[Zope-Checkins] CVS: Zope3/lib/python/Zope/App/Security/Grants/Views/Browser - PrincipalPermissionView.py:1.2 PrincipalRoleView.py:1.4 RolePermissionView.py:1.5 principal_role_association.pt:1.3
Jim Fulton
jim@zope.com
Tue, 16 Jul 2002 19:41:48 -0400
Update of /cvs-repository/Zope3/lib/python/Zope/App/Security/Grants/Views/Browser
In directory cvs.zope.org:/tmp/cvs-serv19928/Zope/App/Security/Grants/Views/Browser
Modified Files:
PrincipalPermissionView.py PrincipalRoleView.py
RolePermissionView.py principal_role_association.pt
Log Message:
Renamed (changed service type id) if all services with names ending in
"Service". Container services were given a plural form
(e.g. "RoleService" => "Roles"), but other services just lost the
suffix (e.g. "AuthenticationService" => "Authentication").
Fixed bug in ZopeSecurityPolicy that caused placeless role-permission
grants to be ignored for placefully assigned roles.
Also changed grant lookup order. Now placeless grants are checked
*before* placeful grants.
Finished the implementation of placeful principal role grants
(re)started at the EuroPython sprint.
Fixed a bug in service directives that caused service component lookup
to fail for unpriviledged users. This caused authentication using
Stephan's authentication service to fail in mysterious ways.
Now you can create users with Stephan's auth service, and assign them
roles using principal-role grants.
Added code to the ZMI (boring) standard_macros template to display the
user, which, BTW is available in request.user.
=== Zope3/lib/python/Zope/App/Security/Grants/Views/Browser/PrincipalPermissionView.py 1.1 => 1.2 ===
index = ViewPageTemplateFile('pt/principal_permission_edit.pt')
def get_permission_service(self):
- return getService(self.context, 'PermissionService')
+ return getService(self.context, 'Permissions')
def get_principal(self, principal_id):
return getService(self.context,
- 'AuthenticationService'
+ 'Authentication'
).getPrincipal(principal_id)
def unsetPermissions(self, principal_id, permission_ids, REQUEST=None):
@@ -84,7 +84,7 @@
ppmap = getAdapter(self.context, IPrincipalPermissionMap)
principal = self.get_principal(principal_id)
- perm_serv = getService(self.context, 'PermissionService')
+ perm_serv = getService(self.context, 'Permissions')
result = []
for perm in perm_serv.getPermissions():
if ppmap.getSetting(perm, principal) == Unset:
=== Zope3/lib/python/Zope/App/Security/Grants/Views/Browser/PrincipalRoleView.py 1.3 => 1.4 ===
principals = getattr(self, '_principals', None)
if principals is None:
principals = self._principals = getService(
- self.context, 'AuthenticationService'
+ self.context, 'Authentication'
).getPrincipals('')
- principals = [p.getId() for p in principals]
return principals
def getAllRoles(self):
roles = getattr(self, '_roles', None)
if roles is None:
- roles = self._roles = getService(self.context, 'RoleService'
+ roles = self._roles = getService(self.context, 'Roles'
).getRoles()
- roles = [r.getId() for r in roles]
return roles
def createGrid(self, principals=None, roles=None):
- if not principals:
- principals = self.getAllPrincipals()
- if not roles:
- roles = self.getAllRoles()
+ if principals is None:
+ principals = self.request.get('principals')
+ if principals is None:
+ principals = self.getAllPrincipals()
+ else:
+ # Ugh, we have ids, but we want objects
+ auth_service = getService(self.context, 'Authentication')
+ principals = [auth_service.getPrincipal(principal)
+ for principal in principals]
+
+
+ if roles is None:
+ roles = self.request.get('roles')
+ if roles is None:
+ roles = self.getAllRoles()
+ else:
+ # Ugh, we have ids, but we want objects
+ role_service = getService(self.context, 'Roles')
+ roles = [role_service.getRole(role)
+ for role in roles]
+
return PrincipalRoleGrid(principals, roles, self.context)
def action(self, principals, roles, testing=None):
@@ -91,18 +106,26 @@
map = getAdapter(context, IPrincipalRoleMap)
for role in roles:
+ rid = role.getId()
for principal in principals:
- setting = map.getSetting(role, principal)
- self._grid[(principal, role)] = setting.getName()
+ pid = principal.getId()
+ setting = map.getSetting(rid, pid)
+ self._grid[(pid, rid)] = setting.getName()
def principals(self):
return self._principals
+ def principalIds(self):
+ return [p.getId() for p in self._principals]
+
def roles(self):
return self._roles
- def getValue(self, principal, role):
- return self._grid[(principal, role)]
+ def roleIds(self):
+ return [r.getId() for r in self._roles]
+
+ def getValue(self, principal_id, role_id):
+ return self._grid[(principal_id, role_id)]
def listAvailableValues(self):
# XXX rather use Allow.getName() & co
=== Zope3/lib/python/Zope/App/Security/Grants/Views/Browser/RolePermissionView.py 1.4 => 1.5 ===
roles = getattr(self, '_roles', None)
if roles is None:
roles = self._roles = getService(
- self.context, 'RoleService'
+ self.context, 'Roles'
).getRoles()
return roles
@@ -43,7 +43,7 @@
permissions = getattr(self, '_permissions', None)
if permissions is None:
permissions = self._permissions = getService(
- self.context, 'PermissionService'
+ self.context, 'Permissions'
).getPermissions()
return permissions
@@ -66,14 +66,14 @@
def permissionForID(self, pid):
context = self.context
roles = self.roles()
- perm = getService(context, 'PermissionService'
+ perm = getService(context, 'Permissions'
).getPermission(pid)
return PermissionRoles(perm, context, roles)
def roleForID(self, rid):
context = self.context
permissions = self.permissions()
- role = getService(context, 'RoleService'
+ role = getService(context, 'Roles'
).getRole(rid)
return RolePermissions(role, context, permissions)
=== Zope3/lib/python/Zope/App/Security/Grants/Views/Browser/principal_role_association.pt 1.2 => 1.3 ===
<head>
<style metal:fill-slot="headers" type="text/css"> </style>
</head>
- <body metal:fill-slot="body" tal:define="hasFilter python:request.get('Filter', None)">
+ <body metal:fill-slot="body"
+ tal:define="hasFilter python:request.get('Filter', None)">
<div tal:replace="options/message|nothing" />
<div tal:condition="not: hasFilter">
<span class="message"> Apply filter </span>
<form method="POST" action="@@PrincipalRoles.html">
- <span tal:define="principals view/getAllPrincipals">
Principal(s):
<select name="principals:list" multiple>
- <option tal:repeat="principal principals" tal:attributes="value principal/getId" tal:content="principal/getTitle">my title</option>
+ <option tal:repeat="principal view/getAllPrincipals"
+ tal:attributes="value principal/getId"
+ tal:content="principal/getTitle">my title</option>
</select>
- </span>
- <span tal:define="roles view/getAllRoles">
Role(s):
<select name="roles:list" multiple>
- <option tal:repeat="role roles" tal:attributes="value role/getId" tal:content="role/getTitle">my title</option>
+ <option tal:repeat="role view/getAllRoles"
+ tal:attributes="value role/getId"
+ tal:content="role/getTitle">my title</option>
</select>
- </span>
<input type="submit" name="Filter" value="Filter" />
</form>
</div>
+
<!-- WARNING!! SELF POSTING FORM!! -->
<div tal:condition="hasFilter">
<div class="principalRolesGrid"
- tal:define="principalRoleGrid python:view.createGrid(request.get('principals', None), request.get('roles', None)); " >
+ tal:define="principalRoleGrid view/createGrid">
- <span tal:define="global listPrincipals principalRoleGrid/principals;
- global listRoles principalRoleGrid/roles;
- global listValues principalRoleGrid/listAvailableValues" />
+ <span tal:define="
+ global listPrincipals principalRoleGrid/principals;
+ global listRoles principalRoleGrid/roles;
+ global listValues principalRoleGrid/listAvailableValues" />
<form method="POST" action="ChangePrincipalRoles.html">
<table>
@@ -43,25 +46,32 @@
<td class="principal">
</td>
- <td class="role" tal:repeat="role listRoles" tal:content="role">
+ <td class="role" tal:repeat="role listRoles"
+ tal:content="role/getTitle">
Role Id
</td>
</tr>
<tr class="principalRoleRow" tal:repeat="principal listPrincipals">
- <td class="principalLabel" tal:content="principal">
+ <td class="principalLabel" tal:content="principal/getTitle">
Principal Id
</td>
<td class="principalRole" tal:repeat="role listRoles">
<select name="grid.role.principal:records"
- tal:attributes="name string:grid.${role}.${principal}"
- tal:define="selectedValue python:principalRoleGrid.getValue(principal, role)" >
+ tal:attributes="
+ name string:grid.${role/getId}.${principal/getId}"
+ tal:define="selectedValue
+ python:principalRoleGrid.getValue(
+ principal.getId(),
+ role.getId()
+ )" >
<option value="" tal:repeat="defaultValue listValues"
- tal:attributes="selected python:defaultValue==selectedValue;
- value defaultValue;
- debugsel selectedValue;
-"
+ tal:attributes="
+ selected python:defaultValue==selectedValue;
+ value defaultValue;
+ debugsel selectedValue;
+ "
tal:content="defaultValue">
</option>
@@ -72,10 +82,10 @@
</table>
<input type="hidden" name="principals:list"
tal:repeat="principal listPrincipals"
- tal:attributes="value principal" />
+ tal:attributes="value principal/getId" />
<input type="hidden" name="roles:list"
tal:repeat="role listRoles"
- tal:attributes="value role" />
+ tal:attributes="value role/getId" />
<input type="submit" name="apply" value="apply" />