cco/loops
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

set state-based security as part of default security settings

Browse source
This commit is contained in:
Helmut Merz 2013-01-10 13:36:07 +01:00
parent 0c8cc8a24e
commit 5592ffb734
1 changed files with 28 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
security/setter.py
View file

@ -31,7 +31,10 @@ from zope.cachedescriptors.property import Lazy
from zope.interface import implements, Interface from zope.interface import implements, Interface
from zope.security.proxy import isinstance from zope.security.proxy import isinstance
from cybertools.meta.interfaces import IOptions
from cybertools.stateful.interfaces import IStateful
from loops.common import adapted, AdapterBase, baseObject from loops.common import adapted, AdapterBase, baseObject
from loops.config.base import DummyOptions
from loops.interfaces import IConceptSchema, IBaseResourceSchema, ILoopsAdapter from loops.interfaces import IConceptSchema, IBaseResourceSchema, ILoopsAdapter
from loops.organize.util import getPrincipalFolder, getGroupsFolder, getGroupId from loops.organize.util import getPrincipalFolder, getGroupsFolder, getGroupId
from loops.security.common import overrides, setRolePermission, setPrincipalRole from loops.security.common import overrides, setRolePermission, setPrincipalRole
@ -56,6 +59,17 @@ class BaseSecuritySetter(object):
def conceptManager(self): def conceptManager(self):
return self.baseObject.getLoopsRoot().getConceptManager() return self.baseObject.getLoopsRoot().getConceptManager()
@Lazy
def typeOptions(self):
type = self.baseObject.getType()
if type is None:
return DummyOptions()
return IOptions(adapted(type), DummyOptions())
@Lazy
def globalOptions(self):
return IOptions(self.baseObject.getLoopsRoot())
@Lazy @Lazy
def acquiringPredicates(self): def acquiringPredicates(self):
return [self.conceptManager.get(n) for n in acquiringPredicateNames] return [self.conceptManager.get(n) for n in acquiringPredicateNames]
@ -106,6 +120,14 @@ class LoopsObjectSecuritySetter(BaseSecuritySetter):
rpm = self.rolePermissionManager rpm = self.rolePermissionManager
for p, r, s in rpm.getRolesAndPermissions(): for p, r, s in rpm.getRolesAndPermissions():
setRolePermission(rpm, p, r, Unset) setRolePermission(rpm, p, r, Unset)
self.setStateSecurity()
def setStateSecurity(self):
statesDefs = (self.globalOptions('organize.stateful.concept', []) +
(self.typeOptions('organize.stateful') or []))
for std in statesDefs:
stf = component.getAdapter(self.baseObject, IStateful, name=std)
stf.getStateObject().setSecurity(stf)
def acquireRolePermissions(self): def acquireRolePermissions(self):
settings = {} settings = {}
@ -186,6 +208,12 @@ class ResourceSecuritySetter(LoopsObjectSecuritySetter):
def parents(self): def parents(self):
return self.baseObject.getConcepts(self.acquiringPredicates) return self.baseObject.getConcepts(self.acquiringPredicates)
def setStateSecurity(self):
statesDefs = (self.globalOptions('organize.stateful.resource', []))
for std in statesDefs:
stf = component.getAdapter(self.target, IStateful, name=std)
stf.getStateObject().setSecurity(self.context)
def setRolePermissions(self, settings): def setRolePermissions(self, settings):
vSetters = [self] vSetters = [self]
vr = IVersionable(baseObject(self.context)) vr = IVersionable(baseObject(self.context))