(1) provide ILocation adapter for WSI; (2) activate security handlers.

(1) ILocation adapter seems to be required by absolute_url in BlueBream. (2) security-related event handlers had been commented out in bbmaster for performance reasons; are now re-activated.
2016-04-17 14:05:59 +02:00 · 2016-04-17 14:05:59 +02:00 · 665c0271fd
commit 665c0271fd
parent f12361daa4
3 changed files with 25 additions and 7 deletions
--- a/security/common.py
+++ b/security/common.py
@ -28,12 +28,13 @@ from zope.app.security.settings import Allow, Deny, Unset
 from zope.cachedescriptors.property import Lazy
 from zope.interface import implements
 from zope.lifecycleevent import IObjectCreatedEvent, IObjectModifiedEvent
+from zope.location.interfaces import ILocation
 from zope.security import canAccess, canWrite
 from zope.security import checkPermission as baseCheckPermission
 from zope.security.management import getInteraction
 from zope.securitypolicy.interfaces import IPrincipalRoleManager
 from zope.securitypolicy.interfaces import IRolePermissionManager
-from zope.traversing.api import getName
+from zope.traversing.api import getName, getParents
 from zope.traversing.interfaces import IPhysicallyLocatable

 from cybertools.meta.interfaces import IOptions
@ -246,6 +247,21 @@ class WorkspaceInformation(Persistent):
    def getParent(self):
        return self.__parent__

+    def getParents(self):
+        p = self.getParent()
+        return [p] + getParents(p)
+
+
+class LocationWSI(object):
+
+    implements(ILocation)
+    component.adapts(WorkspaceInformation)
+
+    def __init__(self, context):
+        self.context = context
+        self.__name__ = context.__name__
+        self.__parent__ = context.__parent__
+

 def getWorkspaceGroup(obj, predicate):
    wsi = obj.workspaceInformation
--- a/security/configure.zcml
+++ b/security/configure.zcml
@ -14,6 +14,8 @@
             permission="zope.Security"/>
  </zope:class>

+  <zope:adapter factory="loops.security.common.LocationWSI" />
+
  <zope:adapter
        for="loops.interfaces.IConcept"
        factory="zope.securitypolicy.rolepermission.AnnotationRolePermissionManager"
@ -30,15 +32,16 @@
  <zope:adapter factory="loops.security.setter.ConceptSecuritySetter" />
  <zope:adapter factory="loops.security.setter.ResourceSecuritySetter" />

-  <!-- suppress for performance reasons -->
-  <!--
+  <!-- might be commented out for performance reasons;
+       TODO: control execution via global (or type?) options -->
  <zope:subscriber handler="loops.security.common.setDefaultSecurity" />
  <zope:subscriber handler="loops.security.common.grantAcquiredSecurity" />
  <zope:subscriber handler="loops.security.common.revokeAcquiredSecurity" />

-  <zope:subscriber handler="loops.security.common.addGroupMembershipOnAssignment" />
-  <zope:subscriber handler="loops.security.common.removeGroupMembershipOnDeassignment" />
-  -->
+  <zope:subscriber 
+        handler="loops.security.common.addGroupMembershipOnAssignment" />
+  <zope:subscriber 
+        handler="loops.security.common.removeGroupMembershipOnDeassignment" />

  <!-- views -->

--- a/security/interfaces.py
+++ b/security/interfaces.py
@ -77,4 +77,3 @@ class IWorkspaceInformation(Interface):

    propagateParentSecurity = Attribute('Should the security settings of '
                    'the workspace parent be propagated to children?')
-