[Zope-Checkins] CVS: Zope/lib/python/ZPublisher - BaseRequest.py:1.52.2.1

Jim Fulton cvs-admin at zope.org
Sat Nov 22 12:15:59 EST 2003 

Update of /cvs-repository/Zope/lib/python/ZPublisher
In directory cvs.zope.org:/tmp/cvs-serv17116/lib/python/ZPublisher

Modified Files:
      Tag: zodb33-devel-branch
	BaseRequest.py 
Log Message:

Implemented a new mechanism for computing roles, based on a suggestion
by Dieter Maurer.



=== Zope/lib/python/ZPublisher/BaseRequest.py 1.52 => 1.52.2.1 ===
--- Zope/lib/python/ZPublisher/BaseRequest.py:1.52	Tue Oct 14 05:08:44 2003
+++ Zope/lib/python/ZPublisher/BaseRequest.py	Sat Nov 22 12:15:57 2003
@@ -30,12 +30,19 @@
         def manage_property_types(self):
             return type_converters.keys()
 
-except:
+except ImportError:
     class RequestContainer:
         __roles__=None
         def __init__(self,**kw):
             for k,v in kw.items(): self.__dict__[k]=v
 
+try:
+    from AccessControl.ZopeSecurityPolicy import getRoles
+except ImportError:
+    def getRoles(container, name, value, default):
+        return getattr(value, '__roles__', default)
+
+
 _marker=[]
 class BaseRequest:
     """Provide basic ZPublisher request management
@@ -218,14 +225,14 @@
         object=parents[-1]
         del parents[:]
 
-        roles = getattr(object, '__roles__', UNSPECIFIED_ROLES)
+        roles = getRoles(None, None, object, UNSPECIFIED_ROLES)
 
         # if the top object has a __bobo_traverse__ method, then use it
         # to possibly traverse to an alternate top-level object.
         if hasattr(object,'__bobo_traverse__'):
             try:
                 object=object.__bobo_traverse__(request)
-                roles =getattr(object, '__roles__', UNSPECIFIED_ROLES)
+                roles = getRoles(None, None, object, UNSPECIFIED_ROLES)
             except: pass
 
         if not path and not method:
@@ -280,9 +287,9 @@
                     entry_name = method
                     method = 'index_html'
                 else:
-                    if (hasattr(object, '__call__') and
-                        hasattr(object.__call__,'__roles__')):
-                        roles=object.__call__.__roles__
+                    if (hasattr(object, '__call__')):
+                        roles = getRoles(object, '__call__', object.__call__,
+                                         roles)
                     if request._hacked_path:
                         i=URL.rfind('/')
                         if i > 0: response.setBase(URL[:i])
@@ -357,13 +364,9 @@
                         "The object at %s is not publishable." % URL
                         )
 
-                r = getattr(subobject, '__roles__', UNSPECIFIED_ROLES)
-                if r is not UNSPECIFIED_ROLES:
-                    roles = r
-                elif not got:
-                    # We got the subobject as an attribute, not an item,
-                    # so we should check "next to it" for __roles__.
-                    roles = getattr(object, entry_name+'__roles__', roles)
+                roles = getRoles(
+                    object, (not got) and entry_name or None, subobject,
+                    roles)
 
                 # Promote subobject to object
                 object=subobject

More information about the Zope-Checkins mailing list