[Zope3-checkins] SVN: Zope3/trunk/src/ Merged from ZopeX3-3.0 branch:

Jim Fulton jim at zope.com
Mon Aug 23 19:42:11 EDT 2004


Log message for revision 27237:
  Merged from ZopeX3-3.0 branch:
  
    r27201 | jim | 2004-08-20 18:14:11 -0400 (Fri, 20 Aug 2004) | 2 lines
  
    Removed unneeded removeAllProxies calls.
  
    ------------------------------------------------------------------------
    r27200 | jim | 2004-08-20 17:47:26 -0400 (Fri, 20 Aug 2004) | 2 lines
  
    Removed unneeded removeAllProxies calls.
  
    ------------------------------------------------------------------------
    r27199 | jim | 2004-08-20 17:42:45 -0400 (Fri, 20 Aug 2004) | 2 lines
  
    Converted removeAllProxies calls to the prefered removeSecurityProxy.
  
    ------------------------------------------------------------------------
    r27198 | jim | 2004-08-20 17:07:23 -0400 (Fri, 20 Aug 2004) | 2 lines
  
    Converted a package with one module to a regulat module.
  
    ------------------------------------------------------------------------
    r27197 | jim | 2004-08-20 17:05:39 -0400 (Fri, 20 Aug 2004) | 2 lines
  
    Made the dependency subscriber trusted
  
    ------------------------------------------------------------------------
    r27196 | jim | 2004-08-20 17:05:37 -0400 (Fri, 20 Aug 2004) | 8 lines
  
    Converted removeAllProxies calls to the prefered removeSecurityProxy.
  
    D      src/zope/app/security/interfaces
    D      src/zope/app/security/interfaces/__init__.py
    A  +   src/zope/app/security/interfaces.py
  
    Converted a package with one module to a regulat module.
  
    ------------------------------------------------------------------------
    r27195 | jim | 2004-08-20 16:29:43 -0400 (Fri, 20 Aug 2004) | 4 lines
  
  
    Added a zapi.isinstance method that works with security proxies.
  
  
    ------------------------------------------------------------------------
    r27194 | jim | 2004-08-20 15:26:59 -0400 (Fri, 20 Aug 2004) | 3 lines
  
    Added some defensive programming to work around a lame implicit Python
    string-formatting behavior.
  
    ------------------------------------------------------------------------
    r27193 | jim | 2004-08-20 15:26:57 -0400 (Fri, 20 Aug 2004) | 2 lines
  
    Removed unneeded removeAllProxies call
  
    ------------------------------------------------------------------------
    r27192 | jim | 2004-08-20 15:26:55 -0400 (Fri, 20 Aug 2004) | 3 lines
  
    Fixed a problem with the security dclarations to make calling
    removeAllProxies unnecessary.
  
    ------------------------------------------------------------------------
    r27191 | jim | 2004-08-20 14:20:12 -0400 (Fri, 20 Aug 2004) | 2 lines
  
    Removed unneeded removeAllProxies calls.
  
    ------------------------------------------------------------------------
    r27190 | jim | 2004-08-20 14:20:07 -0400 (Fri, 20 Aug 2004) | 2 lines
  
    Converted removeAllProxies calls to the prefered removeSecurityProxy.
  
    ------------------------------------------------------------------------
    r27189 | jim | 2004-08-20 13:02:06 -0400 (Fri, 20 Aug 2004) | 6 lines
  
    Added "trusted" option for defining trusted subscribers.
  
    Deprecated zope.security.trustedRemoveSecurityProxy and
    zope.security.getProxiedObject. Use zope.security.removeSecurityProxy
    instead.  (This should also be used rather than removeAllProxies.)
  
    ------------------------------------------------------------------------
    r27188 | jim | 2004-08-20 13:02:03 -0400 (Fri, 20 Aug 2004) | 4 lines
  
    Deprecated zope.security.trustedRemoveSecurityProxy and
    zope.security.getProxiedObject. Use zope.security.removeSecurityProxy
    instead.  (This should also be used rather than removeAllProxies.)
  
  
  Also converted additional removeAllProxies calls to the prefered
  removeSecurityProxy. (These were on the trunk, but not the branch.)
  
  
  


Changed:
  U   Zope3/trunk/src/bugtracker/exportimport.py
  U   Zope3/trunk/src/bugtracker/vocabulary.py
  U   Zope3/trunk/src/zope/app/adapter/adapter.py
  U   Zope3/trunk/src/zope/app/component/localservice.py
  U   Zope3/trunk/src/zope/app/component/metaconfigure.py
  U   Zope3/trunk/src/zope/app/component/metadirectives.py
  U   Zope3/trunk/src/zope/app/component/tests/test_directives.py
  U   Zope3/trunk/src/zope/app/container/browser/adding.py
  U   Zope3/trunk/src/zope/app/container/configure.zcml
  U   Zope3/trunk/src/zope/app/container/contained.py
  U   Zope3/trunk/src/zope/app/container/dependency.py
  U   Zope3/trunk/src/zope/app/container/directory.py
  U   Zope3/trunk/src/zope/app/dav/propfind.py
  U   Zope3/trunk/src/zope/app/externaleditor/browser/__init__.py
  U   Zope3/trunk/src/zope/app/form/browser/itemswidgets.py
  U   Zope3/trunk/src/zope/app/ftp/__init__.py
  U   Zope3/trunk/src/zope/app/i18n/browser/synchronize.py
  U   Zope3/trunk/src/zope/app/i18n/messagecatalog.py
  U   Zope3/trunk/src/zope/app/interface/vocabulary.py
  U   Zope3/trunk/src/zope/app/module/__init__.py
  U   Zope3/trunk/src/zope/app/onlinehelp/browser/__init__.py
  U   Zope3/trunk/src/zope/app/onlinehelp/configure.zcml
  U   Zope3/trunk/src/zope/app/pagetemplate/engine.py
  U   Zope3/trunk/src/zope/app/publication/zopepublication.py
  U   Zope3/trunk/src/zope/app/registration/registration.py
  U   Zope3/trunk/src/zope/app/schema/schema.py
  U   Zope3/trunk/src/zope/app/schemacontent/browser/__init__.py
  U   Zope3/trunk/src/zope/app/schemacontent/content.py
  U   Zope3/trunk/src/zope/app/security/adapter.py
  D   Zope3/trunk/src/zope/app/security/interfaces/
  A   Zope3/trunk/src/zope/app/security/interfaces.py
  U   Zope3/trunk/src/zope/app/securitypolicy/zopepolicy.py
  U   Zope3/trunk/src/zope/app/site/browser/__init__.py
  U   Zope3/trunk/src/zope/app/uniqueid/__init__.py
  U   Zope3/trunk/src/zope/app/uniqueid/browser/__init__.py
  U   Zope3/trunk/src/zope/app/utility/browser/__init__.py
  U   Zope3/trunk/src/zope/app/utility/utility.py
  U   Zope3/trunk/src/zope/app/workflow/stateful/browser/contentworkflow.py
  U   Zope3/trunk/src/zope/app/workflow/stateful/browser/definition.py
  U   Zope3/trunk/src/zope/app/workflow/stateful/browser/instance.py
  U   Zope3/trunk/src/zope/app/workflow/stateful/xmlimportexport.py
  U   Zope3/trunk/src/zope/app/zapi/__init__.py
  U   Zope3/trunk/src/zope/app/zapi/interfaces.py
  A   Zope3/trunk/src/zope/app/zapi/tests.py
  U   Zope3/trunk/src/zope/app/zptpage/zptpage.py
  U   Zope3/trunk/src/zope/security/checker.py
  U   Zope3/trunk/src/zope/security/proxy.py
  U   Zope3/trunk/src/zope/security/tests/test_checker.py
  U   Zope3/trunk/src/zope/security/tests/test_proxy.py


-=-
Modified: Zope3/trunk/src/bugtracker/exportimport.py
===================================================================
--- Zope3/trunk/src/bugtracker/exportimport.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/bugtracker/exportimport.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -25,7 +25,7 @@
 from zope.i18n.locales import locales
 from zope.publisher.browser import TestRequest
 from zope.schema.vocabulary import getVocabularyRegistry
-from zope.security.proxy import trustedRemoveSecurityProxy 
+from zope.security.proxy import removeSecurityProxy 
 
 from zope.app import zapi
 from zope.app.dublincore.interfaces import IZopeDublinCore
@@ -279,7 +279,7 @@
         registry = getVocabularyRegistry()
         vocab = registry.get(self.context, self.vocab_name)
         # TODO: I do not understand why my security does not work here.
-        vocab = trustedRemoveSecurityProxy(vocab)
+        vocab = removeSecurityProxy(vocab)
         vocab.add(attrs.get('value'), attrs.get('title'))
         if attrs.get('default', None) is not None:
             vocab.default = attrs.get('value')

Modified: Zope3/trunk/src/bugtracker/vocabulary.py
===================================================================
--- Zope3/trunk/src/bugtracker/vocabulary.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/bugtracker/vocabulary.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -22,7 +22,7 @@
 from zope.schema.interfaces import ITokenizedTerm
 from zope.schema.interfaces import IVocabulary, IVocabularyTokenized
 from zope.schema.vocabulary import getVocabularyRegistry
-from zope.security.proxy import trustedRemoveSecurityProxy 
+from zope.security.proxy import removeSecurityProxy 
 
 from zope.app import zapi
 from zope.app.annotation.interfaces import IAnnotatable, IAnnotations
@@ -172,7 +172,7 @@
 
     def __init__(self, principal):
         # This is safe here, since we only read non-critical data
-        naked = trustedRemoveSecurityProxy(principal)
+        naked = removeSecurityProxy(principal)
         self.principal = {'id': naked.id,
                           'login': naked.getLogin(),
                           'title': naked.title,

Modified: Zope3/trunk/src/zope/app/adapter/adapter.py
===================================================================
--- Zope3/trunk/src/zope/app/adapter/adapter.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/app/adapter/adapter.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -23,7 +23,7 @@
 from zope.app.registration.registration import NotifyingRegistrationStack
 from zope.interface.adapter import adapterImplied, Default
 from zope.interface.adapter import Surrogate, AdapterRegistry
-from zope.proxy import removeAllProxies
+from zope.security.proxy import removeSecurityProxy
 import sys
 import zope.app.component.localservice
 import zope.app.container.contained
@@ -166,7 +166,7 @@
                     # (Why can't we?)  we need to think more about
                     # why/if this is truly safe
                     
-                    radapters[key] = removeAllProxies(registration.factory)
+                    radapters[key] = removeSecurityProxy(registration.factory)
 
     def adaptersChanged(self, *args):
 

Modified: Zope3/trunk/src/zope/app/component/localservice.py
===================================================================
--- Zope3/trunk/src/zope/app/component/localservice.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/app/component/localservice.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -25,7 +25,7 @@
 from zope.testing.cleanup import addCleanUp
 from zope.app.component.hooks import setSite
 from zope.component.service import IGlobalServiceManager
-from zope.security.proxy import trustedRemoveSecurityProxy
+from zope.security.proxy import removeSecurityProxy
 
 # placeful service manager convenience tools
 
@@ -78,7 +78,7 @@
     """
     services = getLocalServices(context).next
     if IGlobalServiceManager.providedBy(services):
-        services = trustedRemoveSecurityProxy(services)
+        services = removeSecurityProxy(services)
     return services
 
 def queryNextServices(context, default=None):

Modified: Zope3/trunk/src/zope/app/component/metaconfigure.py
===================================================================
--- Zope3/trunk/src/zope/app/component/metaconfigure.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/app/component/metaconfigure.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -75,7 +75,8 @@
 
     return ob
 
-def subscriber(_context, factory, for_, provides=None, permission=None):
+def subscriber(_context, factory, for_, provides=None, permission=None,
+               trusted=False):
     factory = [factory]
 
     if permission is not None:
@@ -100,6 +101,9 @@
                 ob = f(ob)
             return ob
 
+    if trusted:
+        factory = TrustedAdapterFactory(factory)
+
     _context.action(
         discriminator = None,
         callable = handler,

Modified: Zope3/trunk/src/zope/app/component/metadirectives.py
===================================================================
--- Zope3/trunk/src/zope/app/component/metadirectives.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/app/component/metadirectives.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -234,6 +234,20 @@
         required=False
         )
 
+    trusted = zope.configuration.fields.Bool(
+        title=u"Trusted",
+        description=u"""Make the subscriber a trusted subscriber
+
+        Trusted subscribers have unfettered access to the objects they
+        adapt.  If asked to adapt security-proxied objects, then,
+        rather than getting an unproxied subscriber of security-proxied
+        objects, you get a security-proxied subscriber of unproxied
+        objects.
+        """,
+        required=False,
+        default=False,
+        )
+
 class IUtilityDirective(IBasicComponentInformation):
     """Register a utility"""
 

Modified: Zope3/trunk/src/zope/app/component/tests/test_directives.py
===================================================================
--- Zope3/trunk/src/zope/app/component/tests/test_directives.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/app/component/tests/test_directives.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -28,7 +28,7 @@
 from zope.configuration.xmlconfig import xmlconfig, XMLConfig
 from zope.configuration.exceptions import ConfigurationError
 
-from zope.proxy import getProxiedObject
+from zope.security.proxy import removeSecurityProxy
 from zope.security.proxy import getTestProxyItems
 
 import zope.app.component
@@ -124,6 +124,47 @@
         self.assertEqual(a3.__class__, A3)
         self.assertEqual(a3.context, (content, a1))
 
+    def testTrustedSubscriber(self):
+        from zope.app.component.tests.adapter import A1, A2, A3, I3
+        from zope.app.component.tests.adapter import IS
+        from zope.component.tests.components import Content
+
+        xmlconfig(StringIO(template % (
+            """
+            <subscriber
+              provides="zope.app.component.tests.adapter.IS"
+              factory="zope.app.component.tests.adapter.A3"
+              for="zope.component.tests.components.IContent
+                   zope.app.component.tests.adapter.I1"
+              trusted="yes"
+              />
+            """
+            )))
+
+        # With an unproxied object, business as usual
+        content = Content()
+        a1 = A1()
+        subscribers = zapi.subscribers((content, a1), IS)
+
+        a3 = subscribers[0]
+
+        self.assertEqual(a3.__class__, A3)
+        self.assertEqual(a3.context, (content, a1))
+
+        # Now with a proxied object:
+        from zope.security.checker import ProxyFactory
+        p = ProxyFactory(content)
+
+        # we get a proxied subscriber:
+        a3 = zapi.subscribers((p, a1), IS)[0]
+        from zope.security.proxy import Proxy
+        self.assertEqual(type(a3), Proxy)
+
+
+        # around an unproxied object:
+        from zope.security.proxy import removeSecurityProxy
+        self.assert_(removeSecurityProxy(a3).context[0] is content)
+
     def testSubscriber_w_no_provides(self):
         from zope.app.component.tests.adapter import A1, A2, Handler, I3
         from zope.component.tests.components import Content
@@ -211,7 +252,7 @@
             """
             )))
 
-        # With an unproxied object, busoness as usual
+        # With an unproxied object, business as usual
         ob = Content()
         self.assertEqual(type(I1(ob)), type(A1()))
 
@@ -225,9 +266,9 @@
         self.assertEqual(type(a), Proxy)
 
         # around an unproxied object:
-        from zope.security.proxy import getProxiedObject
-        a = getProxiedObject(a)
-        a.context[0] is ob
+        from zope.security.proxy import removeSecurityProxy
+        a = removeSecurityProxy(a)
+        self.assert_(a.context[0] is ob)
         
         
 
@@ -398,7 +439,7 @@
         adapter = ProxyFactory(IApp(Content()))
         items = [item[0] for item in getTestProxyItems(adapter)]
         self.assertEqual(items, ['a', 'f'])
-        self.assertEqual(getProxiedObject(adapter).__class__, Comp)
+        self.assertEqual(removeSecurityProxy(adapter).__class__, Comp)
 
     def testAdapterUndefinedPermission(self):
         config = StringIO(template % (
@@ -490,7 +531,7 @@
         utility = ProxyFactory(zapi.getUtility(IApp))
         items = [item[0] for item in getTestProxyItems(utility)]
         self.assertEqual(items, ['a', 'f'])
-        self.assertEqual(getProxiedObject(utility), comp)
+        self.assertEqual(removeSecurityProxy(utility), comp)
 
     def testUtilityUndefinedPermission(self):
         config = StringIO(template % (

Modified: Zope3/trunk/src/zope/app/container/browser/adding.py
===================================================================
--- Zope3/trunk/src/zope/app/container/browser/adding.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/app/container/browser/adding.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -24,7 +24,7 @@
 import zope.security.checker
 from zope.interface import implements
 from zope.publisher.interfaces import IPublishTraverse
-from zope.proxy import removeAllProxies
+from zope.security.proxy import removeSecurityProxy
 from zope.component.interfaces import IFactory
 
 from zope.app.exception.interfaces import UserError
@@ -151,7 +151,7 @@
         # Note that it is important to do this here, rather than
         # in add, otherwise, someone might be able to trick add
         # into unproxying an existing object,
-        content = removeAllProxies(content)
+        content = removeSecurityProxy(content)
 
         notify(ObjectCreatedEvent(content))
 

Modified: Zope3/trunk/src/zope/app/container/configure.zcml
===================================================================
--- Zope3/trunk/src/zope/app/container/configure.zcml	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/app/container/configure.zcml	2004-08-23 23:42:11 UTC (rev 27237)
@@ -46,6 +46,7 @@
   <subscriber
       factory=".dependency.CheckDependency"
       for="zope.app.container.interfaces.IObjectRemovedEvent"
+      trusted="y"
       />
 
   <subscriber

Modified: Zope3/trunk/src/zope/app/container/contained.py
===================================================================
--- Zope3/trunk/src/zope/app/container/contained.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/app/container/contained.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -17,7 +17,6 @@
 """
 __docformat__ = 'restructuredtext'
 
-from zope.proxy import getProxiedObject
 from zope.exceptions import DuplicationError
 from zope.security.checker import selectChecker, CombinedChecker
 

Modified: Zope3/trunk/src/zope/app/container/dependency.py
===================================================================
--- Zope3/trunk/src/zope/app/container/dependency.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/app/container/dependency.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -19,15 +19,9 @@
 
 from zope.app import zapi
 from zope.app.dependable.interfaces import IDependable, DependencyError
-from zope.proxy import removeAllProxies
 
 def CheckDependency(event):
-
-    # We have to remove the proxies here to be able to get at
-    # annotations. Perhaps this should be a trusted subscriber, but we
-    # don't have those yet.
-
-    object = removeAllProxies(event.object)
+    object = event.object
     dependency = IDependable(object, None)
     if dependency is not None:
         dependents = dependency.dependents()

Modified: Zope3/trunk/src/zope/app/container/directory.py
===================================================================
--- Zope3/trunk/src/zope/app/container/directory.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/app/container/directory.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -26,7 +26,7 @@
 __docformat__ = 'restructuredtext'
 
 import zope.app.filerepresentation.interfaces
-from zope.proxy import removeAllProxies
+from zope.security.proxy import removeSecurityProxy
 from zope.interface import implements
 
 def noop(container):
@@ -51,7 +51,12 @@
         self.context = context
 
     def __call__(self, name):
-        # We remove all of the proxies so we can actually
-        # call the class. This should be OK as we are only
-        # calling this for objects that get this adapter.
-        return removeAllProxies(self.context).__class__()
+        
+        # We remove the security proxy so we can actually call the
+        # class and return an unproxied new object.  (We can't use a
+        # trusted adapter, because the result must be unproxied.)  By
+        # registering this adapter, one effectively gives permission
+        # to clone the class.  Don't use this for classes that have
+        # exciting side effects as a result of instantiation. :)
+
+        return removeSecurityProxy(self.context).__class__()

Modified: Zope3/trunk/src/zope/app/dav/propfind.py
===================================================================
--- Zope3/trunk/src/zope/app/dav/propfind.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/app/dav/propfind.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -16,7 +16,6 @@
 __docformat__ = 'restructuredtext'
 
 from xml.dom import minidom
-from zope.proxy import removeAllProxies
 from zope.schema import getFieldNamesInOrder
 from zope.app import zapi
 from zope.app.container.interfaces import IReadContainer
@@ -134,8 +133,8 @@
                         value = response.createTextNode(value)
                         el.appendChild(value)
                     else:
-                        if isinstance(removeAllProxies(value), minidom.Node):
-                            el.appendChild(removeAllProxies(value))
+                        if zapi.isinstance(value, minidom.Node):
+                            el.appendChild(value)
                         else:
                             # Try to string-ify
                             value = str(getattr(self, p+'_widget'))

Modified: Zope3/trunk/src/zope/app/externaleditor/browser/__init__.py
===================================================================
--- Zope3/trunk/src/zope/app/externaleditor/browser/__init__.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/app/externaleditor/browser/__init__.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -20,7 +20,7 @@
 from zope.app.filerepresentation.interfaces import IReadFile, IWriteFile
 from zope.app.interface import queryType
 from zope.app.content.interfaces import IContentType
-from zope.security.proxy import trustedRemoveSecurityProxy
+from zope.security.proxy import removeSecurityProxy
 
 class ExternalEditor(BrowserView):
 
@@ -44,9 +44,9 @@
         # in Zope3, so we try to get as far as we can
         # using IContentType, which is a marker interface
 
-        # Had to use trustedRemoveSecurityProxy because
+        # Had to use removeSecurityProxy because
         # I was getting unauthorized on __iro__
-        meta_type = queryType(trustedRemoveSecurityProxy(context), IContentType)
+        meta_type = queryType(removeSecurityProxy(context), IContentType)
         if meta_type:
             r.append('meta_type:%s' % meta_type.__name__)
 

Modified: Zope3/trunk/src/zope/app/form/browser/itemswidgets.py
===================================================================
--- Zope3/trunk/src/zope/app/form/browser/itemswidgets.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/app/form/browser/itemswidgets.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -20,7 +20,6 @@
 from xml.sax.saxutils import escape
 from zope.interface import implements
 from zope.i18n import translate
-from zope.proxy import removeAllProxies
 from zope.schema.interfaces import ValidationError, InvalidValue
 from zope.schema.interfaces import ConstraintNotSatisfied, ITitledTokenizedTerm
 

Modified: Zope3/trunk/src/zope/app/ftp/__init__.py
===================================================================
--- Zope3/trunk/src/zope/app/ftp/__init__.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/app/ftp/__init__.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -20,7 +20,6 @@
 
 from zope.interface import implements
 from zope.component import queryAdapter
-from zope.proxy import removeAllProxies
 from zope.publisher.interfaces.ftp import IFTPPublisher
 
 from zope.app.filerepresentation.interfaces import IReadFile, IWriteFile
@@ -161,10 +160,10 @@
     def _overwrite(self, name, instream, start=None, end=None, append=False):
         file = self._dir[name]
         if append:
-            reader = removeAllProxies(IReadFile(file, None))
+            reader = IReadFile(file, None)
             data = reader.read() + instream.read()
         elif start is not None or end is not None:
-            reader = removeAllProxies(IReadFile(file, None))
+            reader = IReadFile(file, None)
             data = reader.read()
             if start is not None:
                 prefix = data[:start]

Modified: Zope3/trunk/src/zope/app/i18n/browser/synchronize.py
===================================================================
--- Zope3/trunk/src/zope/app/i18n/browser/synchronize.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/app/i18n/browser/synchronize.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -22,7 +22,7 @@
 import xmlrpclib
 from base64 import encodestring
 
-from zope.security.proxy import trustedRemoveSecurityProxy
+from zope.security.proxy import removeSecurityProxy
 
 from zope.app.i18n.browser import BaseView
 from zope.app.i18n import ZopeMessageIDFactory as _
@@ -124,7 +124,7 @@
 
     def queryMessageItems(self):
         items = self.queryMessages().items()
-        items = trustedRemoveSecurityProxy(items)
+        items = removeSecurityProxy(items)
         items.sort(lambda x, y: cmp(x[0][0] + x[0][1], y[0][0]+y[0][1]))
         return items
 

Modified: Zope3/trunk/src/zope/app/i18n/messagecatalog.py
===================================================================
--- Zope3/trunk/src/zope/app/i18n/messagecatalog.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/app/i18n/messagecatalog.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -22,7 +22,6 @@
 
 from BTrees.OOBTree import OOBTree
 from persistent import Persistent
-from zope.proxy import removeAllProxies
 from zope.component.interfaces import IFactory
 from zope.app.i18n.interfaces import ILocalMessageCatalog
 
@@ -43,11 +42,11 @@
 
     def getMessage(self, id):
         'See `IReadMessageCatalog`'
-        return removeAllProxies(self._messages[id][0])
+        return self._messages[id][0]
 
     def queryMessage(self, id, default=None):
         'See `IReadMessageCatalog`'
-        result = removeAllProxies(self._messages.get(id))
+        result = self._messages.get(id)
         if result is not None:
             result = result[0]
         else:
@@ -60,7 +59,7 @@
 
     def getFullMessage(self, msgid):
         'See `IWriteMessageCatalog`'
-        message = removeAllProxies(self._messages[msgid])
+        message = self._messages[msgid]
         return {'domain'   : self.domain,
                 'language' : self.language,
                 'msgid'    : msgid,

Modified: Zope3/trunk/src/zope/app/interface/vocabulary.py
===================================================================
--- Zope3/trunk/src/zope/app/interface/vocabulary.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/app/interface/vocabulary.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -18,7 +18,7 @@
 __docformat__ = 'restructuredtext'
 
 from zope.interface import providedBy
-from zope.security.proxy import trustedRemoveSecurityProxy
+from zope.security.proxy import removeSecurityProxy
 from zope.schema.vocabulary import SimpleVocabulary, SimpleTerm 
 from zope.app.introspector import interfaceToName
 
@@ -52,7 +52,7 @@
     """
 
     def __init__(self, context):
-        component = trustedRemoveSecurityProxy(context)
+        component = removeSecurityProxy(context)
         interfaces = providedBy(component).flattened()
         terms = [SimpleTerm(interface, interfaceToName(context, interface))
                  for interface in interfaces]

Modified: Zope3/trunk/src/zope/app/module/__init__.py
===================================================================
--- Zope3/trunk/src/zope/app/module/__init__.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/app/module/__init__.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -20,7 +20,7 @@
 from persistent import Persistent
 from zodbcode.module import PersistentModule, compileModule
 from zope.interface import implements
-from zope.security.proxy import trustedRemoveSecurityProxy
+from zope.security.proxy import removeSecurityProxy
 
 from zope.app.annotation.interfaces import IAttributeAnnotatable
 from zope.app.filerepresentation.interfaces import IFileFactory
@@ -62,7 +62,7 @@
         # the modules will be proxied.
         # When we do support untrusted code, we're going to have to do
         # something different.
-        folder = trustedRemoveSecurityProxy(folder)
+        folder = removeSecurityProxy(folder)
 
         compileModule(mod, folder, self.source)
         self._recompile = False

Modified: Zope3/trunk/src/zope/app/onlinehelp/browser/__init__.py
===================================================================
--- Zope3/trunk/src/zope/app/onlinehelp/browser/__init__.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/app/onlinehelp/browser/__init__.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -17,8 +17,6 @@
 """
 __docformat__ = 'restructuredtext'
 
-from zope.proxy import removeAllProxies
-
 from zope.app import zapi
 from zope.app.pagetemplate.viewpagetemplatefile import ViewPageTemplateFile
 from zope.app.publisher.interfaces.browser import IBrowserView
@@ -78,7 +76,7 @@
         source = zapi.createObject(None,
                                    self.context.type,
                                    self.context.source)
-        view = zapi.getView(removeAllProxies(source), '', self.request)
+        view = zapi.getView(source, '', self.request)
         html = view.render()
         return html
 
@@ -96,7 +94,7 @@
         source = zapi.createObject(None,
                                    topic.type,
                                    topic.source)
-        view = zapi.getView(removeAllProxies(source), '', self.request)
+        view = zapi.getView(source, '', self.request)
         html = view.render()
         return html
 
@@ -118,7 +116,7 @@
         if self.topic is not None:
             return self.topic
 
-        onlinehelp = removeAllProxies(self.context)
+        onlinehelp = self.context
         help_context = onlinehelp.context
         self.topic = None
         if IBrowserView.providedBy(help_context):

Modified: Zope3/trunk/src/zope/app/onlinehelp/configure.zcml
===================================================================
--- Zope3/trunk/src/zope/app/onlinehelp/configure.zcml	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/app/onlinehelp/configure.zcml	2004-08-23 23:42:11 UTC (rev 27237)
@@ -11,6 +11,17 @@
         />
   </content>
 
+  <content class=".onlinehelp.OnlineHelp">
+    <require
+        permission="zope.View"
+        interface=".interfaces.IOnlineHelpTopic"
+        />
+    <require
+        permission="zope.View"
+        attributes="context"
+        />
+  </content>
+
   <content class=".onlinehelptopic.OnlineHelpResource">
     <require
         permission="zope.View"
@@ -21,7 +32,6 @@
   <!-- Setup OnlineHelp Root as a Utility -->
   <utility
       provides=".interfaces.IOnlineHelp"
-      permission="zope.View"
       component="zope.app.onlinehelp.help"
       name="OnlineHelp" />
 

Modified: Zope3/trunk/src/zope/app/pagetemplate/engine.py
===================================================================
--- Zope3/trunk/src/zope/app/pagetemplate/engine.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/app/pagetemplate/engine.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -30,7 +30,6 @@
 
 from zope.component.exceptions import ComponentLookupError
 from zope.exceptions import NotFoundError
-from zope.proxy import removeAllProxies
 from zope.security.untrustedpython import rcompile
 from zope.security.proxy import ProxyFactory
 from zope.security.untrustedpython.builtins import SafeBuiltins
@@ -109,15 +108,11 @@
 
     def evaluateMacro(self, expr):
         macro = Context.evaluateMacro(self, expr)
-        macro = removeAllProxies(macro)
         return macro
 
     def translate(self, msgid, domain=None, mapping=None, default=None):
-        # When running Zope, request is a Proxy, but no mutation is done here,
-        # so it is safe to remove all proxies
-        request = removeAllProxies(self.request)
         return translate(msgid, domain, mapping,
-                         context=request, default=default)
+                         context=self.request, default=default)
 
     evaluateInlineCode = False
 

Modified: Zope3/trunk/src/zope/app/publication/zopepublication.py
===================================================================
--- Zope3/trunk/src/zope/app/publication/zopepublication.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/app/publication/zopepublication.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -33,7 +33,7 @@
 from zope.publisher.interfaces import IRequest, IPublication
 from zope.security.management import newInteraction, endInteraction
 from zope.security.checker import ProxyFactory
-from zope.security.proxy import trustedRemoveSecurityProxy
+from zope.security.proxy import removeSecurityProxy
 
 from zope.app import zapi
 from zope.app.applicationcontrol.applicationcontrol \
@@ -172,7 +172,7 @@
         txn.setUser(request.principal.id)
 
         # Work around methods that are usually used for views
-        bare = trustedRemoveSecurityProxy(ob)
+        bare = removeSecurityProxy(ob)
         if isinstance(bare, instancemethod):
             ob = bare.im_self
 

Modified: Zope3/trunk/src/zope/app/registration/registration.py
===================================================================
--- Zope3/trunk/src/zope/app/registration/registration.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/app/registration/registration.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -25,7 +25,7 @@
 from zope.exceptions import DuplicationError
 from zope.proxy import removeAllProxies, getProxiedObject
 from zope.security.checker import InterfaceChecker, CheckerPublic
-from zope.security.proxy import Proxy, trustedRemoveSecurityProxy
+from zope.security.proxy import Proxy, removeSecurityProxy
 
 from zope.app import zapi
 from zope.app.annotation.interfaces import IAttributeAnnotatable
@@ -619,7 +619,7 @@
                 # There should be at most one security Proxy around an object.
                 # So, if we're going to add a new security proxy, we need to
                 # remove any existing one.
-                component = trustedRemoveSecurityProxy(component)
+                component = removeSecurityProxy(component)
 
             interface = self.getInterface()
 

Modified: Zope3/trunk/src/zope/app/schema/schema.py
===================================================================
--- Zope3/trunk/src/zope/app/schema/schema.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/app/schema/schema.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -21,7 +21,7 @@
 from persistent.dict import PersistentDict
 from zope.interface import Interface, implements
 
-from zope.security.proxy import trustedRemoveSecurityProxy
+from zope.security.proxy import removeSecurityProxy
 from zope.proxy import removeAllProxies
 from zope.app import zapi
 from zope.app.container.browser.adding import Adding

Modified: Zope3/trunk/src/zope/app/schemacontent/browser/__init__.py
===================================================================
--- Zope3/trunk/src/zope/app/schemacontent/browser/__init__.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/app/schemacontent/browser/__init__.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -30,7 +30,7 @@
 from zope.publisher.interfaces import IPublishTraverse
 from zope.schema import getFieldsInOrder, Choice
 from zope.security.checker import CheckerPublic
-from zope.security.proxy import trustedRemoveSecurityProxy
+from zope.security.proxy import removeSecurityProxy
 
 class ContentComponentPermissionEdit(EditView):
 
@@ -90,7 +90,7 @@
             self.buildPermissionWidgets()
         elif 'CHANGE' in self.request:
             schema = self.context.schema
-            perms = trustedRemoveSecurityProxy(self.context.permissions)
+            perms = removeSecurityProxy(self.context.permissions)
             for name, field in getFieldsInOrder(schema):
                 getPermWidget = getattr(self, name+'_get_perm_widget')
                 setPermWidget = getattr(self, name+'_set_perm_widget')
@@ -118,7 +118,7 @@
         schema = self.context.schema
         info = []
         for name, field in getFieldsInOrder(schema):
-            field = trustedRemoveSecurityProxy(field)
+            field = removeSecurityProxy(field)
             info.append(
                 {'fieldName': name,
                  'fieldTitle': field.title,

Modified: Zope3/trunk/src/zope/app/schemacontent/content.py
===================================================================
--- Zope3/trunk/src/zope/app/schemacontent/content.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/app/schemacontent/content.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -33,7 +33,7 @@
 from zope.interface import directlyProvides, implements
 from zope.schema import getFields
 from zope.security.checker import CheckerPublic, Checker, defineChecker
-from zope.security.proxy import trustedRemoveSecurityProxy
+from zope.security.proxy import removeSecurityProxy
 
 from interfaces import IContentComponentDefinition, IContentComponentMenuItem
 from interfaces import IContentComponentInstance
@@ -268,7 +268,7 @@
         appropriate menu.
         """
         component = self.getComponent()
-        component = trustedRemoveSecurityProxy(component)
+        component = removeSecurityProxy(component)
         component.name = self.name
         IContentComponentMenuItem(component).createMenuItem()
 
@@ -276,7 +276,7 @@
         """Once activated, we have to unregister the new Content Object with
         the appropriate menu."""
         component = self.getComponent()
-        component = trustedRemoveSecurityProxy(component)
+        component = removeSecurityProxy(component)
         component.name = None
         IContentComponentMenuItem(component).removeMenuItem()
 

Modified: Zope3/trunk/src/zope/app/security/adapter.py
===================================================================
--- Zope3/trunk/src/zope/app/security/adapter.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/app/security/adapter.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -17,7 +17,7 @@
 """
 
 from zope.security.checker import ProxyFactory
-from zope.security.proxy import getProxiedObject
+from zope.security.proxy import removeSecurityProxy
 from zope.app.location import ILocation, Location
 
 class TrustedAdapterFactory(object):
@@ -68,7 +68,7 @@
        And the object proxied is not.  (We actually have to remove the
        adapter to get to the adapted object in this case.)
 
-         >>> a = getProxiedObject(a)
+         >>> a = removeSecurityProxy(a)
          >>> type(a.context).__name__
          'list'
 
@@ -86,14 +86,14 @@
          >>> a = TM(p, o2, o3)
          >>> type(a).__name__
          '_Proxy'
-         >>> a = getProxiedObject(a)
+         >>> a = removeSecurityProxy(a)
          >>> a.context[0] is o, a.context[1] is o2, a.context[2] is o3
          (True, True, True)
 
          >>> a = TM(p, ProxyFactory(o2), ProxyFactory(o3))
          >>> type(a).__name__
          '_Proxy'
-         >>> a = getProxiedObject(a)
+         >>> a = removeSecurityProxy(a)
          >>> a.context[0] is o, a.context[1] is o2, a.context[2] is o3
          (True, True, True)
 
@@ -116,10 +116,11 @@
 
          >>> TL(o).__parent__ is o
          True
-         >>> getProxiedObject(TL(p)).__parent__ is o
+         >>> removeSecurityProxy(TL(p)).__parent__ is o
          True
 
-       The factory adapter has the __name__ and __module__ of the factory it adapts:
+       The factory adapter has the __name__ and __module__ of the
+       factory it adapts:
 
          >>> (TA.__module__, TA.__name__) == (A.__module__, A.__name__)
          True
@@ -133,8 +134,8 @@
 
     def __call__(self, *args):
         for arg in args:
-            if getProxiedObject(arg) is not arg:
-                args = map(getProxiedObject, args)
+            if removeSecurityProxy(arg) is not arg:
+                args = map(removeSecurityProxy, args)
                 adapter = self.factory(*args)
                 if (ILocation.providedBy(adapter)
                     and adapter.__parent__ is None):

Copied: Zope3/trunk/src/zope/app/security/interfaces.py (from rev 27201, Zope3/branches/ZopeX3-3.0/src/zope/app/security/interfaces.py)


Property changes on: Zope3/trunk/src/zope/app/security/interfaces.py
___________________________________________________________________
Name: cvs2svn:cvs-rev
   + 1.2
Name: svn:keywords
   + Id
Name: svn:eol-style
   + native

Modified: Zope3/trunk/src/zope/app/securitypolicy/zopepolicy.py
===================================================================
--- Zope3/trunk/src/zope/app/securitypolicy/zopepolicy.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/app/securitypolicy/zopepolicy.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -22,7 +22,7 @@
 from zope.security.management import system_user
 from zope.security.simplepolicies import ParanoidSecurityPolicy
 from zope.security.interfaces import ISecurityPolicy
-from zope.security.proxy import getProxiedObject
+from zope.security.proxy import removeSecurityProxy
 
 from zope.app.security.settings import Allow, Deny
 
@@ -126,7 +126,7 @@
                 cache_prin_per[permission] = prinper
                 return prinper
 
-        parent = getProxiedObject(getattr(parent, '__parent__', None))
+        parent = removeSecurityProxy(getattr(parent, '__parent__', None))
         prinper = self.cached_prinper(parent, principal, permission)
         cache_prin_per[permission] = prinper
         return prinper
@@ -153,7 +153,7 @@
             return roles
 
         roles = self.cached_roles(
-            getProxiedObject(getattr(parent, '__parent__', None)),
+            removeSecurityProxy(getattr(parent, '__parent__', None)),
             permission)
         roleper = IRolePermissionMap(parent, None)
         if roleper:
@@ -190,7 +190,7 @@
             return roles
             
         roles = self.cached_principal_roles(
-            getProxiedObject(getattr(parent, '__parent__', None)),
+            removeSecurityProxy(getattr(parent, '__parent__', None)),
             principal)
         prinrole = IPrincipalRoleMap(parent, None)
         if prinrole:
@@ -219,8 +219,8 @@
         if not principals:
             return True
 
-        object = getProxiedObject(object)
-        parent = getProxiedObject(getattr(object, '__parent__', None))
+        object = removeSecurityProxy(object)
+        parent = removeSecurityProxy(getattr(object, '__parent__', None))
 
         grant_info = IGrantInfo(object, None)
         if not grant_info:

Modified: Zope3/trunk/src/zope/app/site/browser/__init__.py
===================================================================
--- Zope3/trunk/src/zope/app/site/browser/__init__.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/app/site/browser/__init__.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -15,7 +15,7 @@
 
 $Id$
 """
-from zope.proxy import removeAllProxies
+from zope.security.proxy import removeSecurityProxy
 from zope.app import zapi
 from zope.app.container.browser.adding import Adding
 from zope.app.i18n import ZopeMessageIDFactory as _
@@ -481,7 +481,7 @@
         # We don't want to store security proxies (we can't,
         # actually), so we have to remove proxies here before passing
         # the context to the SiteManager.
-        bare = removeAllProxies(self.context)
+        bare = removeSecurityProxy(self.context)
         sm = SiteManager(bare)
         self.context.setSiteManager(sm)
         self.request.response.redirect(

Modified: Zope3/trunk/src/zope/app/uniqueid/__init__.py
===================================================================
--- Zope3/trunk/src/zope/app/uniqueid/__init__.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/app/uniqueid/__init__.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -31,7 +31,7 @@
 from zope.app.uniqueid.interfaces import UniqueIdRemovedEvent
 from zope.interface import implements
 from zope.app import zapi
-from zope.security.proxy import trustedRemoveSecurityProxy
+from zope.security.proxy import removeSecurityProxy
 from zope.event import notify
 
 
@@ -79,7 +79,7 @@
             self._v_nextid = None
 
     def register(self, ob):
-        ob = trustedRemoveSecurityProxy(ob)
+        ob = removeSecurityProxy(ob)
         ref = IReference(ob)
         if ref in self.ids:
             return self.ids[ref]

Modified: Zope3/trunk/src/zope/app/uniqueid/browser/__init__.py
===================================================================
--- Zope3/trunk/src/zope/app/uniqueid/browser/__init__.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/app/uniqueid/browser/__init__.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -15,13 +15,13 @@
 
 $Id$
 """
-from zope.security.proxy import trustedRemoveSecurityProxy
+from zope.security.proxy import removeSecurityProxy
 from zope.app import zapi
 
 class UniqueIdUtilityView(object):
 
     def len(self):
-        return len(trustedRemoveSecurityProxy(self.context).refs)
+        return len(removeSecurityProxy(self.context).refs)
 
     def populate(self):
         # TODO: I think this should be moved to the functional test.

Modified: Zope3/trunk/src/zope/app/utility/browser/__init__.py
===================================================================
--- Zope3/trunk/src/zope/app/utility/browser/__init__.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/app/utility/browser/__init__.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -21,7 +21,7 @@
 from zope.app.registration.interfaces import UnregisteredStatus
 from zope.app import zapi
 from zope.interface import providedBy
-from zope.security.proxy import trustedRemoveSecurityProxy
+from zope.security.proxy import removeSecurityProxy
 from zope.app.introspector import interfaceToName
 
 
@@ -173,7 +173,7 @@
         folder = zapi.getParent(self.context)
         iface = folder.resolve(self.request['interface'])
         name = self.request['name']
-        iface = trustedRemoveSecurityProxy(iface)
+        iface = removeSecurityProxy(iface)
         regstack = self.context.queryRegistrations(name, iface)
         form = zapi.getView(regstack, "ChangeRegistrations", self.request)
         form.update()

Modified: Zope3/trunk/src/zope/app/utility/utility.py
===================================================================
--- Zope3/trunk/src/zope/app/utility/utility.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/app/utility/utility.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -23,7 +23,7 @@
 from zope.app.utility.interfaces import ILocalUtilityService
 from zope.app.utility.interfaces import IUtilityRegistration
 from zope.component.utility import UtilityService
-from zope.proxy import removeAllProxies
+from zope.security.proxy import removeSecurityProxy
 import zope.app.site.interfaces
 import zope.interface
 import zope.interface.adapter
@@ -78,7 +78,7 @@
                     # why/if this is truly safe
                     
                     radapters[key] = radapters.get(key, ()) + (
-                        removeAllProxies(registration.factory), )
+                        removeSecurityProxy(registration.factory), )
 
 
 

Modified: Zope3/trunk/src/zope/app/workflow/stateful/browser/contentworkflow.py
===================================================================
--- Zope3/trunk/src/zope/app/workflow/stateful/browser/contentworkflow.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/app/workflow/stateful/browser/contentworkflow.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -25,7 +25,7 @@
 from zope.interface import Interface
 from zope.app.publisher.browser import BrowserView
 from zope.schema import Choice, List
-from zope.security.proxy import trustedRemoveSecurityProxy 
+from zope.security.proxy import removeSecurityProxy 
 from zope.app.workflow.interfaces import IProcessDefinition
 
 class IContentProcessMapping(Interface):
@@ -71,7 +71,7 @@
     def getInterfaceProcessesMapping(self):
         mapping = []
         # Nothing bad here; we just read the registry data
-        registry = trustedRemoveSecurityProxy(self.context)._registry
+        registry = removeSecurityProxy(self.context)._registry
         for iface, names in registry.items(): 
             mapping.append({'iface': interfaceToName(self.context, iface),
                             'names': names})

Modified: Zope3/trunk/src/zope/app/workflow/stateful/browser/definition.py
===================================================================
--- Zope3/trunk/src/zope/app/workflow/stateful/browser/definition.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/app/workflow/stateful/browser/definition.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -27,7 +27,7 @@
 
 from zope.app.security.interfaces import IPermission
 from zope.security.checker import CheckerPublic
-from zope.security.proxy import trustedRemoveSecurityProxy
+from zope.security.proxy import removeSecurityProxy
 from zope.app.form.utility import setUpWidget
 
 class StatesContainerAdding(Adding):
@@ -112,7 +112,7 @@
             self.buildPermissionWidgets()
         elif 'CHANGE' in self.request:
             schema = self.context.relevantDataSchema
-            perms = trustedRemoveSecurityProxy(self.context.schemaPermissions)
+            perms = removeSecurityProxy(self.context.schemaPermissions)
             for name, field in getFields(schema).items():
                 
                 getPermWidget = getattr(self, name+'_get_perm_widget')
@@ -145,7 +145,7 @@
             return None
         info = []
         for name, field in getFields(schema).items():
-            field = trustedRemoveSecurityProxy(field)
+            field = removeSecurityProxy(field)
             info.append(
                 {'fieldName': name,
                  'fieldTitle': field.title,

Modified: Zope3/trunk/src/zope/app/workflow/stateful/browser/instance.py
===================================================================
--- Zope3/trunk/src/zope/app/workflow/stateful/browser/instance.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/app/workflow/stateful/browser/instance.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -16,7 +16,7 @@
 $Id$
 """
 from zope.proxy import removeAllProxies
-from zope.security.proxy import trustedRemoveSecurityProxy
+from zope.security.proxy import removeSecurityProxy
 from zope.schema import getFields
 
 from zope.app import zapi
@@ -45,7 +45,7 @@
         schema = workflow.data.getSchema()
         for name, field in getFields(schema).items():
             # setUpWidget() does not mutate the field, so it is ok.
-            field = trustedRemoveSecurityProxy(field)
+            field = removeSecurityProxy(field)
             setUpWidget(self, name, field, IInputWidget,
                         value=getattr(workflow.data, name))
 
@@ -143,7 +143,7 @@
         workflow = self._getSelWorkflow() 
         # Workflow might be None
         if Update in self.request and (workflow is not None and workflow.data is not None):
-            schema = trustedRemoveSecurityProxy(workflow.data.getSchema())
+            schema = removeSecurityProxy(workflow.data.getSchema())
             changed = applyWidgetsChanges(self, schema, target=workflow.data, 
                 names=getFields(schema).keys())
             if changed:

Modified: Zope3/trunk/src/zope/app/workflow/stateful/xmlimportexport.py
===================================================================
--- Zope3/trunk/src/zope/app/workflow/stateful/xmlimportexport.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/app/workflow/stateful/xmlimportexport.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -22,7 +22,7 @@
 from zope.interface import implements
 from zope.proxy import removeAllProxies
 from zope.security.checker import CheckerPublic
-from zope.security.proxy import trustedRemoveSecurityProxy
+from zope.security.proxy import removeSecurityProxy
 
 from zope.app import zapi
 from zope.app.dublincore.interfaces import IZopeDublinCore
@@ -86,7 +86,7 @@
             self.context.relevantDataSchema = resolve(name)
 
     def startPermission(self, attrs):
-        perms = trustedRemoveSecurityProxy(self.context.schemaPermissions)
+        perms = removeSecurityProxy(self.context.schemaPermissions)
         fieldName = attrs.get('for')
         type = attrs.get('type')
         perm_id = attrs.get('id')

Modified: Zope3/trunk/src/zope/app/zapi/__init__.py
===================================================================
--- Zope3/trunk/src/zope/app/zapi/__init__.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/app/zapi/__init__.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -20,6 +20,9 @@
 
 from interfaces import IZAPI
 from zope.interface import moduleProvides
+
+from zope.security.proxy import removeSecurityProxy
+
 from zope.app import servicenames
 from zope.app.interface import queryType
 
@@ -33,3 +36,38 @@
 from zope.app.exception.interfaces import UserError
 
 name = getName
+
+builtin_isinstance = isinstance
+def isinstance(object, cls):
+    """Test whether an object is an instance of a type.
+
+    This works even if the object is security proxied:
+
+      >>> class C1(object):
+      ...     pass
+
+      >>> c = C1()
+      >>> isinstance(c, C1)
+      True
+
+      >>> from zope.security.checker import ProxyFactory
+      >>> isinstance(ProxyFactory(c), C1)
+      True
+
+      >>> class C2(C1):
+      ...     pass
+
+      >>> c = C2()
+      >>> isinstance(c, C1)
+      True
+
+      >>> from zope.security.checker import ProxyFactory
+      >>> isinstance(ProxyFactory(c), C1)
+      True
+      
+    """
+
+    # The removeSecurityProxy call is OK here because it is *only*
+    # being used for isinstance
+    
+    return builtin_isinstance(removeSecurityProxy(object), cls)

Modified: Zope3/trunk/src/zope/app/zapi/interfaces.py
===================================================================
--- Zope3/trunk/src/zope/app/zapi/interfaces.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/app/zapi/interfaces.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -69,3 +69,10 @@
         """
         
     servicenames = Attribute("Service Names")
+
+    def isinstance(object, cls):
+        """Test whether an object is an instance of the given type
+
+        This function is useful because it works even if the instance
+        is security proxied.
+        """

Copied: Zope3/trunk/src/zope/app/zapi/tests.py (from rev 27201, Zope3/branches/ZopeX3-3.0/src/zope/app/zapi/tests.py)


Property changes on: Zope3/trunk/src/zope/app/zapi/tests.py
___________________________________________________________________
Name: svn:keywords
   + Id
Name: svn:eol-style
   + native

Modified: Zope3/trunk/src/zope/app/zptpage/zptpage.py
===================================================================
--- Zope3/trunk/src/zope/app/zptpage/zptpage.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/app/zptpage/zptpage.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -17,7 +17,6 @@
 """
 from persistent import Persistent
 
-from zope.proxy import removeAllProxies
 from zope.security.proxy import ProxyFactory
 from zope.interface import implements
 from zope.pagetemplate.pagetemplate import PageTemplate
@@ -63,7 +62,6 @@
 
     def pt_getContext(self, instance, request, **_kw):
         # instance is a View component
-        self = removeAllProxies(self)
         namespace = super(ZPTPage, self).pt_getContext(**_kw)
         namespace['template'] = self
         namespace['request'] = request

Modified: Zope3/trunk/src/zope/security/checker.py
===================================================================
--- Zope3/trunk/src/zope/security/checker.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/security/checker.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -373,10 +373,6 @@
 
 _getChecker = _checkers.get
 
-
-# Marker type used by bogus zope.security.proxy.trustedRemoveSecurityProxy
-TrustedCheckerBase = Checker
-
 class CombinedChecker(Checker):
     """A checker that combines two other checkers in a logical-or fashion.
 

Modified: Zope3/trunk/src/zope/security/proxy.py
===================================================================
--- Zope3/trunk/src/zope/security/proxy.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/security/proxy.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -16,31 +16,33 @@
 $Id$
 """
 
+from warnings import warn
+
 from zope.security._proxy import getChecker, getObject
 from zope.security._proxy import _Proxy as Proxy
-from zope.security.checker import TrustedCheckerBase
 
-getProxiedObject = getObject
 removeSecurityProxy = getObject
 
 # This import represents part of the API for this module
 from zope.security.checker import ProxyFactory
 
 def trustedRemoveSecurityProxy(object):
-    """Remove a security proxy if its checker came from a trusted source.
+    """Deprecated, use removeSecurityProxy instead"""
+    warn("trustedRemoveSecurityProxy is deprecated."
+         " It will disappear in Zope X3.1. "
+         " Use removeSecurityProxy instead",
+         DeprecationWarning, 2)
 
-    The rationale is that it is OK to do this since the caller is
-    trusted and the proxy can always be recreated by calling the
-    proxy factory and getting back a proxy with the same checker.
+    return removeSecurityProxy(object)
 
-    TODO: More thought needs to be given to assuring this contract.
-    """
-    if ((type(object) is Proxy) and
-        isinstance(getChecker(object), TrustedCheckerBase)
-        ):
-        return getProxiedObject(object)
+def getProxiedObject(object):
+    """Deprecated, use removeSecurityProxy instead"""
+    warn("getProxiedObject is deprecated."
+         " It will disappear in Zope X3.1. "
+         " Use removeSecurityProxy instead",
+         DeprecationWarning, 2)
 
-    return object
+    return removeSecurityProxy(object)
 
 def getTestProxyItems(proxy):
     """Try to get checker names and permissions for testing

Modified: Zope3/trunk/src/zope/security/tests/test_checker.py
===================================================================
--- Zope3/trunk/src/zope/security/tests/test_checker.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/security/tests/test_checker.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -25,7 +25,7 @@
 from zope.security.interfaces import Unauthorized
 from zope.security.management import setSecurityPolicy, newInteraction
 from zope.security.management import endInteraction, getInteraction
-from zope.proxy import getProxiedObject
+from zope.security.proxy import removeSecurityProxy
 from zope.security.proxy import getChecker
 from zope.security.checker import defineChecker, ProxyFactory
 from zope.security.proxy import Proxy
@@ -218,7 +218,7 @@
 
             for ob in inst, class_:
                 proxy = checker.proxy(ob)
-                self.failUnless(getProxiedObject(proxy) is ob)
+                self.failUnless(removeSecurityProxy(proxy) is ob)
                 checker = getChecker(proxy)
                 if ob is inst:
                     self.assertEqual(checker.permission_id('__str__'),
@@ -235,7 +235,7 @@
             #
             #for ob in inst, TransparentProxy(inst):
             #    proxy = checker.proxy(ob)
-            #    self.failUnless(getProxiedObject(proxy) is ob)
+            #    self.failUnless(removeSecurityProxy(proxy) is ob)
             #
             #    checker = getChecker(proxy)
             #    self.failUnless(checker is special,

Modified: Zope3/trunk/src/zope/security/tests/test_proxy.py
===================================================================
--- Zope3/trunk/src/zope/security/tests/test_proxy.py	2004-08-23 22:20:56 UTC (rev 27236)
+++ Zope3/trunk/src/zope/security/tests/test_proxy.py	2004-08-23 23:42:11 UTC (rev 27237)
@@ -17,7 +17,7 @@
 """
 
 import unittest
-from zope.security.proxy import getChecker, ProxyFactory, getProxiedObject
+from zope.security.proxy import getChecker, ProxyFactory, removeSecurityProxy
 from zope.proxy import ProxyBase as proxy
 
 class Checker(object):
@@ -119,7 +119,7 @@
                         s)
 
     def testGetAttrOK(self):
-        self.assertEqual(getProxiedObject(self.p.foo), [1,2,3])
+        self.assertEqual(removeSecurityProxy(self.p.foo), [1,2,3])
 
     def testGetAttrFail(self):
         self.assertRaises(RuntimeError, lambda: self.p.bar)
@@ -169,7 +169,7 @@
         self.shouldFail(lambda: self.p == self.x)
 
     def testIterOK(self):
-        self.assertEqual(getProxiedObject(iter(self.p)), self.x)
+        self.assertEqual(removeSecurityProxy(iter(self.p)), self.x)
 
     def testIterFail(self):
         self.shouldFail(iter, self.p)
@@ -205,7 +205,7 @@
         self.shouldFail(len, self.p)
 
     def testSliceOK(self):
-        self.assertEqual(getProxiedObject(self.p[:]), [42])
+        self.assertEqual(removeSecurityProxy(self.p[:]), [42])
 
     def testSliceFail(self):
         self.shouldFail(lambda: self.p[:])
@@ -224,7 +224,7 @@
         self.shouldFail(lambda: 42 in self.p)
 
     def testGetObject(self):
-        self.assertEqual(self.x, getProxiedObject(self.p))
+        self.assertEqual(self.x, removeSecurityProxy(self.p))
 
     def testGetChecker(self):
         self.assertEqual(self.c, getChecker(self.p))
@@ -260,7 +260,7 @@
             # Make sure 'x' is a proxy always:
             x = ProxyFactory(1, self.c)
             z = eval(expr)
-            self.assertEqual(getProxiedObject(z), y,
+            self.assertEqual(removeSecurityProxy(z), y,
                              "x=%r; expr=%r" % (x, expr))
             self.shouldFail(lambda x: eval(expr), x)
 
@@ -286,7 +286,7 @@
                         z = eval(expr)
                         first = 0
                     else:
-                        self.assertEqual(getProxiedObject(eval(expr)), z,
+                        self.assertEqual(removeSecurityProxy(eval(expr)), z,
                                          "x=%r; y=%r; expr=%r" % (x, y, expr))
                         self.shouldFail(lambda x, y: eval(expr), x, y)
 
@@ -296,7 +296,7 @@
 
         pa = P(1)
         pa += 2
-        self.assertEqual(getProxiedObject(pa), 3)
+        self.assertEqual(removeSecurityProxy(pa), 3)
 
         a = [1, 2, 3]
         pa = qa = P(a)
@@ -311,7 +311,7 @@
 
         pa = P(2)
         pa **= 2
-        self.assertEqual(getProxiedObject(pa), 4)
+        self.assertEqual(removeSecurityProxy(pa), 4)
 
         def doit():
             pa = P(2)
@@ -333,16 +333,16 @@
         x = P(1)
         y = P(2.1)
         a, b = coerce(x, y)
-        self.failUnless(getProxiedObject(a) == 1.0 and b is y)
+        self.failUnless(removeSecurityProxy(a) == 1.0 and b is y)
         if fixed_coerce:
-            self.failUnless(type(getProxiedObject(a)) is float and b is y)
+            self.failUnless(type(removeSecurityProxy(a)) is float and b is y)
 
         x = P(1.1)
         y = P(2)
         a, b = coerce(x, y)
-        self.failUnless(a is x and getProxiedObject(b) == 2.0)
+        self.failUnless(a is x and removeSecurityProxy(b) == 2.0)
         if fixed_coerce:
-            self.failUnless(a is x and type(getProxiedObject(b)) is float)
+            self.failUnless(a is x and type(removeSecurityProxy(b)) is float)
 
         x = P(1)
         y = 2
@@ -352,12 +352,12 @@
         x = P(1)
         y = 2.1
         a, b = coerce(x, y)
-        self.failUnless(type(getProxiedObject(a)) is float and b is y)
+        self.failUnless(type(removeSecurityProxy(a)) is float and b is y)
 
         x = P(1.1)
         y = 2
         a, b = coerce(x, y)
-        self.failUnless(a is x and type(getProxiedObject(b)) is float)
+        self.failUnless(a is x and type(removeSecurityProxy(b)) is float)
 
         x = 1
         y = P(2)
@@ -367,12 +367,12 @@
         x = 1.1
         y = P(2)
         a, b = coerce(x, y)
-        self.failUnless(a is x and type(getProxiedObject(b)) is float)
+        self.failUnless(a is x and type(removeSecurityProxy(b)) is float)
 
         x = 1
         y = P(2.1)
         a, b = coerce(x, y)
-        self.failUnless(type(getProxiedObject(a)) is float and b is y)
+        self.failUnless(type(removeSecurityProxy(a)) is float and b is y)
 
 def test_using_mapping_slots_hack():
     """The security proxy will use mapping slots, on the checker to go faster



More information about the Zope3-Checkins mailing list