistentlocalsecuritymap.py principalpermissionmanager.py 
	principalrolemanager.py rolepermissionmanager.py 
	rolepermissions.py 
Log Message:
Added functions for checking validity of permission, role, and
principal ids.

Updated global grants to perform these chacks.

Renamed and consolidated a number of files in the ongoing quest to get
to single-line imports.



=== Added File Zope3/src/zope/app/security/grants/principalpermission.py ===
##############################################################################
#
# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
# All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.0 (ZPL).  A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
"""Mappings between principals and permissions, stored in an object locally."""

from zope.component import getAdapter

from zope.app.interfaces.annotation import IAnnotations
from zope.app.interfaces.security import IPrincipalPermissionManager

from zope.app.security.settings import Allow, Deny, Unset
from zope.app.security.principal import checkPrincipal
from zope.app.security.permission import checkPermission

from zope.app.security.grants.securitymap import SecurityMap

annotation_key = 'zopel.app.security.AnnotationPrincipalPermissionManager'

class AnnotationPrincipalPermissionManager:
    """Mappings between principals and permissions."""

    __implements__ = IPrincipalPermissionManager

    def __init__(self, context):
        self._context = context

    def grantPermissionToPrincipal(self, permission_id, principal_id):
        ''' See the interface IPrincipalPermissionManager '''
        pp = self._getPrincipalPermissions(create=1)
        pp.addCell(permission_id, principal_id, Allow)
        self._context._p_changed = 1

    def denyPermissionToPrincipal(self, permission_id, principal_id):
        ''' See the interface IPrincipalPermissionManager '''
        pp = self._getPrincipalPermissions(create=1)
        pp.addCell(permission_id, principal_id, Deny)
        self._context._p_changed = 1

    def unsetPermissionForPrincipal(self, permission_id, principal_id):
        ''' See the interface IPrincipalPermissionManager '''
        pp = self._getPrincipalPermissions()
        # Only unset if there is a security map, otherwise, we're done
        if pp:
            pp.delCell(permission_id, principal_id)
            self._context._p_changed = 1

    def getPrincipalsForPermission(self, permission_id):
        ''' See the interface IPrincipalPermissionManager '''
        pp = self._getPrincipalPermissions()
        if pp:
            return pp.getRow(permission_id)
        return []

    def getPermissionsForPrincipal(self, principal_id):
        ''' See the interface IPrincipalPermissionManager '''
        pp = self._getPrincipalPermissions()
        if pp:
            return pp.getCol(principal_id)
        return []

    def getSetting(self, permission_id, principal_id):
        ''' See the interface IPrincipalPermissionManager '''
        pp = self._getPrincipalPermissions()
        if pp:
            return pp.getCell(permission_id, principal_id, default=Unset)
        return []

    def getPrincipalsAndPermissions(self):
        ''' See the interface IPrincipalPermissionManager '''
        pp = self._getPrincipalPermissions()
        if pp:
            return pp.getAllCells()
        return []

    # Implementation helpers

    def _getPrincipalPermissions(self, create=0):
        """ Get the principal permission map stored in the context, optionally
            creating one if necessary """
        # need to remove security proxies here, otherwise we enter
        # an infinite loop, becuase checking security depends on
        # getting PrincipalPermissions.
        from zope.proxy.introspection import removeAllProxies
        context = removeAllProxies(self._context)
        annotations = getAdapter(context, IAnnotations)
        try:
            return annotations[annotation_key]
        except KeyError:
            if create:
                rp = annotations[annotation_key] = SecurityMap()
                return rp
        return None


class PrincipalPermissionManager(SecurityMap):
    """Mappings between principals and permissions."""

    __implements__ = IPrincipalPermissionManager

    def grantPermissionToPrincipal(self, permission_id, principal_id,
                                   check=True):
        ''' See the interface IPrincipalPermissionManager '''

        if check:
            checkPermission(None, permission_id)
            checkPrincipal(None, principal_id)
        
        self.addCell(permission_id, principal_id, Allow)

    def denyPermissionToPrincipal(self, permission_id, principal_id,
                                  check=True):
        ''' See the interface IPrincipalPermissionManager '''

        if check:
            checkPermission(None, permission_id)
            checkPrincipal(None, principal_id)

        self.addCell(permission_id, principal_id, Deny)

    def unsetPermissionForPrincipal(self, permission_id, principal_id):
        ''' See the interface IPrincipalPermissionManager '''

        # Don't check validity intentionally.
        # After all, we certianly want to unset invalid ids.
        
        self.delCell(permission_id, principal_id)

    def getPrincipalsForPermission(self, permission_id):
        ''' See the interface IPrincipalPermissionManager '''
        return self.getRow(permission_id)

    def getPermissionsForPrincipal(self, principal_id):
        ''' See the interface IPrincipalPermissionManager '''
        return self.getCol(principal_id)

    def getSetting(self, permission_id, principal_id):
        ''' See the interface IPrincipalPermissionManager '''
        return self.getCell(permission_id, principal_id, default=Unset)

    def getPrincipalsAndPermissions(self):
        ''' See the interface IPrincipalPermissionManager '''
        return self.getAllCells()


# Permissions are our rows, and principals are our columns
principalPermissionManager = PrincipalPermissionManager()


# Register our cleanup with Testing.CleanUp to make writing unit tests simpler.
from zope.testing.cleanup import addCleanUp
addCleanUp(principalPermissionManager._clear)
del addCleanUp


=== Added File Zope3/src/zope/app/security/grants/principalrole.py ===
##############################################################################
#
# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
# All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.0 (ZPL).  A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
"""Mappings between principals and roles, stored in an object locally."""

from zope.component import getAdapter

from zope.app.interfaces.annotation import IAnnotations
from zope.app.interfaces.security import IPrincipalRoleManager
from zope.app.interfaces.security import IPrincipalRoleMap

from zope.app.security.settings import Allow, Deny, Unset
from zope.app.security.grants.securitymap import SecurityMap
from zope.app.security.grants.securitymap import PersistentSecurityMap

from zope.app.security.principal import checkPrincipal
from zope.app.security.role import checkRole

annotation_key = 'zope.app.security.AnnotationPrincipalRoleManager'

class AnnotationPrincipalRoleManager:
    """Mappings between principals and roles."""

    __implements__ = IPrincipalRoleManager

    def __init__(self, context):
        self._context = context

    def assignRoleToPrincipal(self, role_id, principal_id):
        ''' See the interface IPrincipalRoleManager '''
        pp = self._getPrincipalRoles(create=1)
        pp.addCell(role_id, principal_id, Allow)

    def removeRoleFromPrincipal(self, role_id, principal_id):
        ''' See the interface IPrincipalRoleManager '''
        pp = self._getPrincipalRoles(create=1)
        pp.addCell(role_id, principal_id, Deny)

    def unsetRoleForPrincipal(self, role_id, principal_id):
        ''' See the interface IPrincipalRoleManager '''
        pp = self._getPrincipalRoles()
        # Only unset if there is a security map, otherwise, we're done
        if pp:
            pp.delCell(role_id, principal_id)

    def getPrincipalsForRole(self, role_id):
        ''' See the interface IPrincipalRoleManager '''
        pp = self._getPrincipalRoles()
        if pp:
            return pp.getRow(role_id)
        return []

    def getRolesForPrincipal(self, principal_id):
        ''' See the interface IPrincipalRoleManager '''
        pp = self._getPrincipalRoles()
        if pp:
            return pp.getCol(principal_id)
        return []

    def getSetting(self, role_id, principal_id):
        ''' See the interface IPrincipalRoleManager '''
        pp = self._getPrincipalRoles()
        if pp:
            return pp.getCell(role_id, principal_id, default=Unset)
        return Unset

    def getPrincipalsAndRoles(self):
        ''' See the interface IPrincipalRoleManager '''
        pp = self._getPrincipalRoles()
        if pp:
            return pp.getAllCells()
        return []

    # Implementation helpers

    def _getPrincipalRoles(self, create=0):
        """ Get the principal role map stored in the context, optionally
            creating one if necessary """
        annotations = getAdapter(self._context, IAnnotations)
        try:
            return annotations[annotation_key]
        except KeyError:
            if create:
                rp = annotations[annotation_key] = PersistentSecurityMap()
                return rp
        return None


class PrincipalRoleManager(SecurityMap):
    """Mappings between principals and roles."""

    __implements__ = (IPrincipalRoleManager, IPrincipalRoleMap)

    def assignRoleToPrincipal(self, role_id, principal_id, check=True):
        ''' See the interface IPrincipalRoleManager '''

        if check:
            checkPrincipal(None, principal_id)
            checkRole(None, role_id)

        self.addCell(role_id, principal_id, Allow)

    def removeRoleFromPrincipal(self, role_id, principal_id, check=True):
        ''' See the interface IPrincipalRoleManager '''

        if check:
            checkPrincipal(None, principal_id)
            checkRole(None, role_id)

        self.addCell(role_id, principal_id, Deny)

    def unsetRoleForPrincipal(self, role_id, principal_id):
        ''' See the interface IPrincipalRoleManager '''

        # Don't check validity intentionally.
        # After all, we certianly want to unset invalid ids.

        self.delCell(role_id, principal_id)

    def getPrincipalsForRole(self, role_id):
        ''' See the interface IPrincipalRoleMap '''
        return self.getRow(role_id)

    def getRolesForPrincipal(self, principal_id):
        ''' See the interface IPrincipalRoleMap '''
        return self.getCol(principal_id)

    def getSetting(self, role_id, principal_id):
        ''' See the interface IPrincipalRoleMap '''
        return self.getCell(role_id, principal_id, default=Unset)

    def getPrincipalsAndRoles(self):
        ''' See the interface IPrincipalRoleMap '''
        return self.getAllCells()

# Roles are our rows, and principals are our columns
principalRoleManager = PrincipalRoleManager()

# Register our cleanup with Testing.CleanUp to make writing unit tests simpler.
from zope.testing.cleanup import addCleanUp
addCleanUp(principalRoleManager._clear)
del addCleanUp


=== Added File Zope3/src/zope/app/security/grants/rolepermission.py ===
##############################################################################
#
# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
# All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.0 (ZPL).  A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
"""

$Id: rolepermission.py,v 1.1 2002/12/26 18:49:07 jim Exp $
"""
from zope.component import getAdapter

from zope.app.interfaces.annotation import IAnnotations
from zope.app.interfaces.security import IRolePermissionMap
from zope.app.interfaces.security import IRolePermissionManager
from zope.app.interfaces.security import IRole

from zope.app.security.settings import Allow, Deny, Unset
from zope.app.security.role import checkRole
from zope.app.security.permission import checkPermission
from zope.app.security.grants.securitymap import PersistentSecurityMap
from zope.app.security.grants.securitymap import SecurityMap

annotation_key = 'zope.app.security.AnnotationRolePermissionManager'

class AnnotationRolePermissionManager:
    """
    provide adapter that manages role permission data in an object attribute
    """

    __implements__ = IRolePermissionManager, IRolePermissionMap

    def __init__(self, context):
        self._context = context

    def grantPermissionToRole(self, permission_id, role_id):
        ''' See the interface IRolePermissionManager '''
        rp = self._getRolePermissions(create=1)
        rp.addCell(permission_id, role_id, Allow)
        # probably not needed, as annotations should manage
        # their own persistence
        #self._context._p_changed = 1

    def denyPermissionToRole(self, permission_id, role_id):
        ''' See the interface IRolePermissionManager '''
        rp = self._getRolePermissions(create=1)
        rp.addCell(permission_id, role_id, Deny)
        # probably not needed, as annotations should manage
        # their own persistence
        #self._context._p_changed = 1

    def unsetPermissionFromRole(self, permission_id, role_id):
        ''' See the interface IRolePermissionManager '''
        rp = self._getRolePermissions()
        # Only unset if there is a security map, otherwise, we're done
        if rp:
            rp.delCell(permission_id, role_id)
            # probably not needed, as annotations should manage
            # their own persistence
            #self._context._p_changed = 1

    def getRolesForPermission(self, permission_id):
        '''See interface IRolePermissionMap'''
        rp = self._getRolePermissions()
        if rp:
            return rp.getRow(permission_id)
        else:
            return []

    def getPermissionsForRole(self, role_id):
        '''See interface IRolePermissionMap'''
        rp = self._getRolePermissions()
        if rp:
            return rp.getCol(role_id)
        else:
            return []

    def getRolesAndPermissions(self):
        '''See interface IRolePermissionMap'''
        rp = self._getRolePermissions()
        if rp:
            return rp.getAllCells()
        else:
            return []

    def getSetting(self, permission_id, role_id):
        '''See interface IRolePermissionMap'''
        rp = self._getRolePermissions()
        if rp:
            return rp.getCell(permission_id, role_id)
        else:
            return Unset

    def _getRolePermissions(self, create=0):
        """Get the role permission map stored in the context, optionally
           creating one if necessary"""
        # need to remove security proxies here, otherwise we enter
        # an infinite loop, becuase checking security depends on
        # getting RolePermissions.
        from zope.proxy.introspection import removeAllProxies
        context = removeAllProxies(self._context)
        annotations = getAdapter(context, IAnnotations)
        try:
            return annotations[annotation_key]
        except KeyError:
            if create:
                rp = annotations[annotation_key] = PersistentSecurityMap()
                return rp
        return None

class RolePermissions:

    __implements__ = IRole

    def __init__(self, role, context, permissions):
        self._role = role
        self._context = context
        self._permissions = permissions

    def getId(self):
        return self._role.getId()

    def getTitle(self):
        return self._role.getTitle()

    def getDescription(self):
        return self._role.getDescription()

    def permissionsInfo(self):
        prm = getAdapter(self._context, IRolePermissionManager)
        rperms = prm.getPermissionsForRole(self._role.getId())
        settings = {}
        for permission, setting in rperms:
            settings[permission] = setting.getName()
        nosetting = Unset.getName()
        return [{'id': permission.getId(),
                 'title': permission.getTitle(),
                 'setting': settings.get(permission.getId(), nosetting)}
                for permission in self._permissions]


class RolePermissionManager(SecurityMap):
    """Mappings between roles and permissions."""

    __implements__ = IRolePermissionManager

    def grantPermissionToRole(self, permission_id, role_id, check=True):
        '''See interface IRolePermissionMap'''

        if check:
            checkRole(None, role_id)
            checkPermission(None, permission_id)
        
        self.addCell(permission_id, role_id, Allow)

    def denyPermissionToRole(self, permission_id, role_id, check=True):
        '''See interface IRolePermissionMap'''

        if check:
            checkRole(None, role_id)
            checkPermission(None, permission_id)
        
        self.addCell(permission_id, role_id, Deny)

    def unsetPermissionFromRole(self, permission_id, role_id):
        '''See interface IRolePermissionMap'''

        # Don't check validity intentionally.
        # After all, we certianly want to unset invalid ids.
        
        self.delCell(permission_id, role_id)

    def getRolesForPermission(self, permission_id):
        '''See interface IRolePermissionMap'''
        return self.getRow(permission_id)

    def getPermissionsForRole(self, role_id):
        '''See interface IRolePermissionMap'''
        return self.getCol(role_id)

    def getSetting(self, permission_id, role_id):
        '''See interface IRolePermissionMap'''
        return self.getCell(permission_id, role_id)

    def getRolesAndPermissions(self):
        '''See interface IRolePermissionMap'''
        return self.getAllCells()

# Permissions are our rows, and roles are our columns
rolePermissionManager = RolePermissionManager()

# Register our cleanup with Testing.CleanUp to make writing unit tests simpler.
from zope.testing.cleanup import addCleanUp
addCleanUp(rolePermissionManager._clear)
del addCleanUp


=== Added File Zope3/src/zope/app/security/grants/securitymap.py ===
##############################################################################
#
# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
# All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.0 (ZPL).  A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
""" Generic two-dimensional array type """

from persistence import Persistent
from persistence.dict import PersistentDict
from zope.app.interfaces.security.grants.securitymap import ISecurityMap

class SecurityMap(object):

    __implements__ = ISecurityMap

    def __init__(self):
        self._clear()

    def _clear(self):
        self._byrow = {}
        self._bycol = {}

    def _empty_mapping(self):
        return {}

    def addCell(self, rowentry, colentry, value):
        # setdefault may get expensive if an empty mapping is
        # expensive to create, for PersistentDict for instance.
        row = self._byrow.setdefault(rowentry, self._empty_mapping())
        row[colentry] = value

        col = self._bycol.setdefault(colentry, self._empty_mapping())
        col[rowentry] = value

    def delCell(self, rowentry, colentry):
        row = self._byrow.get(rowentry)
        if row and (colentry in row):
            del self._byrow[rowentry][colentry]
            del self._bycol[colentry][rowentry]

    def getCell(self, rowentry, colentry, default=None):
        " return the value of a cell by row, entry "
        row = self._byrow.get(rowentry)
        if row: return row.get(colentry, default)
        else: return default

    def getRow(self, rowentry):
        " return a list of (colentry, value) tuples from a row "
        row = self._byrow.get(rowentry)
        if row:
            return row.items()
        else: return []

    def getCol(self, colentry):
        " return a list of (rowentry, value) tuples from a col "
        col = self._bycol.get(colentry)
        if col:
            return col.items()
        else: return []

    def getAllCells(self):
        " return a list of (rowentry, colentry, value) "
        res = []
        for r in self._byrow.keys():
            for c in self._byrow[r].items():
                res.append((r,) + c)
        return res


class PersistentSecurityMap(SecurityMap, Persistent):

    __implements__ = ISecurityMap

    def _clear(self):
        self._byrow = PersistentDict()
        self._bycol = PersistentDict()

    def _empty_mapping(self):
        return PersistentDict()


=== Zope3/src/zope/app/security/grants/configure.zcml 1.2 => 1.3 ===
--- Zope3/src/zope/app/security/grants/configure.zcml:1.2	Wed Dec 25 09:13:16 2002
+++ Zope3/src/zope/app/security/grants/configure.zcml	Thu Dec 26 13:49:07 2002
@@ -1,34 +1,38 @@
 <zopeConfigure
    xmlns='http://namespaces.zope.org/zope'
    xmlns:browser='http://namespaces.zope.org/browser'
-   package="zope.app.security"
->
+   >
 
-  <content class="zope.app.security.grants.permissionroles.PermissionRoles">
+  <content class=".permissionroles.PermissionRoles">
     <require
         permission="zope.Security"
         attributes="roles rolesInfo"
-        interface="zope.app.interfaces.security.IRegisteredObject" />
-  </content>
+        interface="zope.app.interfaces.security.IRegisteredObject" 
+        />
+    </content>
 
-  <content class="zope.app.security.grants.rolepermissions.RolePermissions">
+  <content class="zope.app.security.grants.rolepermission.RolePermissions">
     <require
         permission="zope.Security"
         attributes="permissions permissionsInfo"
-        interface="zope.app.interfaces.security.IRegisteredObject" />
-  </content>
+        interface="zope.app.interfaces.security.IRegisteredObject" 
+        />
+    </content>
 
-  <adapter factory="zope.app.security.grants.annotationrolepermissionmanager.AnnotationRolePermissionManager"
+  <adapter factory=".rolepermission.AnnotationRolePermissionManager"
            provides="zope.app.interfaces.security.IRolePermissionManager"
-           for="zope.app.interfaces.annotation.IAnnotatable" />
+           for="zope.app.interfaces.annotation.IAnnotatable" 
+           />
 
-  <adapter factory="zope.app.security.grants.annotationprincipalrolemanager.AnnotationPrincipalRoleManager"
+  <adapter factory=".principalrole.AnnotationPrincipalRoleManager"
            provides="zope.app.interfaces.security.IPrincipalRoleManager"
-           for="zope.app.interfaces.annotation.IAnnotatable" />
+           for="zope.app.interfaces.annotation.IAnnotatable" 
+           />
 
-  <adapter factory="zope.app.security.grants.annotationprincipalpermissionmanager.AnnotationPrincipalPermissionManager"
+  <adapter factory=".principalpermission.AnnotationPrincipalPermissionManager"
            provides="zope.app.interfaces.security.IPrincipalPermissionManager"
-           for="zope.app.interfaces.annotation.IAnnotatable" />
+           for="zope.app.interfaces.annotation.IAnnotatable" 
+           />
 
 </zopeConfigure>
 


=== Zope3/src/zope/app/security/grants/metaconfigure.py 1.2 => 1.3 ===
--- Zope3/src/zope/app/security/grants/metaconfigure.py:1.2	Wed Dec 25 09:13:16 2002
+++ Zope3/src/zope/app/security/grants/metaconfigure.py	Thu Dec 26 13:49:07 2002
@@ -15,11 +15,11 @@
 
 $Id$
 """
-from zope.app.security.grants.rolepermissionmanager \
+from zope.app.security.grants.rolepermission \
      import rolePermissionManager as role_perm_mgr
-from zope.app.security.grants.principalpermissionmanager \
+from zope.app.security.grants.principalpermission \
      import principalPermissionManager as principal_perm_mgr
-from zope.app.security.grants.principalrolemanager \
+from zope.app.security.grants.principalrole \
      import principalRoleManager as principal_role_mgr
 from zope.configuration.action import Action
 from zope.configuration.exceptions import ConfigurationError

=== Removed File Zope3/src/zope/app/security/grants/annotationprincipalpermissionmanager.py ===

=== Removed File Zope3/src/zope/app/security/grants/annotationprincipalrolemanager.py ===

=== Removed File Zope3/src/zope/app/security/grants/annotationrolepermissionmanager.py ===

=== Removed File Zope3/src/zope/app/security/grants/localsecuritymap.py ===

=== Removed File Zope3/src/zope/app/security/grants/persistentlocalsecuritymap.py ===

=== Removed File Zope3/src/zope/app/security/grants/principalpermissionmanager.py ===

=== Removed File Zope3/src/zope/app/security/grants/principalrolemanager.py ===

=== Removed File Zope3/src/zope/app/security/grants/rolepermissionmanager.py ===

=== Removed File Zope3/src/zope/app/security/grants/rolepermissions.py ===