[Zope-Checkins] CVS: Zope/lib/python/OFS - ObjectManager.py:1.163.26.2 SimpleItem.py:1.106.26.1 Traversable.py:1.21.4.1

Jim Fulton cvs-admin at zope.org
Sat Nov 22 12:16:27 EST 2003


Update of /cvs-repository/Zope/lib/python/OFS
In directory cvs.zope.org:/tmp/cvs-serv17116/lib/python/OFS

Modified Files:
      Tag: zodb33-devel-branch
	ObjectManager.py SimpleItem.py Traversable.py 
Log Message:

Implemented a new mechanism for computing roles, based on a suggestion
by Dieter Maurer.



=== Zope/lib/python/OFS/ObjectManager.py 1.163.26.1 => 1.163.26.2 ===
--- Zope/lib/python/OFS/ObjectManager.py:1.163.26.1	Sat Nov 15 07:11:26 2003
+++ Zope/lib/python/OFS/ObjectManager.py	Sat Nov 22 12:15:56 2003
@@ -34,6 +34,7 @@
 import App.Common
 from App.config import getConfiguration
 from AccessControl import getSecurityManager
+from AccessControl.ZopeSecurityPolicy import getRoles
 from zLOG import LOG, ERROR
 import sys,fnmatch,copy
 from cgi import escape
@@ -629,12 +630,15 @@
         if not (len(REQUEST.PARENTS) > 1 and
                 self.objectValues() == REQUEST.PARENTS[1].objectValues()):
             try:
-                if getSecurityManager().validateValue(self.manage_FTPlist):
+                if getSecurityManager().validate(
+                    None, self, 'manage_FTPlist', self.manage_FTPlist
+                    ):
                     mode=mode | 0770
             except: pass
             if nobody.allowed(
-                        self.manage_FTPlist,
-                        self.manage_FTPlist.__roles__):
+                self.manage_FTPlist,
+                getRoles(self, 'manage_FTPlist', self.manage_FTPlist, ()),
+                self.manage_FTPlist.__roles__):
                 mode=mode | 0007
         mtime=self.bobobase_modification_time().timeTime()
         # get owner and group


=== Zope/lib/python/OFS/SimpleItem.py 1.106 => 1.106.26.1 ===
--- Zope/lib/python/OFS/SimpleItem.py:1.106	Tue Feb  4 11:38:10 2003
+++ Zope/lib/python/OFS/SimpleItem.py	Sat Nov 22 12:15:56 2003
@@ -34,6 +34,7 @@
 from zExceptions.ExceptionFormatter import format_exception
 import time
 from zLOG import LOG, BLATHER
+from AccessControl.ZopeSecurityPolicy import getRoles
 
 import marshal
 import ZDOM
@@ -237,25 +238,32 @@
         from AccessControl.User import nobody
         mode=0100000
 
-        # check read permissions
-        if (hasattr(aq_base(self),'manage_FTPget') and
-            hasattr(self.manage_FTPget, '__roles__')):
+        if (hasattr(aq_base(self),'manage_FTPget')):
             try:
-                if getSecurityManager().validateValue(self.manage_FTPget):
+                if getSecurityManager().validate(
+                    None, self, 'manage_FTPget', self.manage_FTPget):
                     mode=mode | 0440
-            except: pass
-            if nobody.allowed(self.manage_FTPget,
-                              self.manage_FTPget.__roles__):
+            except Unauthorized:
+                pass
+            
+            if nobody.allowed(
+                self.manage_FTPget,
+                getRoles(self, 'manage_FTPget', self.manage_FTPget, ()),
+                ):
                 mode=mode | 0004
 
         # check write permissions
-        if hasattr(aq_base(self),'PUT') and hasattr(self.PUT, '__roles__'):
+        if hasattr(aq_base(self),'PUT'):
             try:
-                if getSecurityManager().validateValue(self.PUT):
+                if getSecurityManager().validate(None, self, 'PUT', self.PUT):
                     mode=mode | 0220
-            except: pass
+            except Unauthorized:
+                pass
 
-            if nobody.allowed(self.PUT, self.PUT.__roles__):
+            if nobody.allowed(
+                self.PUT,
+                getRoles(self, 'PUT', self.PUT, ()),
+                ):
                 mode=mode | 0002
 
         # get size


=== Zope/lib/python/OFS/Traversable.py 1.21 => 1.21.4.1 ===
--- Zope/lib/python/OFS/Traversable.py:1.21	Mon Sep 29 08:34:38 2003
+++ Zope/lib/python/OFS/Traversable.py	Sat Nov 22 12:15:56 2003
@@ -91,7 +91,8 @@
             # If the path starts with an empty string, go to the root first.
             pop()
             self=self.getPhysicalRoot()
-            if (restricted and not securityManager.validateValue(self)):
+            if (restricted and not securityManager.validate(
+                None, None, None, self)):
                 raise Unauthorized, name
 
         try:




More information about the Zope-Checkins mailing list