(1) provide ILocation adapter for WSI; (2) activate security handlers.

(1) ILocation adapter seems to be required by absolute_url in
BlueBream.

(2) security-related event handlers had been commented out in
bbmaster for performance reasons; are now re-activated.

security/common.py

@@ -28,12 +28,13 @@ from zope.app.security.settings import Allow, Deny, Unset
 from zope.cachedescriptors.property import Lazy
 from zope.interface import implements
 from zope.lifecycleevent import IObjectCreatedEvent, IObjectModifiedEvent
+from zope.location.interfaces import ILocation
 from zope.security import canAccess, canWrite
 from zope.security import checkPermission as baseCheckPermission
 from zope.security.management import getInteraction
 from zope.securitypolicy.interfaces import IPrincipalRoleManager
 from zope.securitypolicy.interfaces import IRolePermissionManager
-from zope.traversing.api import getName
+from zope.traversing.api import getName, getParents
 from zope.traversing.interfaces import IPhysicallyLocatable
 
 from cybertools.meta.interfaces import IOptions
@@ -246,6 +247,21 @@ class WorkspaceInformation(Persistent):
     def getParent(self):
         return self.__parent__
 
+    def getParents(self):
+        p = self.getParent()
+        return [p] + getParents(p)
+
+
+class LocationWSI(object):
+
+    implements(ILocation)
+    component.adapts(WorkspaceInformation)
+
+    def __init__(self, context):
+        self.context = context
+        self.__name__ = context.__name__
+        self.__parent__ = context.__parent__
+
 
 def getWorkspaceGroup(obj, predicate):
     wsi = obj.workspaceInformation

security/configure.zcml

@@ -14,6 +14,8 @@
              permission="zope.Security"/>
   </zope:class>
 
+  <zope:adapter factory="loops.security.common.LocationWSI" />
+
   <zope:adapter
         for="loops.interfaces.IConcept"
         factory="zope.securitypolicy.rolepermission.AnnotationRolePermissionManager"
@@ -30,15 +32,16 @@
   <zope:adapter factory="loops.security.setter.ConceptSecuritySetter" />
   <zope:adapter factory="loops.security.setter.ResourceSecuritySetter" />
 
-  <!-- suppress for performance reasons -->
+  <!-- might be commented out for performance reasons;
-  <!--
+       TODO: control execution via global (or type?) options -->
   <zope:subscriber handler="loops.security.common.setDefaultSecurity" />
   <zope:subscriber handler="loops.security.common.grantAcquiredSecurity" />
   <zope:subscriber handler="loops.security.common.revokeAcquiredSecurity" />
 
-  <zope:subscriber handler="loops.security.common.addGroupMembershipOnAssignment" />
+  <zope:subscriber 
-  <zope:subscriber handler="loops.security.common.removeGroupMembershipOnDeassignment" />
+        handler="loops.security.common.addGroupMembershipOnAssignment" />
-  -->
+  <zope:subscriber 
+        handler="loops.security.common.removeGroupMembershipOnDeassignment" />
 
   <!-- views -->
 

security/interfaces.py

@@ -77,4 +77,3 @@ class IWorkspaceInformation(Interface):
 
     propagateParentSecurity = Attribute('Should the security settings of '
                     'the workspace parent be propagated to children?')
-