[Zope3-dev] Using classes as constants for security settings

Casey Duncan casey_duncan@yahoo.com
Sun, 17 Feb 2002 18:17:55 -0800 (PST) 

I would say this is the most descriptive all around
solution. I imagine the only reason to change it would
be if some other type gave significant performance
advantages over classes for some reason. I don't see
why that should be tho.

-Casey

--- Steve Spicklemire <steve@spvi.com> wrote:
> Hi Steve,
> 
> 	Good show! The only thing I can think of, is that
> this will be 
> heavily used code, and could be a target for
> optimization later. But, 
> with the new class/type unification, it doesn't seem
> likely that this 
> will be a problem. It also seems unlikely that these
> classes will really 
> "do" anything in their primary function as "constant
> state holders" so 
> I'd say "check it in!"
> 
> -steve
> 
> On Sunday, February 17, 2002, at 08:58 AM, Steve
> Alexander wrote:
> 
> > I've been playing around with various ways of
> getting symbolic 
> > constants that stay constant when you pickle and
> later unpickle them.
> >
> > Here's what I've come up with. This works as a
> replacement for 
> > Zope/App/Security/Settings.py.
> >
> > ----
> > """ Security setting constants """
> >
> > class PermissionSettingMetaClass(type):
> >     def __init__(self, name, bases, namespace):
> >         type.__init__(self, name, bases,
> namespace)
> >         self._name=name
> >
> >     def __str__(self):
> >         return "PermissionSetting: %s" %
> self._name
> >
> >     def _setDescription(self, description):
> >         self._description=description
> >
> >     def getDescription(self):
> >         return self._description
> >
> >
> > class PermissionSetting(object):
> >     __metaclass__=PermissionSettingMetaClass
> >     def __init__(self):
> >         raise TypeError, "Cannot instantiate
> PermissionSettings"
> >
> > # Explicit allow setting for permissions
> > class Allow(PermissionSetting): pass
> > Allow._setDescription("Explicit allow setting for
> permissions")
> >
> > # Explicit deny setting for permissions
> > class Deny(PermissionSetting): pass
> >
> > # Unset constant that denotes no setting for
> permission and role
> > class Unset(PermissionSetting): pass
> >
> > # Explicit assign setting for roles
> > class Assign(PermissionSetting): pass
> >
> > # Explicit remove setting for roles
> > class Remove(PermissionSetting): pass
> >
> > ----
> >
> > I have tested this, and several variations.
> >
> > There will only ever be one Allow class. The FQN
> of Allow is what gets 
> > stored with pickled objects.
> >
> > However, we can add methods and descriptions to
> Allow, and other 
> > permissions, by creating methods in
> PermissionSettingMetaClass.
> >
> > We can create __str__ and __repr__ methods on 
> > PermissionSettingMetaClass to make the individual
> permissions say 
> > something meaningful when printed.
> >
> >
> > The choice for Settings.py is now as follows:
> >
> >   * Numbers for the values of Allow, Deny, Unset
> etc.
> >
> >   * Strings for the values of Allow, Deny, Unset
> etc., and we always
> >     compare by equality, not identity
> >
> >   * Classes as symbolic constants, as above.
> Comparing by identity is
> >     fine.
> >
> > Any opinions?
> >
> > --
> > Steve Alexander
> >
> >
> > _______________________________________________
> > Zope3-dev mailing list
> > Zope3-dev@zope.org
> > http://lists.zope.org/mailman/listinfo/zope3-dev
> 


__________________________________________________
Do You Yahoo!?
Yahoo! Sports - Coverage of the 2002 Olympic Games
http://sports.yahoo.com