[Zope3-checkins] CVS: Zope3/src/zope/app/security/registries - __init__.py:1.2 configure.zcml:1.2 meta.zcml:1.2 metaconfigure.py:1.2 permissionregistry.py:1.2 principalregistry.py:1.2 registeredobject.py:1.2 registry.py:1.2 roleregistry.py:1.2

Jim Fulton jim@zope.com
Wed, 25 Dec 2002 09:13:49 -0500


Update of /cvs-repository/Zope3/src/zope/app/security/registries
In directory cvs.zope.org:/tmp/cvs-serv15352/src/zope/app/security/registries

Added Files:
	__init__.py configure.zcml meta.zcml metaconfigure.py 
	permissionregistry.py principalregistry.py registeredobject.py 
	registry.py roleregistry.py 
Log Message:
Grand renaming:

- Renamed most files (especially python modules) to lower case.

- Moved views and interfaces into separate hierarchies within each
  project, where each top-level directory under the zope package
  is a separate project.

- Moved everything to src from lib/python.

  lib/python will eventually go away. I need access to the cvs
  repository to make this happen, however.

There are probably some bits that are broken. All tests pass
and zope runs, but I haven't tried everything. There are a number
of cleanups I'll work on tomorrow.



=== Zope3/src/zope/app/security/registries/__init__.py 1.1 => 1.2 ===
--- /dev/null	Wed Dec 25 09:13:48 2002
+++ Zope3/src/zope/app/security/registries/__init__.py	Wed Dec 25 09:13:17 2002
@@ -0,0 +1,2 @@
+#
+# This file is necessary to make this directory a package.


=== Zope3/src/zope/app/security/registries/configure.zcml 1.1 => 1.2 ===
--- /dev/null	Wed Dec 25 09:13:48 2002
+++ Zope3/src/zope/app/security/registries/configure.zcml	Wed Dec 25 09:13:17 2002
@@ -0,0 +1,39 @@
+<zopeConfigure
+   xmlns='http://namespaces.zope.org/zope'
+   xmlns:browser='http://namespaces.zope.org/browser'
+   package="zope.app.security"
+>
+
+  <serviceType
+      id="Roles" 
+      interface="zope.app.interfaces.security.IRoleService" />
+  <service
+      serviceType="Roles" 
+      component="zope.app.security.registries.roleregistry.roleRegistry" />
+
+  <serviceType
+      id="Permissions" 
+      interface="zope.app.interfaces.security.IPermissionService" />
+  <service
+      serviceType="Permissions" 
+      component="zope.app.security.registries.permissionregistry.permissionRegistry" />
+
+  <serviceType
+      id="Authentication" 
+      interface="zope.app.interfaces.security.IAuthenticationService" />
+  <service
+      serviceType="Authentication" 
+      component="zope.app.security.registries.principalregistry.principalRegistry" />
+
+  <!-- protect Roles and Permissions -->
+  <content class="zope.app.security.registries.roleregistry.Role">
+    <allow
+        interface="zope.app.interfaces.security.IRegisteredObject" />
+  </content>
+  <content class="zope.app.security.registries.permissionregistry.Permission">
+    <allow
+        interface="zope.app.interfaces.security.IRegisteredObject" />
+  </content>
+  
+</zopeConfigure>
+


=== Zope3/src/zope/app/security/registries/meta.zcml 1.1 => 1.2 ===
--- /dev/null	Wed Dec 25 09:13:48 2002
+++ Zope3/src/zope/app/security/registries/meta.zcml	Wed Dec 25 09:13:17 2002
@@ -0,0 +1,18 @@
+<zopeConfigure xmlns='http://namespaces.zope.org/zope'>
+
+  <!-- zope.app.security -->
+  <directives namespace="http://namespaces.zope.org/zope">
+    <directive name="permission"
+               attributes="id title description"
+               handler="zope.app.security.registries.metaconfigure.definePermission" />
+    <directive name="role"
+               attributes="id title description"
+               handler="zope.app.security.registries.metaconfigure.defineRole" />
+    <directive name="principal" attributes="id title description"
+       handler="zope.app.security.registries.metaconfigure.principal" />
+    <directive name="unauthenticatedPrincipal" 
+               attributes="principal title description"
+       handler="zope.app.security.registries.metaconfigure.unauthenticatedPrincipal" />
+  </directives>
+
+</zopeConfigure>


=== Zope3/src/zope/app/security/registries/metaconfigure.py 1.1 => 1.2 ===
--- /dev/null	Wed Dec 25 09:13:48 2002
+++ Zope3/src/zope/app/security/registries/metaconfigure.py	Wed Dec 25 09:13:17 2002
@@ -0,0 +1,58 @@
+##############################################################################
+#
+# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.0 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+""" Register security related configuration directives.
+
+$Id$
+"""
+from zope.app.security.registries.permissionregistry import permissionRegistry as perm_reg
+from zope.app.security.registries.roleregistry import roleRegistry as role_reg
+from zope.security.securitymanager import setSecurityPolicy
+from zope.app.security.registries.principalregistry import principalRegistry
+from zope.configuration.action import Action
+
+def definePermission(_context, id, title, description=''):
+    return [
+        Action(
+            discriminator = ('definePermission', id),
+            callable = perm_reg.definePermission,
+            args = (id, title, description),
+            )
+        ]
+
+def defineRole(_context, id, title, description=''):
+    return [
+        Action(
+            discriminator = ('defineRole', id),
+            callable = role_reg.defineRole,
+            args = (id, title, description),
+            )
+        ]
+
+def principal(_context, id, title, login, password, description=''):
+    return [
+        Action(
+            discriminator = ('principal', id),
+            callable = principalRegistry.definePrincipal,
+            args = (id, title, description, login, password),
+            )
+        ]
+
+def unauthenticatedPrincipal(_context, id, title, description=''):
+    return [
+        Action(
+            discriminator = 'unauthenticatedPrincipal',
+            callable = principalRegistry.defineDefaultPrincipal,
+            args = (id, title, description),
+            )
+        ]


=== Zope3/src/zope/app/security/registries/permissionregistry.py 1.1 => 1.2 ===
--- /dev/null	Wed Dec 25 09:13:48 2002
+++ Zope3/src/zope/app/security/registries/permissionregistry.py	Wed Dec 25 09:13:17 2002
@@ -0,0 +1,98 @@
+##############################################################################
+#
+# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.0 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+""" Global permission registry."""
+
+PREFIX = 'Global Permission'
+SUFFIX = 'zope.Public'
+DESCRIP = 'Anybody can do this'
+
+from zope.app.security.registries.registeredobject import RegisteredObject
+from zope.app.security.registries.registry import Registry
+from zope.app.interfaces.security import IPermission
+from zope.app.interfaces.security import IPermissionService
+from zope.security.checker import CheckerPublic
+from zope.app.security.exceptions import UndefinedPermissionError
+
+
+
+class Permission(RegisteredObject):
+    __implements__ = IPermission
+
+
+class PermissionRegistry(Registry):
+    __implements__ = IPermissionService
+
+    def __init__(self, prefix=PREFIX):
+        Registry.__init__(self, Permission)
+        self._prefix = prefix
+
+    def definePermission(self, permission, title, description=''):
+        """Define a new permission object, register, and return it.
+
+        permission is the permission name, must be globally unique
+
+        title is the permission title, human readable.
+
+        description (optional) is human readable
+        """
+        if permission.startswith('.'):
+            raise ValueError("permissions must not start with a '.'")
+        return self.register(permission, title, description)
+
+    def definedPermission(self, permission_id):
+        """Return true if named permission is registered, otherwise return
+        false
+        """
+        return self.is_registered(permission_id)
+
+    def ensurePermissionDefined(self, permission_id):
+        """Check to make sure permission is defined.
+
+        If it isn't, an error is raised
+        """
+        if permission_id == CheckerPublic:
+            return
+        if not self.definedPermission(permission_id):
+            raise UndefinedPermissionError(permission_id)
+
+    def getPermission(self, permission_id):
+        """Return permission object registered as permission_id.
+
+        If no named permission is registered KeyError is raised.
+
+        """
+        return self.getRegisteredObject(permission_id)
+
+    def getPermissions(self):
+        """Return all registered permission objects.
+        """
+        return self.getRegisteredObjects()
+
+    def _clear(self):
+        Registry._clear(self)
+        self.definePermission(
+            'zope.Public', 'Public',
+            """Special permission used for resources that are always public
+
+            The public permission is effectively an optimization, sine
+            it allows security computation to be bypassed.
+            """
+            )
+
+permissionRegistry = PermissionRegistry()
+
+# Register our cleanup with Testing.CleanUp to make writing unit tests simpler.
+from zope.testing.cleanup import addCleanUp
+addCleanUp(permissionRegistry._clear)
+del addCleanUp


=== Zope3/src/zope/app/security/registries/principalregistry.py 1.1 => 1.2 ===
--- /dev/null	Wed Dec 25 09:13:48 2002
+++ Zope3/src/zope/app/security/registries/principalregistry.py	Wed Dec 25 09:13:17 2002
@@ -0,0 +1,155 @@
+##############################################################################
+#
+# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.0 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""
+
+$Id$
+"""
+__metaclass__ = type
+
+from zope.exceptions import NotFoundError
+from zope.app.interfaces.security import ILoginPassword
+from zope.component import getAdapter, queryAdapter
+from zope.app.interfaces.security import IAuthenticationService
+from zope.app.interfaces.security import IPrincipal
+from zope.app.interfaces.security \
+     import IUnauthenticatedPrincipal
+
+class DuplicateLogin(Exception): pass
+class DuplicateId(Exception): pass
+
+class PrincipalRegistry:
+
+    __implements__ = IAuthenticationService
+
+    # Methods implementing IAuthenticationService
+
+    def authenticate(self, request):
+        a = queryAdapter(request, ILoginPassword, None)
+        if a is not None:
+            login = a.getLogin()
+            if login is not None:
+                p = self.__principalsByLogin.get(login, None)
+                if p is not None:
+                    password = a.getPassword()
+                    if p.validate(password):
+                        return p
+        return None
+
+    __defaultid = None
+    __defaultObject = None
+
+    def defineDefaultPrincipal(self, principal, title, description=''):
+        id = principal
+        if id in self.__principalsById:
+            raise DuplicateId(id)
+        self.__defaultid = id
+        p = UnauthenticatedPrincipal(principal, title, description)
+        self.__defaultObject = p
+        return p
+
+    def unauthenticatedPrincipal(self):
+        return self.__defaultObject
+
+    def unauthorized(self, id, request):
+        # XXX This is a mess. request has no place here!
+        if id is None or id is self.__defaultid:
+            a = getAdapter(request, ILoginPassword)
+            a.needLogin(realm="zope")
+
+    def getPrincipal(self, id):
+        r = self.__principalsById.get(id)
+        if r is None:
+            if id == self.__defaultid:
+                return self.__defaultObject
+            raise NotFoundError(id)
+        return r
+
+    def getPrincipalByLogin(self, login):
+        r = self.__principalsByLogin.get(login)
+        if r is None: raise NotFoundError(login)
+        return r
+
+    def getPrincipals(self, name):
+        name = name.lower()
+        return [p for p in self.__principalsById.itervalues()
+                  if p.getTitle().lower().startswith(name) or
+                     p.getLogin().lower().startswith(name)]
+
+    # Management methods
+
+    def __init__(self):
+        self.__principalsById={}
+        self.__principalsByLogin = {}
+
+    def definePrincipal(self, principal, title, description='',
+                        login='', password=''):
+        id=principal
+        if login in self.__principalsByLogin:
+            raise DuplicateLogin(login)
+
+        if id in self.__principalsById or id == self.__defaultid:
+            raise DuplicateId(id)
+
+        p = Principal(id, title, description, login, password)
+
+        self.__principalsByLogin[login]=p
+        self.__principalsById[id]=p
+
+        return p
+
+    def _clear(self):
+        self.__init__()
+
+principalRegistry=PrincipalRegistry()
+
+# Register our cleanup with Testing.CleanUp to make writing unit tests simpler.
+from zope.testing.cleanup import addCleanUp
+addCleanUp(principalRegistry._clear)
+del addCleanUp
+
+class PrincipalBase:
+
+    def __init__(self, id, title, description):
+        self.__id = id
+        self.__title = title
+        self.__description = description
+
+    def getId(self):
+        return self.__id
+
+    def getTitle(self):
+        return self.__title
+
+    def getDescription(self):
+        return self.__description
+
+class Principal(PrincipalBase):
+
+    __implements__ = IPrincipal
+
+    def __init__(self, id, title, description, login, pw):
+        super(Principal, self).__init__(id, title, description)
+        self.__login = login
+        self.__pw = pw
+
+    def getLogin(self):
+        return self.__login
+
+    def validate(self, pw):
+        return pw == self.__pw
+
+
+class UnauthenticatedPrincipal(PrincipalBase):
+
+    __implements__ = IUnauthenticatedPrincipal


=== Zope3/src/zope/app/security/registries/registeredobject.py 1.1 => 1.2 ===
--- /dev/null	Wed Dec 25 09:13:49 2002
+++ Zope3/src/zope/app/security/registries/registeredobject.py	Wed Dec 25 09:13:17 2002
@@ -0,0 +1,33 @@
+##############################################################################
+#
+# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.0 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""An implementation of things that can be registered in a Registry."""
+
+from zope.app.interfaces.security import IRegisteredObject
+
+class RegisteredObject(object):
+    __implements__ = IRegisteredObject
+
+    def __init__(self, id, title, description):
+        self._id = id
+        self._title = title
+        self._description = description
+
+    def getId(self):
+        return self._id
+
+    def getTitle(self):
+        return self._title
+
+    def getDescription(self):
+        return self._description


=== Zope3/src/zope/app/security/registries/registry.py 1.1 => 1.2 ===
--- /dev/null	Wed Dec 25 09:13:49 2002
+++ Zope3/src/zope/app/security/registries/registry.py	Wed Dec 25 09:13:17 2002
@@ -0,0 +1,69 @@
+##############################################################################
+#
+# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.0 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""Generic registry of ids to objects."""
+
+from zope.interface.verify import verifyClass
+from zope.app.interfaces.security import IRegisteredObject
+from zope.exceptions import ZopeError
+
+
+class AlreadyRegisteredError(ZopeError, ValueError):
+    """An attempt was made to register an object with an already registered id.
+    """
+
+
+class Registry:
+    def __init__(self, class_):
+        """Instantiate a generic registry.
+
+        class_ is the class of the thing that we're going to instantiate.
+        """
+        assert verifyClass(IRegisteredObject, class_)
+        self._class = class_
+        self._clear()
+
+    def register(self, id, title='', description=''):
+        """Create a registered object with the given id, title, and description
+
+        Register and return the object.  The empty string will be used if
+        either the optional title or description is omitted.  The id must be
+        unique.
+
+        If the id is already registered, an AlreadyRegisteredError is raised.
+        """
+        if id in self._byid:
+            raise AlreadyRegisteredError('Id is not unique: %s' % id)
+        obj = self._class(id, title, description)
+        self._byid[id] = obj
+        return obj
+
+    def is_registered(self, id):
+        """Return true if an object is registered with the given id.
+        Otherwise false is returned.
+        """
+        return id in self._byid
+
+    def getRegisteredObject(self, id):
+        """Return the object registered under the given id.
+        """
+        return self._byid.get(id)
+
+    def getRegisteredObjects(self):
+        """Return all registered objects.
+        """
+        return self._byid.values()
+
+    def _clear(self):
+        # Map ids to instantiated objects
+        self._byid = {}


=== Zope3/src/zope/app/security/registries/roleregistry.py 1.1 => 1.2 ===
--- /dev/null	Wed Dec 25 09:13:49 2002
+++ Zope3/src/zope/app/security/registries/roleregistry.py	Wed Dec 25 09:13:17 2002
@@ -0,0 +1,80 @@
+##############################################################################
+#
+# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.0 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""Global role registry."""
+
+PREFIX = 'Global Role'
+
+from zope.app.security.registries.registeredobject import RegisteredObject
+from zope.app.security.registries.registry import Registry
+from zope.app.interfaces.security import IRole
+from zope.app.interfaces.security import IRoleService
+
+class Role(RegisteredObject):
+    __implements__ = IRole
+
+
+class RoleRegistry(Registry):
+    __implements__ = IRoleService
+
+    def __init__(self, prefix=PREFIX):
+        Registry.__init__(self, Role)
+        self._prefix = prefix
+
+    def _make_global_id(self, suffix):
+        return self._prefix + '.' + suffix
+
+    def defineRole(self, role, title, description=None):
+        """Define a new role object, register, and return it.
+
+        role is the role name.
+
+        title is the role title, human readable.
+
+        description (optional) is human readable
+        """
+        if description is None:
+            description = ''
+        id = role
+        return self.register(id, title, description)
+
+    def definedRole(self, id):
+        """Return true if named role is registered, otherwise return false
+        """
+        return self.is_registered(id)
+
+    def getRole(self, id):
+        """Return role object registered as name.
+
+        If no named role is registered KeyError is raised.
+        """
+        return self.getRegisteredObject(id)
+
+    def getRoles(self):
+        """Return all registered role objects.
+        """
+        return self.getRegisteredObjects()
+
+    def _clear(self):
+        # Standard roles
+        Registry._clear(self)
+        self.register("Anonymous", "Everybody",
+                      "All users have this role implicitly")
+
+roleRegistry = RoleRegistry()
+
+
+# Register our cleanup with Testing.CleanUp to make writing unit tests simpler.
+from zope.testing.cleanup import addCleanUp
+addCleanUp(roleRegistry._clear)
+del addCleanUp