[Zope-Checkins] CVS: Zope3/lib/python/Zope/App/Security - IRoleManagement.py:1.1.2.1 IZope3RoleManageable.py:1.1.2.1 Zope3RoleManagement.py:1.1.2.1

Tres Seaver tseaver@zope.com
Thu, 29 Nov 2001 11:45:35 -0500


Update of /cvs-repository/Zope3/lib/python/Zope/App/Security
In directory cvs.zope.org:/tmp/cvs-serv2590/lib/python/Zope/App/Security

Added Files:
      Tag: Zope-3x-branch
	IRoleManagement.py IZope3RoleManageable.py 
	Zope3RoleManagement.py 
Log Message:
 - Add initial role management.

=== Added File Zope3/lib/python/Zope/App/Security/IRoleManagement.py ===
# Copyright (c) 2001 Zope Corporation and Contributors.  All Rights Reserved.
# 
# This software is subject to the provisions of the Zope Public License,
# Version 1.1 (ZPL).  A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.

from Interface import Interface

class IRoleManagement( Interface ):
    """
        Interface for features which manage knowledge of role-permission
        bindings for a given object.
    """
    def listAvailableRoles():
        """
            What roles are available at our context?
        """

    def addRole( role_name ):
        """
            Create a new, empty role.
        """

    def removeRole( role_name ):
        """
            Remove a role, and any associated permission bindings.
        """

    def listPermissionsOfRole( role_name ):
        """
            What permissions does the 'role_name' have?
        """

    def clearPermissionsOfRole( role_name ):
        """
            Remove all permissions from 'role_name'.
        """

    def addPermissionToRole( role_name, permission ):
        """
            Add 'permission' to 'role_name'.
        """

    def listRolesWithPermission( permission ):
        """
            Which roles have 'permission' in our context?
        """


=== Added File Zope3/lib/python/Zope/App/Security/IZope3RoleManageable.py ===
# Copyright (c) 2001 Zope Corporation and Contributors.  All Rights Reserved.
# 
# This software is subject to the provisions of the Zope Public License,
# Version 1.1 (ZPL).  A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.

from Interface import Interface, Attribute

SPECIAL_ATTRIBUTE_NAME = '__zope3_role_permission_bindings__'

class IZope3RoleManageable( Interface ):
    """
        Marker interface for objects which use the new-style
        role-permission bindings scheme (as distinct from
        'ILegacyRoleManageable', which use the old "pollute
        the instance dict" strategy).

        Objects which assert this interface declare thereby
        their willingness to allow the security machinery to
        stash arbitrary information in their instance dict,
        under the specially-named attribute.
    """

    Attribute( SPECIAL_ATTRIBUTE_NAME
             , """
                   Reserve this attribute name for the storage of
                   role-permission bindings.
               """ 
             )


=== Added File Zope3/lib/python/Zope/App/Security/Zope3RoleManagement.py ===
# Copyright (c) 2001 Zope Coporation and Contributors.  All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 1.1 (ZPL).  A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS 
# FOR A PARTICULAR PURPOSE.

from IRoleManagement import IRoleManagement
from IZope3RoleManageable import IZope3RoleManageable
from IZope3RoleManageable import SPECIAL_ATTRIBUTE_NAME

class _PermissionRoleBindings:
    def __init__( self ):
        self._permissions = {}
        self._roles = {}

class Zope3RoleManagement:
    """
        Implement IRoleManagement for new-style objects.
    """

    __implements__ = ( IRoleManagement, )

    def __init__( self, context ):
        self._context = context

    
    def getContext( self ):
        return self._context

    def _getContextBindings( self ):
        """
            Find or create the permission-role bindings for our context.
        """
        bindings = getattr( self._context, SPECIAL_ATTRIBUTE_NAME, None )

        if bindings is None:
            bindings = _PermissionRoleBindings()
            setattr( self._context, SPECIAL_ATTRIBUTE_NAME, bindings )

        return bindings

    #
    #   IRoleManagement implementation
    #
    def listAvailableRoles( self ):
        """
            What roles are available at our context?
        """
        roles = self._getContextBindings()._roles
        return tuple( roles.keys() )

    def addRole( self, role_name ):
        """
            Create a new, empty role.
        """
        roles = self._getContextBindings()._roles

        if roles.has_key( role_name ):
            raise KeyError, 'Role %s already defined.' % role_name

        roles[ role_name ] = ()

    def removeRole( self, role_name ):
        """
            Remove a role, and any associated permission bindings.
        """
        roles = self._getContextBindings()._roles

        if not roles.has_key( role_name ):
            raise KeyError, 'Role %s not defined.' % role_name

        self.clearPermissionsOfRole( role_name )
        del roles[ role_name ]

    def listPermissionsOfRole( self, role_name ):
        """
            What permissions does the 'role_name' have?
        """

    def clearPermissionsOfRole( self, role_name ):
        """
            Remove all permissions from 'role_name'.
        """

    def addPermissionToRole( self, role_name, permission ):
        """
            Add 'permission' to 'role_name'.
        """

    def listRolesWithPermission( self, permission ):
        """
            Which roles have 'permission' in our context?
        """