Original implementation

97bc7e89 · Boxiang Sun · 97bc7e89 · 97bc7e89 · 97bc7e89 · 97bc7e89
Commit 97bc7e89 authored Oct 05, 2016 by Boxiang Sun
76 changed files
--- a/.gitignore
+++ b/.gitignore
+*.pyc
+*.so
+*.egg-info
+.installed.cfg
+bin
+develop-eggs
+eggs
+parts
+build
--- a/CHANGES.txt
+++ b/CHANGES.txt
+Changelog
+=========
+
+2.13.14 (2015-12-21)
+--------------------
+
+- Avoid acquiring ``access`` from module wrapped by
+  ``SecurityInfo._ModuleSecurityInfo``.  See:
+  https://github.com/zopefoundation/AccessControl/issues/12
+
+2.13.13 (2013-07-16)
+--------------------
+
+- LP #1169923:  ensure initialization of shared ``ImplPython`` state
+  (used by ``ImplC``) when using the "C" security policy.  Thanks to
+  Arnaud Fontaine for the patch.
+
+2.13.12 (2012-10-31)
+--------------------
+
+- LP #1071067: Use a stronger random number generator and a constant time
+  comparison function.
+
+2.13.11 (2012-10-21)
+--------------------
+
+- LP #966101: Recognize special ``zope2.Private`` permission in ZCML
+  role directive.
+
+2.13.10 (2012-09-09)
+--------------------
+
+- LP #1047318: Tighten import restrictions for restricted code.
+
+2.13.9 (2012-08-23)
+-------------------
+
+- Fix a bug in ZopeSecurityPolicy.py. Global variable ``rolesForPermissionOn``
+  could be overridden if ``__role__`` had custom ``rolesForPermissionOn``.
+
+2.13.8 (2012-06-22)
+-------------------
+
+- Add Anonymous as a default role for Public permission.
+
+2.13.7 (2011-12-12)
+-------------------
+
+- Exclude compiled ``.so`` and ``.dll`` files from source distributions.
+
+2.13.6 (2011-12-12)
+-------------------
+
+- Added ``manifest.in`` to ensure the inclusion of the ``include`` directory
+  into the release.
+
+2.13.5 (2011-12-12)
+-------------------
+
+- Apply changes made available in ``Products.Zope_Hotfix_20111024`` and make
+  them more robust.
+
+2.13.4 (2011-01-11)
+-------------------
+
+- Return the created user in ``_doAddUser``.
+
+- Added ``IUser`` interface.
+
+- LP #659968: Added support for ``level`` argument to the ``__import__``
+  function as introduced in Python 2.5. Currently only ``level = -1`` is
+  supported.
+
+2.13.3 (2010-08-28)
+-------------------
+
+- Added a ``role`` subdirective for the ``permission`` ZCML directive. If any
+  roles are specified, they will override the default set of default roles
+  (Manager).
+
+2.13.2 (2010-07-16)
+-------------------
+
+- Added ``override_existing_protection`` parameter to the protectName helper.
+
+2.13.1 (2010-06-19)
+-------------------
+
+- Restore security declarations for deprecated ``sets`` module.
+
+2.13.0 (2010-06-19)
+-------------------
+
+- Released as separate package.
--- a/COPYRIGHT.txt
+++ b/COPYRIGHT.txt
+Zope Foundation and Contributors
\ No newline at end of file
--- a/LICENSE.txt
+++ b/LICENSE.txt
+Zope Public License (ZPL) Version 2.1
+
+A copyright notice accompanies this license document that identifies the
+copyright holders.
+
+This license has been certified as open source. It has also been designated as
+GPL compatible by the Free Software Foundation (FSF).
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+1. Redistributions in source code must retain the accompanying copyright
+notice, this list of conditions, and the following disclaimer.
+
+2. Redistributions in binary form must reproduce the accompanying copyright
+notice, this list of conditions, and the following disclaimer in the
+documentation and/or other materials provided with the distribution.
+
+3. Names of the copyright holders must not be used to endorse or promote
+products derived from this software without prior written permission from the
+copyright holders.
+
+4. The right to distribute this software or to use it for any purpose does not
+give you the right to use Servicemarks (sm) or Trademarks (tm) of the
+copyright
+holders. Use of them is covered by separate agreement with the copyright
+holders.
+
+5. If any files are modified, you must cause the modified files to carry
+prominent notices stating that you changed the files and the date of any
+change.
+
+Disclaimer
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS ``AS IS'' AND ANY EXPRESSED
+OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
+EVENT SHALL THE COPYRIGHT HOLDERS BE LIABLE FOR ANY DIRECT, INDIRECT,
+INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
+EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
--- a/MANIFEST.in
+++ b/MANIFEST.in
+include *.txt
+
+recursive-include include *
+recursive-include src/AccessControl *
+
+global-exclude *.dll
+global-exclude *.pyc
+global-exclude *.pyo
+global-exclude *.so
--- a/PKG-INFO
+++ b/PKG-INFO
+Metadata-Version: 1.0
+Name: AccessControl
+Version: 2.13.14
+Summary: Security framework for Zope2.
+Home-page: http://pypi.python.org/pypi/AccessControl
+Author: Zope Foundation and Contributors
+Author-email: zope-dev@zope.org
+License: ZPL 2.1
+Description: Overview
+        ========
+        
+        AccessControl provides a general security framework for use in Zope2.
+        
+        Changelog
+        =========
+        
+        2.13.14 (2015-12-21)
+        --------------------
+        
+        - Avoid acquiring ``access`` from module wrapped by
+          ``SecurityInfo._ModuleSecurityInfo``.  See:
+          https://github.com/zopefoundation/AccessControl/issues/12
+        
+        2.13.13 (2013-07-16)
+        --------------------
+        
+        - LP #1169923:  ensure initialization of shared ``ImplPython`` state
+          (used by ``ImplC``) when using the "C" security policy.  Thanks to
+          Arnaud Fontaine for the patch.
+        
+        2.13.12 (2012-10-31)
+        --------------------
+        
+        - LP #1071067: Use a stronger random number generator and a constant time
+          comparison function.
+        
+        2.13.11 (2012-10-21)
+        --------------------
+        
+        - LP #966101: Recognize special ``zope2.Private`` permission in ZCML
+          role directive.
+        
+        2.13.10 (2012-09-09)
+        --------------------
+        
+        - LP #1047318: Tighten import restrictions for restricted code.
+        
+        2.13.9 (2012-08-23)
+        -------------------
+        
+        - Fix a bug in ZopeSecurityPolicy.py. Global variable ``rolesForPermissionOn``
+          could be overridden if ``__role__`` had custom ``rolesForPermissionOn``.
+        
+        2.13.8 (2012-06-22)
+        -------------------
+        
+        - Add Anonymous as a default role for Public permission.
+        
+        2.13.7 (2011-12-12)
+        -------------------
+        
+        - Exclude compiled ``.so`` and ``.dll`` files from source distributions.
+        
+        2.13.6 (2011-12-12)
+        -------------------
+        
+        - Added ``manifest.in`` to ensure the inclusion of the ``include`` directory
+          into the release.
+        
+        2.13.5 (2011-12-12)
+        -------------------
+        
+        - Apply changes made available in ``Products.Zope_Hotfix_20111024`` and make
+          them more robust.
+        
+        2.13.4 (2011-01-11)
+        -------------------
+        
+        - Return the created user in ``_doAddUser``.
+        
+        - Added ``IUser`` interface.
+        
+        - LP #659968: Added support for ``level`` argument to the ``__import__``
+          function as introduced in Python 2.5. Currently only ``level = -1`` is
+          supported.
+        
+        2.13.3 (2010-08-28)
+        -------------------
+        
+        - Added a ``role`` subdirective for the ``permission`` ZCML directive. If any
+          roles are specified, they will override the default set of default roles
+          (Manager).
+        
+        2.13.2 (2010-07-16)
+        -------------------
+        
+        - Added ``override_existing_protection`` parameter to the protectName helper.
+        
+        2.13.1 (2010-06-19)
+        -------------------
+        
+        - Restore security declarations for deprecated ``sets`` module.
+        
+        2.13.0 (2010-06-19)
+        -------------------
+        
+        - Released as separate package.
+        
+Platform: UNKNOWN
--- a/README.txt
+++ b/README.txt
+Overview
+========
+
+AccessControl provides a general security framework for use in Zope2.
--- a/bootstrap.py
+++ b/bootstrap.py
--- a/buildout.cfg
+++ b/buildout.cfg
+[buildout]
+develop = .
+parts = interpreter test
+
+[interpreter]
+recipe = zc.recipe.egg
+interpreter = python
+eggs = AccessControl
+
+[test]
+recipe = zc.recipe.testrunner
+eggs = AccessControl
--- a/include/Acquisition/Acquisition.h
+++ b/include/Acquisition/Acquisition.h
+/*****************************************************************************
+
+  Copyright (c) 1996-2002 Zope Foundation and Contributors.
+  All Rights Reserved.
+
+  This software is subject to the provisions of the Zope Public License,
+  Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
+  THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+  WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+  WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+  FOR A PARTICULAR PURPOSE
+
+ ****************************************************************************/
+
+#ifndef __ACQUISITION_H_
+#define __ACQUISITION_H_
+
+typedef struct {
+	PyObject *(*AQ_Acquire) (PyObject *obj, PyObject *name, PyObject *filter,
+		PyObject *extra, int explicit, PyObject *deflt,
+		int containment);
+	PyObject *(*AQ_Get) (PyObject *obj, PyObject *name, PyObject *deflt,
+		int containment);
+	int (*AQ_IsWrapper) (PyObject *obj);
+	PyObject *(*AQ_Base) (PyObject *obj);
+	PyObject *(*AQ_Parent) (PyObject *obj);
+	PyObject *(*AQ_Self) (PyObject *obj);
+	PyObject *(*AQ_Inner) (PyObject *obj);
+	PyObject *(*AQ_Chain) (PyObject *obj, int containment);
+} ACQUISITIONCAPI;
+
+#ifndef _IN_ACQUISITION_C
+
+#define aq_Acquire(obj, name, filter, extra, explicit, deflt, containment ) (AcquisitionCAPI == NULL ? NULL : (AcquisitionCAPI->AQ_Acquire(obj, name, filter, extra, explicit, deflt, containment)))
+#define aq_acquire(obj, name) (AcquisitionCAPI == NULL ? NULL : (AcquisitionCAPI->AQ_Acquire(obj, name, NULL, NULL, 1, NULL, 0)))
+#define aq_get(obj, name, deflt, containment) (AcquisitionCAPI == NULL ? NULL : (AcquisitionCAPI->AQ_Get(obj, name, deflt, containment)))
+#define aq_isWrapper(obj)   (AcquisitionCAPI == NULL ? -1 : (AcquisitionCAPI->AQ_IsWrapper(obj)))
+#define aq_base(obj)   (AcquisitionCAPI == NULL ? NULL : (AcquisitionCAPI->AQ_Base(obj)))
+#define aq_parent(obj) (AcquisitionCAPI == NULL ? NULL : (AcquisitionCAPI->AQ_Parent(obj)))
+#define aq_self(obj)   (AcquisitionCAPI == NULL ? NULL : (AcquisitionCAPI->AQ_Self(obj)))
+#define aq_inner(obj)  (AcquisitionCAPI == NULL ? NULL : (AcquisitionCAPI->AQ_Inner(obj)))
+#define aq_chain(obj, containment) (AcquisitionCAPI == NULL ? NULL : (AcquisitionCAPI->AQ_CHain(obj, containment)))
+
+static ACQUISITIONCAPI *AcquisitionCAPI = NULL;
+
+#define aq_init() { \
+    PyObject *module; \
+    PyObject *api; \
+    if (! (module = PyImport_ImportModule("Acquisition"))) return; \
+    if (! (api = PyObject_GetAttrString(module,"AcquisitionCAPI"))) return; \
+    Py_DECREF(module); \
+    AcquisitionCAPI = PyCObject_AsVoidPtr(api); \
+    Py_DECREF(api); \
+}
+
+
+
+#endif
+
+#endif
--- a/include/ExtensionClass/ExtensionClass.h
+++ b/include/ExtensionClass/ExtensionClass.h
--- a/setup.cfg
+++ b/setup.cfg
+[egg_info]
+tag_build = 
+tag_date = 0
+tag_svn_revision = 0
+
--- a/setup.py
+++ b/setup.py
+##############################################################################
+#
+# Copyright (c) 2010 Zope Foundation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+
+from os.path import join
+from setuptools import setup, find_packages, Extension
+
+setup(name='AccessControl',
+      version = '2.13.14',
+      url='http://pypi.python.org/pypi/AccessControl',
+      license='ZPL 2.1',
+      description="Security framework for Zope2.",
+      author='Zope Foundation and Contributors',
+      author_email='zope-dev@zope.org',
+      long_description=open('README.txt').read() + '\n' +
+                       open('CHANGES.txt').read(),
+
+      packages=find_packages('src'),
+      package_dir={'': 'src'},
+      ext_modules=[Extension(
+            name='AccessControl.cAccessControl',
+            include_dirs=['include', 'src'],
+            sources=[join('src', 'AccessControl', 'cAccessControl.c')],
+            depends=[join('include', 'ExtensionClass', 'ExtensionClass.h'),
+                     join('include', 'Acquisition', 'Acquisition.h')]),
+      ],
+      install_requires=[
+        'Acquisition',
+        'DateTime', # optional dependency of RestrictedPython
+        'ExtensionClass',
+        'Persistence',
+        'Record',
+        'RestrictedPython',
+        'transaction',
+        'zExceptions',
+        'ZODB3',
+        'zope.component',
+        'zope.configuration',
+        'zope.deferredimport',
+        'zope.interface',
+        'zope.publisher',
+        'zope.schema',
+        'zope.security',
+        'zope.testing',
+      ],
+      include_package_data=True,
+      zip_safe=False,
+      )
--- a/src/AccessControl/AccessControl.txt
+++ b/src/AccessControl/AccessControl.txt
+Security Architecture
+---------------------
+
+Users
+-----
+
+Objects representing users may be created in Principia
+User Folder objects. User objects maintain the information
+used to authenticate users, and allow roles to be associated
+with a user.
+
+
+
+Permissions
+-----------
+
+A "permission" is the smallest unit of access to an object,
+roughly equivalent to the atomic permissions seen in NT:
+R (Read), W(Write), X(Execute), etc. In Principia, a permission
+usually describes a fine-grained logical operation on an object,
+such as "View Management Screens", "Add Properties", etc.
+
+Different types of objects will define different permissions
+as appropriate for the object.
+
+
+
+Types of access
+---------------
+
+A "type of access" is a named grouping of 0 or more of the
+permissions defined by an object. All objects have one predefined
+type of access called Full Access (all permissions defined by that 
+object). A user who has the special role "Manager" always has Full 
+Access to all objects at or below the level in the object hierarchy 
+at which the user is defined.
+
+New types of access may be defined as combinations of the
+various permissions defined by a given object. These new
+types of access may be defined by the programmer, or by
+users at runtime. 
+
+
+
+
+Roles
+-----
+
+A role is a name that ties users (authentication of identity)
+to permissions (authorization for that identity) in the system.
+Roles may be defined in any Folder (or Folderish) object in the
+system. Sub folders can make use of roles defined higher in the
+hierarchy. These roles can be assigned to users. All users, 
+including non-authenticated users have the built-in role of 
+"Anonymous". 
+
+Principia objects allow the association of defined roles 
+with a single "type of access" each, in the context of that 
+object. A single role is associated with one and only one 
+type of access in the context of a given object.
+
+
+
+Examples
+--------
+
+  User                        Object1
+
+  o has the role "RoleA"      o has given "RoleA" Full Access
+
+  Result: the user has Full Access to Object1.
+
+
+
+  User                        Object2
+  o has the role "RoleA"      o has given "RoleB" Full Access
+
+                              o has given the role "RoleA" View Access,
+                                a custom type of access that allows only
+                                viewing of the object.
+
+  Result: the user has only View Access.
+
+
+
+Notes
+-----
+
+All objects define a permission called "Default permission". If this
+permission is given to a role, users with that role will be able to
+access subobjects which do not explicitly restrict access.
+
+
+
+Technical
+---------
+
+Objects define their permissions as logical operations.
+Programmers have to determine the appropriate operations
+for their object type, and provide a mapping of permission
+name to attribute names. It is important to note that permissions
+cannot overlap - none of the attributes named in a permission
+can occur in any of the other permissions. The following are
+proposed permissions for some current principia objects:
+
+
+Folder
+  o View management screens
+  o Change permissions
+  o Undo changes
+  o Add objects
+  o Delete objects
+  o Add properties
+  o Change properties
+  o Delete properties
+  o Default permission
+
+Confera Topic
+  o View management screens
+  o Change permissions
+  o Undo changes
+  o Add objects
+  o Delete objects
+  o Add properties
+  o Change properties
+  o Delete properties
+  o Default permission
+  o Change Configuration
+  o Add Messages
+  o Change Messages
+  o Delete Messages
+
+Tabula Collection
+  o View management screens
+  o Change permissions
+  o Undo changes
+  o Add objects
+  o Delete objects
+  o Add properties
+  o Change properties
+  o Delete properties
+  o Default permission
+  o Change schema
+  o Upload data
+  o Add computed fields
+  o Change computed fields
+  o Delete computed fields
+
+Document/Image/File
+  o View management screens
+  o Change permissions
+  o Change/upload data
+  o View
+
+Session
+  o View management screens
+  o Change permissions
+  o Change session config
+  o Join/leave session
+  o Save/discard session
+
+Mail Host
+  o View management screens
+  o Change permissions
+  o Change configuration
+
+
+To support the architecture, developers must derive an
+object from the AccessControl.rolemanager.RoleManager mixin class,
+and define in their class an __ac_permissions__ attribute.
+
+This should be a tuple of tuples, where each tuple represents
+a permission and contains a string permission name as its first
+element and a list of attribute names as its second element.
+
+Example:
+
+    __ac_permissions__=(
+
+    ('View management screens',
+     ['manage','manage_menu','manage_main','manage_copyright',
+      'manage_tabs','manage_propertiesForm','manage_UndoForm']),
+    ('Undo changes',       ['manage_undo_transactions']),
+    ('Change permissions', ['manage_access']),
+    ('Add objects',        ['manage_addObject']),
+    ('Delete objects',     ['manage_delObjects']),
+    ('Add properties',     ['manage_addProperty']),
+    ('Change properties',  ['manage_editProperties']),
+    ('Delete properties',  ['manage_delProperties']),
+    ('Default permission', ['']),
+    )
+
+The developer may also predefine useful types of access, by
+specifying an __ac_types__ attribute. This should be a tuple of 
+tuples, where each tuple represents a type of access and contains 
+a string name as its first element and a list of permission names 
+as its second element.
+
+By default, only "Full Access" is defined (by the RoleManager mixin).
+If you wish to override __ac_types__ to provide convenient types of
+access, you must always be sure to define "Full Access" as containing 
+the names of all possible permissions for your object.
+
+Example:
+
+    __ac_types__=(
+
+    ('Full Access', map(lambda x: x[0], __ac_permissions__)),
+    ('Change', ['Add Objects', 'Add Properties', 'Change Properties']),
+
+    )
+
+Developers may also provide pre-defined role names that are
+not deletable via the interface by specifying an __ac_roles__
+attribute. This is probably not something we'll ever use under
+the new architecture, but it's there if you need it.
+
+Example:
+
+    __ac_roles__=('Manager', 'Anonymous')
--- a/src/AccessControl/AuthEncoding.py
+++ b/src/AccessControl/AuthEncoding.py
+##############################################################################
+#
+# Copyright (c) 2002 Zope Foundation and Contributors.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE
+#
+##############################################################################
+
+import binascii
+from binascii import b2a_base64, a2b_base64
+from hashlib import sha1 as sha
+from hashlib import sha256
+from os import getpid
+import time
+
+# Use the system PRNG if possible
+import random
+try:
+    random = random.SystemRandom()
+    using_sysrandom = True
+except NotImplementedError:
+    using_sysrandom = False
+
+
+def _reseed():
+    if not using_sysrandom:
+        # This is ugly, and a hack, but it makes things better than
+        # the alternative of predictability. This re-seeds the PRNG
+        # using a value that is hard for an attacker to predict, every
+        # time a random string is required. This may change the
+        # properties of the chosen random sequence slightly, but this
+        # is better than absolute predictability.
+        random.seed(sha256(
+            "%s%s%s" % (random.getstate(), time.time(), getpid())
+        ).digest())
+
+
+def _choice(c):
+    _reseed()
+    return random.choice(c)
+
+
+def _randrange(r):
+    _reseed()
+    return random.randrange(r)
+
+
+def constant_time_compare(val1, val2):
+    """
+    Returns True if the two strings are equal, False otherwise.
+
+    The time taken is independent of the number of characters that match.
+    """
+    if len(val1) != len(val2):
+        return False
+    result = 0
+    for x, y in zip(val1, val2):
+        result |= ord(x) ^ ord(y)
+    return result == 0
+
+
+class PasswordEncryptionScheme:  # An Interface
+
+    def encrypt(pw):
+        """
+        Encrypt the provided plain text password.
+        """
+
+    def validate(reference, attempt):
+        """
+        Validate the provided password string.  Reference is the
+        correct password, which may be encrypted; attempt is clear text
+        password attempt.
+        """
+
+
+_schemes = []
+
+
+def registerScheme(id, s):
+    '''
+    Registers an LDAP password encoding scheme.
+    '''
+    _schemes.append((id, '{%s}' % id, s))
+
+
+def listSchemes():
+    r = []
+    for id, prefix, scheme in _schemes:
+        r.append(id)
+    return r
+
+
+class SSHADigestScheme:
+    '''
+    SSHA is a modification of the SHA digest scheme with a salt
+    starting at byte 20 of the base64-encoded string.
+    '''
+    # Source: http://developer.netscape.com/docs/technote/ldap/pass_sha.html
+
+    def generate_salt(self):
+        # Salt can be any length, but not more than about 37 characters
+        # because of limitations of the binascii module.
+        # 7 is what Netscape's example used and should be enough.
+        # All 256 characters are available.
+        salt = ''
+        for n in range(7):
+            salt += chr(_randrange(256))
+        return salt
+
+    def encrypt(self, pw):
+        pw = str(pw)
+        salt = self.generate_salt()
+        return b2a_base64(sha(pw + salt).digest() + salt)[:-1]
+
+    def validate(self, reference, attempt):
+        try:
+            ref = a2b_base64(reference)
+        except binascii.Error:
+            # Not valid base64.
+            return 0
+        salt = ref[20:]
+        compare = b2a_base64(sha(attempt + salt).digest() + salt)[:-1]
+        return constant_time_compare(compare, reference)
+
+registerScheme('SSHA', SSHADigestScheme())
+
+
+class SHADigestScheme:
+
+    def encrypt(self, pw):
+        return b2a_base64(sha(pw).digest())[:-1]
+
+    def validate(self, reference, attempt):
+        compare = b2a_base64(sha(attempt).digest())[:-1]
+        return constant_time_compare(compare, reference)
+
+registerScheme('SHA', SHADigestScheme())
+
+
+# Bogosity on various platforms due to ITAR restrictions
+try:
+    from crypt import crypt
+except ImportError:
+    crypt = None
+
+if crypt is not None:
+
+    class CryptDigestScheme:
+
+        def generate_salt(self):
+            choices = ("ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+                       "abcdefghijklmnopqrstuvwxyz"
+                       "0123456789./")
+            return _choice(choices) + _choice(choices)
+
+        def encrypt(self, pw):
+            return crypt(pw, self.generate_salt())
+
+        def validate(self, reference, attempt):
+            a = crypt(attempt, reference[:2])
+            return constant_time_compare(a, reference)
+
+    registerScheme('CRYPT', CryptDigestScheme())
+
+
+class MySQLDigestScheme:
+
+    def encrypt(self, pw):
+        nr = 1345345333L
+        add = 7
+        nr2 = 0x12345671L
+        for i in pw:
+            if i == ' ' or i == '\t':
+                continue
+            nr ^= (((nr & 63) + add) * ord(i)) + (nr << 8)
+            nr2 += (nr2 << 8) ^ nr
+            add += ord(i)
+        r0 = nr & ((1L << 31) - 1L)
+        r1 = nr2 & ((1L << 31) - 1L)
+        return "%08lx%08lx" % (r0, r1)
+
+    def validate(self, reference, attempt):
+        a = self.encrypt(attempt)
+        return constant_time_compare(a, reference)
+
+registerScheme('MYSQL', MySQLDigestScheme())
+
+
+def pw_validate(reference, attempt):
+    """Validate the provided password string, which uses LDAP-style encoding
+    notation.  Reference is the correct password, attempt is clear text
+    password attempt."""
+    for id, prefix, scheme in _schemes:
+        lp = len(prefix)
+        if reference[:lp] == prefix:
+            return scheme.validate(reference[lp:], attempt)
+    # Assume cleartext.
+    return constant_time_compare(reference, attempt)
+
+
+def is_encrypted(pw):
+    for id, prefix, scheme in _schemes:
+        lp = len(prefix)
+        if pw[:lp] == prefix:
+            return 1
+    return 0
+
+
+def pw_encrypt(pw, encoding='SSHA'):
+    """Encrypt the provided plain text password using the encoding if provided
+    and return it in an LDAP-style representation."""
+    for id, prefix, scheme in _schemes:
+        if encoding == id:
+            return prefix + scheme.encrypt(pw)
+    raise ValueError('Not supported: %s' % encoding)
+
+pw_encode = pw_encrypt  # backward compatibility
--- a/src/AccessControl/DTML.py
+++ b/src/AccessControl/DTML.py
+##############################################################################
+#
+# Copyright (c) 2002 Zope Foundation and Contributors.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE
+#
+##############################################################################
+"""Add security system support to Document Templates
+"""
+
+from zope.deferredimport import deprecated
+
+deprecated("Please import from DocumentTemplate.security",
+    DTMLSecurityAPI = 'DocumentTemplate.security:DTMLSecurityAPI',
+    RestrictedDTML = 'DocumentTemplate.security:RestrictedDTML',
+)
--- a/src/AccessControl/ImplC.py
+++ b/src/AccessControl/ImplC.py
+##############################################################################
+#
+# Copyright (c) 2003 Zope Foundation and Contributors.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+
+"""C implementation of the access control machinery."""
+
+try:
+    from AccessControl.cAccessControl import rolesForPermissionOn
+    from AccessControl.cAccessControl import PermissionRole
+    from AccessControl.cAccessControl import imPermissionRole
+    from AccessControl.cAccessControl import _what_not_even_god_should_do
+    from AccessControl.cAccessControl import aq_validate
+    from AccessControl.cAccessControl import guarded_getattr
+    from AccessControl.cAccessControl import setDefaultBehaviors
+    from AccessControl.cAccessControl import ZopeSecurityPolicy \
+        as cZopeSecurityPolicy
+    from AccessControl.cAccessControl import SecurityManager \
+        as cSecurityManager
+except ImportError:
+    import sys
+    # make sure a partial import doesn't pollute sys.modules
+    del sys.modules[__name__]
+    raise
+
+from AccessControl.ImplPython import SecurityManager
+from AccessControl.ImplPython import ZopeSecurityPolicy
+
+
+class ZopeSecurityPolicy(cZopeSecurityPolicy, ZopeSecurityPolicy):
+    """A security manager provides methods for checking access and managing
+    executable context and policies
+    """
+
+class SecurityManager(cSecurityManager, SecurityManager):
+    """A security manager provides methods for checking access and managing
+    executable context and policies
+    """
--- a/src/AccessControl/ImplPython.py
+++ b/src/AccessControl/ImplPython.py
--- a/src/AccessControl/Implementation.py
+++ b/src/AccessControl/Implementation.py
+##############################################################################
+#
+# Copyright (c) 2003 Zope Foundation and Contributors.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+
+"""Controller that can switch between security machinery implementations.
+
+This module allows configuration of the security implementation after
+the initial import of the modules.  It is intended to allow runtime
+selection of the machinery based on Zope's configuration file.
+
+The helper function defined here switches between the 'C' and 'PYTHON'
+security implementations by loading the appropriate implementation
+module and wiring the implementation into the other modules of the
+AccessControl package that defined the various components before this
+module was introduced.
+
+"""
+
+def getImplementationName():
+    """Return the name of the implementation currently being used."""
+    return _implementation_name
+
+
+def setImplementation(name):
+    """Select the policy implementation to use. The 'name' must be either
+       'PYTHON' or 'C'. NOTE: this function is intended to be called
+       exactly once, so that the Zope config file can dictate the policy
+       implementation to be used. Subsequent calls to this function will
+       have no effect!!
+    """
+    import sys
+    global _implementation_name
+    global _implementation_set
+
+    if _implementation_set:
+        return
+
+    name = name.upper()
+    if name == _implementation_name:
+        return
+    if name == "C":
+        from AccessControl import ImplC as impl
+    elif name == "PYTHON":
+        from AccessControl import ImplPython as impl
+    else:
+        raise ValueError("unknown policy implementation: %r" % name)
+
+    _implementation_name = name
+    for modname, names in _policy_names.items():
+        __import__(modname)
+        mod = sys.modules[modname]
+        for n in names:
+            setattr(mod, n, getattr(impl, n))
+        if hasattr(mod, "initialize"):
+            mod.initialize(impl)
+
+    from AccessControl.SecurityManager import setSecurityPolicy
+    policy = impl.ZopeSecurityPolicy(True, True)
+    setSecurityPolicy(policy)
+
+    _implementation_set = 1
+
+_implementation_name = None
+_implementation_set = 0
+
+_policy_names = {
+    "AccessControl": ("setDefaultBehaviors",
+                      ),
+    "AccessControl.PermissionRole": ("_what_not_even_god_should_do",
+                                     "rolesForPermissionOn",
+                                     "PermissionRole",
+                                     "imPermissionRole",
+                                     ),
+    "AccessControl.SecurityManagement": ("SecurityManager",
+                                      ),
+    "AccessControl.SecurityManager": ("SecurityManager",
+                                      ),
+    "AccessControl.ZopeGuards": ("aq_validate",
+                                 "guarded_getattr",
+                                 ),
+    "AccessControl.ZopeSecurityPolicy": ("ZopeSecurityPolicy",
+                                         ),
+    }
+
+
+# start with the default, mostly because we need something for the tests
+setImplementation("C")
+
+# allow the implementation to change from the default
+_implementation_set = 0
--- a/src/AccessControl/Owned.py
+++ b/src/AccessControl/Owned.py
+##############################################################################
+#
+# Copyright (c) 2002 Zope Foundation and Contributors.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE
+#
+##############################################################################
+"""Support for owned objects
+"""
+
+# BBB
+from .owner import absattr
+from .owner import EditUnowned
+from .owner import EmergencyUserCannotOwn
+from .owner import ownableFilter
+from .owner import ownerInfo
+from .owner import UnownableOwner
+
+from zope.deferredimport import deprecated
+deprecated("Owned is no longer part of AccessControl, please "
+           "depend on Zope2 and import from OFS.owner or use the "
+           "new minimal Owned class from AccessControl.owner.",
+    Owned = 'OFS.owner:Owned',
+)
--- a/src/AccessControl/Permission.py
+++ b/src/AccessControl/Permission.py
+##############################################################################
+#
+# Copyright (c) 2002 Zope Foundation and Contributors.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""Permissions
+"""
+
+import string
+
+from Acquisition import aq_base
+
+name_trans=filter(lambda c, an=string.letters+string.digits+'_': c not in an,
+                  map(chr, range(256)))
+name_trans=string.maketrans(''.join(name_trans), '_'*len(name_trans))
+
+
+def pname(name, translate=string.translate, name_trans=name_trans):
+    return '_'+translate(name, name_trans) + "_Permission"
+
+_marker=[]
+
+
+class Permission:
+    # A Permission maps a named logical permission to a set
+    # of attribute names. Attribute names which appear in a
+    # permission may not appear in any other permission defined
+    # by the object.
+
+    def __init__(self, name, data, obj, default=None):
+        self.name = name
+        self._p = '_' + string.translate(name, name_trans) + "_Permission"
+        self.data = data
+        self.obj = aq_base(obj)
+        self.default = default
+
+    def getRoles(self, default=_marker):
+        # Return the list of role names which have been given
+        # this permission for the object in question. To do
+        # this, we try to get __roles__ from all of the object
+        # attributes that this permission represents.
+        obj = self.obj
+        name = self._p
+        if hasattr(obj, name):
+            return getattr(obj, name)
+        roles = default
+        for name in self.data:
+            if name:
+                if hasattr(obj, name):
+                    attr = getattr(obj, name)
+                    if hasattr(attr, 'im_self'):
+                        attr = attr.im_self
+                        if hasattr(attr, '__dict__'):
+                            attr = attr.__dict__
+                            name = name + '__roles__'
+                            if name in attr:
+                                roles = attr[name]
+                                break
+            elif hasattr(obj, '__dict__'):
+                attr = obj.__dict__
+                if '__roles__' in attr:
+                    roles = attr['__roles__']
+                    break
+
+        if roles:
+            try:
+                if 'Shared' not in roles:
+                    return tuple(roles)
+                roles = list(roles)
+                roles.remove('Shared')
+                return roles
+            except:
+                return []
+
+        if roles is None:
+            return ['Manager', 'Anonymous']
+        if roles is _marker:
+            return ['Manager']
+
+        return roles
+
+    def setRoles(self, roles):
+        obj = self.obj
+
+        if isinstance(roles, list) and not roles:
+            if hasattr(obj, self._p):
+                delattr(obj, self._p)
+        else:
+            setattr(obj, self._p, roles)
+
+        for name in self.data:
+            if name=='':
+                attr = obj
+            else:
+                attr = getattr(obj, name)
+            try:
+                del attr.__roles__
+            except:
+                pass
+            try:
+                delattr(obj, name + '__roles__')
+            except:
+                pass
+
+    def setRole(self, role, present):
+        roles = self.getRoles()
+        if role in roles:
+            if present:
+                return
+            if isinstance(roles, list):
+                roles.remove(role)
+            else:
+                roles = list(roles)
+                roles.remove(role)
+                roles = tuple(roles)
+        elif not present:
+            return
+        else:
+            if isinstance(roles, list):
+                roles.append(role)
+            else:
+                roles=roles + (role, )
+        self.setRoles(roles)
+
+    def __len__(self):
+        return 1
+
+    def __str__(self):
+        return self.name
+
+
+_registeredPermissions = {}
+_ac_permissions = ()
+
+
+def getPermissions():
+    return _ac_permissions
+
+
+def addPermission(perm, default_roles=('Manager', )):
+    if perm in _registeredPermissions:
+        return
+
+    entry = ((perm, (), default_roles), )
+    global _ac_permissions
+    _ac_permissions = _ac_permissions + entry
+    _registeredPermissions[perm] = 1
+    mangled = pname(perm) # get mangled permission name
+    if not hasattr(ApplicationDefaultPermissions, mangled):
+        setattr(ApplicationDefaultPermissions, mangled, default_roles)
+
+
+def registerPermissions(permissions, defaultDefault=('Manager', )):
+    """Register an __ac_permissions__ sequence.
+    """
+    for setting in permissions:
+        if setting[0] in _registeredPermissions:
+            continue
+        if len(setting)==2:
+            perm, methods = setting
+            default = defaultDefault
+        else:
+            perm, methods, default = setting
+        addPermission(perm, default)
+
+
+class ApplicationDefaultPermissions:
+    _View_Permission = ('Manager', 'Anonymous')
+    _Access_contents_information_Permission = ('Manager', 'Anonymous')
--- a/src/AccessControl/PermissionMapping.py
+++ b/src/AccessControl/PermissionMapping.py
+##############################################################################
+#
+# Copyright (c) 2002 Zope Foundation and Contributors.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE
+#
+##############################################################################
+"""Permission Mapping
+
+Sometimes, we need an object's permissions to be remapped to other permissions
+when the object is used in special ways.  This is rather hard, since we
+need the object's ordinary permissions intact so we can manage it.
+"""
+
+from cgi import escape
+
+from Acquisition import ImplicitAcquisitionWrapper
+from ExtensionClass import Base
+from zope.interface import implements
+
+from AccessControl.class_init import InitializeClass
+from AccessControl.interfaces import IPermissionMappingSupport
+from AccessControl.owner import UnownableOwner
+from AccessControl.Permission import pname
+from AccessControl.requestmethod import requestmethod
+
+class RoleManager:
+
+    implements(IPermissionMappingSupport)
+
+    # XXX: No security declarations?
+
+    def manage_getPermissionMapping(self):
+        """Return the permission mapping for the object
+
+        This is a list of dictionaries with:
+
+          permission_name -- The name of the native object permission
+
+          class_permission -- The class permission the permission is
+             mapped to.
+        """
+        wrapper=getattr(self, '_permissionMapper', None)
+        if wrapper is None: wrapper=PM()
+
+        perms={}
+        for p in self.possible_permissions():
+            perms[pname(p)]=p
+
+        r=[]
+        a=r.append
+        for ac_perms in self.ac_inherited_permissions(1):
+            p=perms.get(getPermissionMapping(ac_perms[0], wrapper), '')
+            a({'permission_name': ac_perms[0], 'class_permission': p})
+        return r
+
+    @requestmethod('POST')
+    def manage_setPermissionMapping(self,
+                                    permission_names=[],
+                                    class_permissions=[], REQUEST=None):
+        """Change the permission mapping
+        """
+        wrapper=getattr(self, '_permissionMapper', None)
+        if wrapper is None: wrapper=PM()
+
+        perms=self.possible_permissions()
+        for i in range(len(permission_names)):
+            name=permission_names[i]
+            p=class_permissions[i]
+            if p and (p not in perms):
+                __traceback_info__=perms, p, i
+                raise ValueError, (
+                    """Attempted to map a permission to a permission, %s,
+                    that is not valid. This should never happen. (Waaa).
+                    """ % escape(p))
+
+
+            setPermissionMapping(name, wrapper, p)
+
+        self._permissionMapper=wrapper
+
+        if REQUEST is not None:
+            return self.manage_access(
+                REQUEST,
+                manage_tabs_message='The permission mapping has been updated')
+
+    def _isBeingUsedAsAMethod(self, REQUEST =None, wannaBe=0):
+        try:
+            if hasattr(self, 'aq_self'):
+                r=self.aq_acquire('_isBeingUsedAsAMethod_')
+            else:
+                r=self._isBeingUsedAsAMethod_
+        except: r=0
+
+        if REQUEST is not None:
+            if not r != (not wannaBe): REQUEST.response.notFoundError()
+
+        return r
+
+InitializeClass(RoleManager)
+
+
+def getPermissionMapping(name, obj, st=type('')):
+    obj=getattr(obj, 'aq_base', obj)
+    name=pname(name)
+    r=getattr(obj, name, '')
+    if type(r) is not st: r=''
+    return r
+
+def setPermissionMapping(name, obj, v):
+    name=pname(name)
+    if v: setattr(obj, name, pname(v))
+    elif obj.__dict__.has_key(name): delattr(obj, name)
+
+class PM(Base):
+    _owner=UnownableOwner
+
+    _View_Permission='_View_Permission'
+    _is_wrapperish = 1
+
+    def __getattr__(self, name):
+        # We want to make sure that any non-explicitly set methods are
+        # private!
+        if name.startswith('_') and name.endswith("_Permission"): return ''
+        raise AttributeError, escape(name)
+
+PermissionMapper=PM
+
+def aqwrap(object, wrapper, parent):
+    r=Rewrapper()
+    r._ugh=wrapper, object, parent
+    return r
+
+class Rewrapper(Base):
+    def __of__(self, parent):
+        w, m, p = self._ugh
+        return m.__of__(
+            ImplicitAcquisitionWrapper(
+                w, parent))
+
+    def __getattr__(self, name):
+        w, m, parent = self._ugh
+        self=m.__of__(
+            ImplicitAcquisitionWrapper(
+                w, parent))
+        return getattr(self, name)
+
+    def __call__(self, *args, **kw):
+        w, m, parent = self._ugh
+        self=m.__of__(
+            ImplicitAcquisitionWrapper(
+                w, parent))
+        return apply(self, args, kw)
--- a/src/AccessControl/PermissionRole.py
+++ b/src/AccessControl/PermissionRole.py
+##############################################################################
+#
+# Copyright (c) 2002 Zope Foundation and Contributors.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE
+#
+##############################################################################
+'''Objects that implement Permission-based roles.
+'''
+
+# The following names are inserted by AccessControl.Implementation:
+#
+# rolesForPermissionOn, PermissionRole, imPermissionRole,
+# _what_not_even_god_should_do
--- a/src/AccessControl/Permissions.py
+++ b/src/AccessControl/Permissions.py
+##############################################################################
+#
+# Copyright (c) 2002 Zope Foundation and Contributors.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE
+#
+##############################################################################
+"""Constant definitions for built-in Zope permissions
+"""
+
+
+access_contents_information='Access contents information'
+add_database_methods='Add Database Methods'
+add_documents_images_and_files='Add Documents, Images, and Files'
+add_external_methods='Add External Methods'
+add_folders='Add Folders'
+add_mailhost_objects='Add MailHost objects'
+add_page_templates='Add Page Templates'
+add_python_scripts='Add Python Scripts'
+add_user_folders='Add User Folders'
+add_vocabularies='Add Vocabularies'
+add_z_gadfly_database_connections='Add Z Gadfly Database Connections'
+add_zcatalogs='Add ZCatalogs'
+add_zope_tutorials='Add Zope Tutorials'
+change_database_connections='Change Database Connections'
+change_database_methods='Change Database Methods'
+change_external_methods='Change External Methods'
+change_images_and_files='Change Images and Files'
+change_python_scripts='Change Python Scripts'
+change_configuration='Change configuration'
+change_page_templates='Change Page Templates'
+change_permissions='Change permissions'
+change_proxy_roles='Change proxy roles'
+copy_or_move='Copy or Move'
+create_class_instances='Create class instances'
+define_permissions='Define permissions'
+delete_objects='Delete objects'
+edit_factories='Edit Factories'
+ftp_access='FTP access'
+import_export_objects='Import/Export objects'
+manage_vocabulary='Manage Vocabulary'
+manage_zcatalog_entries='Manage ZCatalog Entries'
+manage_zcatalog_indexes='Manage ZCatalogIndex Entries'
+manage_properties='Manage properties'
+manage_users='Manage users'
+open_close_database_connection='Open/Close Database Connection'
+open_close_database_connections='Open/Close Database Connections'
+query_vocabulary='Query Vocabulary'
+search_zcatalog='Search ZCatalog'
+take_ownership='Take ownership'
+test_database_connections='Test Database Connections'
+undo_changes='Undo changes'
+use_database_methods='Use Database Methods'
+use_factories='Use Factories'
+use_mailhost_services='Use mailhost services'
+view='View'
+view_history='View History'
+view_management_screens='View management screens'
+webdav_access='WebDAV access'
+webdav_lock_items='WebDAV Lock items'
+webdav_unlock_items='WebDAV Unlock items'
+
+
+from zope.deferredimport import deprecated
+
+new_loc = 'DocumentTemplate.permissions'
+
+deprecated("Please import from %s" % new_loc,
+    change_dtml_documents = '%s:change_dtml_documents' % new_loc,
+    change_dtml_methods = '%s:change_dtml_methods' % new_loc,
+)
--- a/src/AccessControl/Role.py
+++ b/src/AccessControl/Role.py
+##############################################################################
+#
+# Copyright (c) 2002 Zope Foundation and Contributors.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE
+#
+##############################################################################
+"""Access control support
+"""
+
+# BBB
+from .rolemanager import DEFAULTMAXLISTUSERS
+from .rolemanager import _isBeingUsedAsAMethod
+from .rolemanager import _isNotBeingUsedAsAMethod
+from .rolemanager import reqattr
+from .rolemanager import classattr
+from .rolemanager import instance_dict
+from .rolemanager import class_dict
+from .rolemanager import instance_attrs
+from .rolemanager import class_attrs
+from .rolemanager import gather_permissions
+
+from zope.deferredimport import deprecated
+deprecated("RoleManager is no longer part of AccessControl, please "
+           "depend on Zope2 and import from OFS.role or use the new minimal "
+           "RoleManager class from AccessControl.rolemanager.",
+    RoleManager = 'OFS.role:RoleManager',
+)
--- a/src/AccessControl/SecurityInfo.py
+++ b/src/AccessControl/SecurityInfo.py
--- a/src/AccessControl/SecurityManagement.py
+++ b/src/AccessControl/SecurityManagement.py
+##############################################################################
+#
+# Copyright (c) 2002 Zope Foundation and Contributors.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE
+#
+##############################################################################
+"""Security management
+"""
+def getSecurityManager():
+    """Get a security manager, for the current thread.
+    """
+    thread_id=get_ident()
+    manager=_managers.get(thread_id, None)
+    if manager is None:
+        nobody = getattr(SpecialUsers, 'nobody', None)
+        if nobody is None:
+            # Initialize SpecialUsers by importing User.py.
+            import User
+            nobody = SpecialUsers.nobody
+        manager = SecurityManager(thread_id, SecurityContext(nobody))
+        _managers[thread_id]=manager
+
+    return manager
+
+def setSecurityManager(manager):
+    """install *manager* as current security manager for this thread."""
+    thread_id=get_ident()
+    _managers[thread_id]=manager
+
+import SpecialUsers
+
+# AccessControl.Implementation inserts SecurityManager.
+
+try:
+    from thread import get_ident
+except ImportError:
+    def get_ident():
+        return 0
+
+_managers={}
+
+def newSecurityManager(request, user):
+    """Set up a new security context for a request for a user
+    """
+    thread_id=get_ident()
+    _managers[thread_id]=SecurityManager(
+        thread_id,
+        SecurityContext(user),
+        )
+
+def noSecurityManager():
+    try: del _managers[get_ident()]
+    except: pass
+
+
+def setSecurityPolicy(aSecurityPolicy):
+    """Set the system default security policy.
+
+    This method should only be caused by system startup code. It should
+    never, for example, be called during a web request.
+    """
+    SecurityManager.setSecurityPolicy(aSecurityPolicy)
+
+class SecurityContext:
+    """The security context is an object used internally to the security
+    machinery. It captures data about the current security context.
+    """
+
+    def __init__(self, user):
+        self.stack=[]
+        self.user=user
+        self.objectCache = {}
--- a/src/AccessControl/SecurityManager.py
+++ b/src/AccessControl/SecurityManager.py
+##############################################################################
+#
+# Copyright (c) 2002 Zope Foundation and Contributors.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE
+#
+##############################################################################
+'''API module to set the security policy
+'''
+
+from AccessControl import ImplPython as _ImplPython
+from AccessControl.SimpleObjectPolicies import _noroles
+
+
+def setSecurityPolicy(aSecurityPolicy):
+    """Set the system default security policy.
+
+    This method should only be caused by system startup code. It should
+    never, for example, be called during a web request.
+    """
+    last = _ImplPython._defaultPolicy
+    _ImplPython._defaultPolicy = aSecurityPolicy
+    return last
+
+
+# AccessControl.Implementation inserts SecurityManager.
--- a/src/AccessControl/SimpleObjectPolicies.py
+++ b/src/AccessControl/SimpleObjectPolicies.py
+##############################################################################
+#
+# Copyright (c) 2002 Zope Foundation and Contributors.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE
+#
+##############################################################################
+'''Collect rules for access to objects that don\'t have roles.
+
+The rules are expressed as a mapping from type -> assertion
+
+An assertion can be:
+
+  - A dict
+
+  - A callable
+
+  - Something with a truth value
+
+If the assertion is a callable, then it will be called with
+a name being accessed and the name used.  Its return value is ignored,
+but in may veto an access by raising an exception.
+
+If the assertion is a dictionary, then the keys are attribute names.
+The values may be callables or objects with boolean values. If a value
+is callable, it will be called with the object we are accessing an
+attribute of and the attribute name. It should return an attribute
+value. Callables are often used to returned guarded versions of
+methods.  Otherwise, accesses are allowed if values in this dictionary
+are true and disallowed if the values are false or if an item for an
+attribute name is not present.
+
+If the assertion is not a dict and is not callable, then access to
+unprotected attributes is allowed if the assertion is true, and
+disallowed otherwise.
+
+XXX This descrition doesn't actually match what's done in ZopeGuards
+or in ZopeSecurityPolicy. :(
+'''
+
+_noroles = [] # this is imported in various places
+
+import Record
+
+# Allow access to unprotected attributes
+Record.Record.__allow_access_to_unprotected_subobjects__=1
+
+# ContainerAssertions are used by cAccessControl to check access to
+# attributes of container types, like dict, list, or string.
+# ContainerAssertions maps types to a either a dict, a function, or a
+# simple boolean value.  When guarded_getattr checks the type of its
+# first argument against ContainerAssertions, and invokes checking
+# logic depending on what value it finds.
+
+# If the value for a type is:
+#   - a boolean value:
+#      - the value determines whether access is allowed
+#   - a function (or callable):
+#      - The function is called with the name of the attribute and
+#        the actual attribute value, then the value is returned.
+#        The function can raise an exception.
+#   - a dict:
+#      - The dict maps attribute names to boolean values or functions.
+#        The boolean values behave as above, but the functions do not.
+#        The value returned for attribute access is the result of
+#        calling the function with the object and the attribute name.
+
+ContainerAssertions={
+    type(()): 1,
+    type(''): 1,
+    type(u''): 1,
+    }
+
+Containers = ContainerAssertions.get
+
+def allow_type(Type, allowed=1):
+    """Allow a type and all of its methods and attributes to be used from
+    restricted code.  The argument Type must be a type."""
+    if type(Type) is not type:
+        raise ValueError, "%s is not a type" % `Type`
+    if hasattr(Type, '__roles__'):
+        raise ValueError, "%s handles its own security" % `Type`
+    if not (isinstance(allowed, int) or isinstance(allowed, dict)):
+        raise ValueError, "The 'allowed' argument must be an int or dict."
+    ContainerAssertions[Type] = allowed
+
+#
+#   WAAAA!
+#
+from BTrees.OOBTree import OOBTree, OOBucket, OOSet
+from BTrees.OIBTree import OIBTree, OIBucket, OISet
+from BTrees.IOBTree import IOBTree, IOBucket, IOSet
+from BTrees.IIBTree import IIBTree, IIBucket, IISet
+
+for tree_type, has_values in [(OOBTree, 1),
+                              (OOBucket, 1),
+                              (OOSet, 0),
+                              (OIBTree, 1),
+                              (OIBucket, 1),
+                              (OISet, 0),
+                              (IOBTree, 1),
+                              (IOBucket, 1),
+                              (IOSet, 0),
+                              (IIBTree, 1),
+                              (IIBucket, 1),
+                              (IISet, 0),
+                             ]:
+    tree = tree_type()
+    key_type = type(tree.keys())
+
+    if key_type is not list: # lists have their own declarations
+        allow_type(key_type)
+
+    if has_values:
+        assert key_type is type(tree.values())
+        assert key_type is type(tree.items())
--- a/src/AccessControl/SpecialUsers.py
+++ b/src/AccessControl/SpecialUsers.py
+##############################################################################
+#
+# Copyright (c) 2002 Zope Foundation and Contributors.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""Place to find special users
+
+This is needed to avoid a circular import problem.  The 'real' values
+are stored here by the AccessControl.User module as part of it's
+initialization.
+"""
+
+nobody = None
+system = None
+emergency_user = None
+
+# Note: use of the 'super' name is deprecated.
+super = None
--- a/src/AccessControl/User.py
+++ b/src/AccessControl/User.py
+##############################################################################
+#
+# Copyright (c) 2002 Zope Foundation and Contributors.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""Access control package.
+"""
+
+# BBB
+from .users import BasicUser
+from .users import SimpleUser
+from .users import SpecialUser
+from .users import User
+from .users import UnrestrictedUser
+from .users import NullUnrestrictedUser
+from .users import readUserAccessFile
+from .users import emergency_user
+from .users import emergency_user as super
+from .users import _remote_user_mode
+from .users import nobody
+from .users import system
+from .users import rolejoin
+from .users import addr_match
+from .users import host_match
+from .users import domainSpecMatch
+from .users import absattr
+from .users import reqattr
+from .users import UnrestrictedUser as Super
+
+
+from zope.deferredimport import deprecated
+deprecated("User folders are no longer part of AccessControl, please depend "
+           "on Zope2 and import from OFS.userfolder or use the new minimal "
+           "user folder classes from AccessControl.userfolder.",
+    BasicUserFolder = 'OFS.userfolder:BasicUserFolder',
+    manage_addUserFolder = 'OFS.userfolder:manage_addUserFolder',
+    UserFolder = 'OFS.userfolder:UserFolder',
+)
--- a/src/AccessControl/ZopeGuards.py
+++ b/src/AccessControl/ZopeGuards.py
--- a/src/AccessControl/ZopeSecurityPolicy.py
+++ b/src/AccessControl/ZopeSecurityPolicy.py
+##############################################################################
+#
+# Copyright (c) 2002 Zope Foundation and Contributors.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE
+#
+##############################################################################
+"""Define Zope's default security policy
+"""
+
+from types import MethodType
+
+# AccessControl.Implementation inserts:
+#   ZopeSecurityPolicy, getRoles, rolesForPermissionOn
+from AccessControl.SimpleObjectPolicies import _noroles
+
+rolesForPermissionOn = None  # XXX:  avoid import loop
+
+tuple_or_list = tuple, list
+
+
+def getRoles(container, name, value, default):
+
+    global rolesForPermissionOn  # XXX:  avoid import loop
+
+    if rolesForPermissionOn is None:
+        from PermissionRole import rolesForPermissionOn
+
+    roles = getattr(value, '__roles__', _noroles)
+    if roles is _noroles:
+        if not name or not isinstance(name, basestring):
+            return default
+
+        if type(value) is MethodType:
+            container = value.im_self
+
+        cls = getattr(container, '__class__', None)
+        if cls is None:
+            return default
+        
+        roles = getattr(cls, name+'__roles__', _noroles)
+        if roles is _noroles:
+            return default
+
+        value = container
+
+    if roles is None or isinstance(roles, tuple_or_list):
+        return roles
+
+    # Do not override global variable `rolesForPermissionOn`.
+    roles_rolesForPermissionOn = getattr(roles, 'rolesForPermissionOn', None)
+    if roles_rolesForPermissionOn is not None:
+        roles = roles_rolesForPermissionOn(value)
+
+    return roles
--- a/src/AccessControl/__init__.py
+++ b/src/AccessControl/__init__.py
+##############################################################################
+#
+# Copyright (c) 2002 Zope Foundation and Contributors.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE
+#
+##############################################################################
+
+
+# This has to happen early so things get initialized properly
+from AccessControl.Implementation import setImplementation
+
+from AccessControl.SecurityManagement import getSecurityManager
+from AccessControl.SecurityManagement import setSecurityPolicy
+from AccessControl.SecurityInfo import ClassSecurityInfo
+from AccessControl.SecurityInfo import ModuleSecurityInfo
+from AccessControl.SecurityInfo import ACCESS_PRIVATE
+from AccessControl.SecurityInfo import ACCESS_PUBLIC
+from AccessControl.SecurityInfo import ACCESS_NONE
+from AccessControl.SecurityInfo import secureModule
+from AccessControl.SecurityInfo import allow_module
+from AccessControl.SecurityInfo import allow_class
+from AccessControl.SimpleObjectPolicies import allow_type
+from AccessControl.unauthorized import Unauthorized
+from AccessControl.ZopeGuards import full_write_guard
+from AccessControl.ZopeGuards import safe_builtins
+
+ModuleSecurityInfo('AccessControl').declarePublic('getSecurityManager')
+
+# allow imports of utility_builtins
+
+for name in ('string', 'math', 'random', 'sets'):
+    ModuleSecurityInfo(name).setDefaultAccess('allow')
+
+ModuleSecurityInfo('DateTime').declarePublic('DateTime')
--- a/src/AccessControl/cAccessControl.c
+++ b/src/AccessControl/cAccessControl.c
--- a/src/AccessControl/class_init.py
+++ b/src/AccessControl/class_init.py
+##############################################################################
+#
+# Copyright (c) 2002 Zope Foundation and Contributors.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""Class initialization.
+"""
+
+import logging
+
+from AccessControl.Permission import ApplicationDefaultPermissions # BBB
+
+def InitializeClass(self):
+    from AccessControl.Permission import registerPermissions
+    from AccessControl.PermissionRole import PermissionRole
+    dict=self.__dict__
+    have=dict.has_key
+    ft=type(InitializeClass)
+    dict_items=dict.items()
+
+    for name, v in dict_items:
+        if getattr(v, '_need__name__', 0):
+            d = v.__dict__
+            oldname = d.get('__name__', '')
+            if d.get('_implicit__name__', 0):
+                # Already supplied a name.
+                if name != oldname:
+                    # Tried to implicitly assign a different name!
+                    try: classname = '%s.%s' % (
+                        self.__module__, self.__name__)
+                    except AttributeError: classname = `self`
+                    logging.getLogger("Init").warning(
+                        'Ambiguous name for method of %s: %r != %r',
+                        classname, d['__name__'], name)
+            else:
+                # Supply a name implicitly so that the method can
+                # find the security assertions on its container.
+                v._implicit__name__ = 1
+                v.__name__ = name
+            if name=='manage' or name[:7]=='manage_':
+                name=name+'__roles__'
+                if not have(name):
+                    setattr(self, name, ('Manager',))
+        elif name=='manage' or name[:7]=='manage_' and type(v) is ft:
+            name=name+'__roles__'
+            if not have(name):
+                setattr(self, name, ('Manager',))
+
+    # Look for a SecurityInfo object on the class. If found, call its
+    # apply() method to generate __ac_permissions__ for the class. We
+    # delete the SecurityInfo from the class dict after it has been
+    # applied out of paranoia.
+    for key, value in dict_items:
+        if hasattr(value, '__security_info__'):
+            security_info=value
+            security_info.apply(self)
+            delattr(self, key)
+            break
+
+    if self.__dict__.has_key('__ac_permissions__'):
+        registerPermissions(self.__ac_permissions__)
+        for acp in self.__ac_permissions__:
+            pname, mnames = acp[:2]
+            if len(acp) > 2:
+                roles = acp[2]
+                pr = PermissionRole(pname, roles)
+            else:
+                pr = PermissionRole(pname)
+            for mname in mnames:
+                setattr(self, mname+'__roles__', pr)
+                if (mname and mname not in ('context', 'request') and
+                    not hasattr(self, mname)):
+                    # don't complain about context or request, as they are
+                    # frequently not available as class attributes
+                    logging.getLogger("Init").warning(
+                        "Class %s.%s has a security declaration for "
+                        "nonexistent method %r", self.__module__,
+                        self.__name__, mname)
+
+default__class_init__ = InitializeClass # BBB: old name
--- a/src/AccessControl/configure.zcml
+++ b/src/AccessControl/configure.zcml
+<configure xmlns="http://namespaces.zope.org/zope">
+
+  <include file="permissions.zcml"/>
+
+</configure>
--- a/src/AccessControl/interfaces.py
+++ b/src/AccessControl/interfaces.py
--- a/src/AccessControl/logger_wrapper.py
+++ b/src/AccessControl/logger_wrapper.py
+# A wrapper to replace the usage of the zLOG module in cAccessControl without
+# having the need to change the C code significantly.
+
+from logging import getLogger
+LOG = getLogger('AccessControl')
+warn = LOG.warn
--- a/src/AccessControl/meta.zcml
+++ b/src/AccessControl/meta.zcml
+<configure
+    xmlns="http://namespaces.zope.org/zope"
+    xmlns:meta="http://namespaces.zope.org/meta">
+
+  <include package="zope.component" file="meta.zcml" />
+  <include package="zope.security" file="meta.zcml" />
+
+  <meta:directives namespace="http://namespaces.zope.org/zope">
+
+    <meta:complexDirective
+        name="class"
+        schema="zope.security.metadirectives.IClassDirective"
+        handler=".metaconfigure.ClassDirective"
+        >
+
+      <meta:subdirective
+          name="implements"
+          schema="zope.security.metadirectives.IImplementsSubdirective"
+          />
+
+      <meta:subdirective
+          name="require"
+          schema="zope.security.metadirectives.IRequireSubdirective"
+          />
+
+      <meta:subdirective
+          name="allow"
+          schema="zope.security.metadirectives.IAllowSubdirective"
+          />
+
+    </meta:complexDirective>
+
+    <meta:directive
+        name="securityPolicy"
+        schema="zope.security.zcml.ISecurityPolicyDirective"
+        handler="zope.security.zcml.securityPolicy"
+        />
+
+    <meta:groupingDirective
+        name="permission"
+        schema="zope.security.zcml.IPermissionDirective"
+        handler=".security.PermissionDirective"/>
+    
+    <meta:directive
+        name="role"
+        usedIn="zope.security.zcml.IPermissionDirective"
+        schema=".security.IRoleDirective"
+        handler=".security.RoleDirective"/>
+
+  </meta:directives>
+
+</configure>
--- a/src/AccessControl/metaconfigure.py
+++ b/src/AccessControl/metaconfigure.py
+##############################################################################
+#
+# Copyright (c) 2004, 2005 Zope Foundation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+
+import warnings
+from zope.security import metaconfigure
+from AccessControl.class_init import InitializeClass
+from AccessControl.security import protectName
+
+class ClassDirective(metaconfigure.ClassDirective):
+
+    def __protectName(self, name, permission_id):
+        self.__context.action(
+            discriminator = ('five:protectName', self.__class, name),
+            callable = protectName,
+            args = (self.__class, name, permission_id)
+            )
+
+    def __protectSetAttributes(self, names, permission_id):
+        warnings.warn("The set_attribute option of the <require /> directive "
+                      "is not supported in Zope 2. "
+                      "Ignored for %s" % str(self.__class), stacklevel=3)
+
+    def __protectSetSchema(self, schema, permission):
+        warnings.warn("The set_schema option of the <require /> directive "
+                      "is not supported in Zope 2. "
+                      "Ignored for %s" % str(self.__class), stacklevel=3)
+
+    def __mimic(self, _context, class_):
+        warnings.warn("The like_class option of the <require /> directive "
+                      "is not supported in Zope 2. "
+                      "Ignored for %s" % str(self.__class), stacklevel=3)
+
+    def __call__(self):
+        return self.__context.action(
+            discriminator = None,
+            callable = InitializeClass,
+            args = (self.__class,)
+            )
--- a/src/AccessControl/owner.py
+++ b/src/AccessControl/owner.py
--- a/src/AccessControl/permissions.zcml
+++ b/src/AccessControl/permissions.zcml
+<configure xmlns="http://namespaces.zope.org/zope"
+           i18n_domain="Zope2">
+
+  <permission
+    id="zope2.Public"
+    title="Public, everyone can access">
+      <role name="Anonymous"/>
+  </permission>
+
+  <permission
+    id="zope2.Private"
+    title="Private, only accessible from trusted code"
+    />
+
+  <permission
+    id="zope2.AccessContentsInformation"
+    title="Access contents information"
+    />
+
+  <permission
+    id="zope2.ChangeImagesFiles"
+    title="Change Images and Files"
+    />
+
+  <permission
+    id="zope2.ChangeConfig"
+    title="Change configuration"
+    />
+
+  <permission
+    id="zope2.ChangePermissions"
+    title="Change permissions"
+    />
+
+  <permission
+    id="zope2.CopyOrMove"
+    title="Copy or Move"
+    />
+
+  <permission
+    id="zope2.DefinePermissions"
+    title="Define permissions"
+    />
+
+  <permission
+    id="zope2.DeleteObjects"
+    title="Delete objects"
+    />
+
+  <permission
+    id="zope2.FTPAccess"
+    title="FTP access"
+    />
+
+  <permission
+    id="zope2.ImportExport"
+    title="Import/Export objects"
+    />
+
+  <permission
+    id="zope2.ManageProperties"
+    title="Manage properties"
+    />
+
+  <permission
+    id="zope2.ManageUsers"
+    title="Manage users"
+    />
+
+  <permission
+    id="zope2.Undo"
+    title="Undo changes"
+    />
+
+  <permission
+    id="zope2.View"
+    title="View"
+    />
+
+  <permission
+    id="zope2.ViewHistory"
+    title="View History"
+    />
+
+  <permission
+    id="zope2.ViewManagementScreens"
+    title="View management screens"
+    />
+
+  <permission
+    id="zope2.WebDAVLock"
+    title="WebDAV Lock items"
+    />
+
+  <permission
+    id="zope2.WebDAVUnlock"
+    title="WebDAV Unlock items"
+    />
+
+  <permission
+    id="zope2.WebDAVAccess"
+    title="WebDAV access"
+    />
+
+</configure>
--- a/src/AccessControl/requestmethod.py
+++ b/src/AccessControl/requestmethod.py
+#############################################################################
+#
+# Copyright (c) 2007 Zope Foundation and Contributors.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE
+#
+##############################################################################
+
+import inspect
+from zExceptions import Forbidden
+from zope.publisher.interfaces.browser import IBrowserRequest
+
+_default = []
+
+def _buildFacade(name, spec, docstring):
+    """Build a facade function, matching the decorated method in signature.
+    
+    Note that defaults are replaced by _default, and _curried will reconstruct
+    these to preserve mutable defaults.
+    
+    """
+    args = inspect.formatargspec(formatvalue=lambda v: '=_default', *spec)
+    callargs = inspect.formatargspec(formatvalue=lambda v: '', *spec)
+    return 'def %s%s:\n    """%s"""\n    return _curried%s' % (
+        name, args, docstring, callargs)
+
+def requestmethod(*methods):
+    """Create a request method specific decorator"""
+    methods = map(lambda m: m.upper(), methods)
+    if len(methods) > 1:
+        methodsstr = ', '.join(methods[:-1])
+        methodsstr += ' or ' + methods[-1]
+    else:
+        methodsstr = methods[0]
+
+    def _methodtest(callable):
+        """Only allow callable when request method is %s.""" % methodsstr
+        spec = inspect.getargspec(callable)
+        args, defaults = spec[0], spec[3]
+        try:
+            r_index = args.index('REQUEST')
+        except ValueError:
+            raise ValueError('No REQUEST parameter in callable signature')
+        
+        arglen = len(args)
+        if defaults is not None:
+            defaults = zip(args[arglen - len(defaults):], defaults)
+            arglen -= len(defaults)
+            
+        def _curried(*args, **kw):
+            request = args[r_index]
+            if IBrowserRequest.providedBy(request):
+                if request.method not in methods:
+                    raise Forbidden('Request must be %s' % methodsstr)
+    
+            # Reconstruct keyword arguments
+            if defaults is not None:
+                args, kwparams = args[:arglen], args[arglen:]
+                for positional, (key, default) in zip(kwparams, defaults):
+                    if positional is _default:
+                        kw[key] = default
+                    else:
+                        kw[key] = positional
+                        
+            return callable(*args, **kw)
+        
+        # Build a facade, with a reference to our locally-scoped _curried
+        name = callable.__name__
+        facade_globs = dict(_curried=_curried, _default=_default)
+        exec _buildFacade(name, spec, callable.__doc__) in facade_globs
+        return facade_globs[name]
+    
+    return _methodtest
+
+# For Zope versions 2.8 - 2.10
+postonly = requestmethod('POST')
+
+__all__ = ('requestmethod', 'postonly')
--- a/src/AccessControl/requestmethod.txt
+++ b/src/AccessControl/requestmethod.txt
--- a/src/AccessControl/rolemanager.py
+++ b/src/AccessControl/rolemanager.py
--- a/src/AccessControl/security.py
+++ b/src/AccessControl/security.py
--- a/src/AccessControl/tainted.py
+++ b/src/AccessControl/tainted.py
--- a/src/AccessControl/tests/__init__.py
+++ b/src/AccessControl/tests/__init__.py
--- a/src/AccessControl/tests/actual_python.py
+++ b/src/AccessControl/tests/actual_python.py
--- a/src/AccessControl/tests/mixed_module/__init__.py
+++ b/src/AccessControl/tests/mixed_module/__init__.py
+# test module, partially private
+
+def priv():
+    pass
+
+def pub():
+    pass
--- a/src/AccessControl/tests/mixed_module/submodule/__init__.py
+++ b/src/AccessControl/tests/mixed_module/submodule/__init__.py
+# test module, private
+
+def priv():
+    pass
--- a/src/AccessControl/tests/private_module/__init__.py
+++ b/src/AccessControl/tests/private_module/__init__.py
+# test module, all private
+
+def priv():
+    pass
--- a/src/AccessControl/tests/private_module/submodule/__init__.py
+++ b/src/AccessControl/tests/private_module/submodule/__init__.py
+# test module, all private
+
+def priv():
+    pass
--- a/src/AccessControl/tests/public_module/__init__.py
+++ b/src/AccessControl/tests/public_module/__init__.py
+# test module, public
+
+from Acquisition import aq_base  # Foil the old ZopeSecurityPolicy
+
+def pub():
+    pass
--- a/src/AccessControl/tests/public_module/submodule/__init__.py
+++ b/src/AccessControl/tests/public_module/submodule/__init__.py
+# test module, public
+
+def pub():
+    pass
--- a/src/AccessControl/tests/testClassSecurityInfo.py
+++ b/src/AccessControl/tests/testClassSecurityInfo.py
--- a/src/AccessControl/tests/testImplementation.py
+++ b/src/AccessControl/tests/testImplementation.py
--- a/src/AccessControl/tests/testModuleSecurity.py
+++ b/src/AccessControl/tests/testModuleSecurity.py
--- a/src/AccessControl/tests/testOwned.py
+++ b/src/AccessControl/tests/testOwned.py
--- a/src/AccessControl/tests/testPasswordDigest.py
+++ b/src/AccessControl/tests/testPasswordDigest.py
--- a/src/AccessControl/tests/testPermissionMapping.py
+++ b/src/AccessControl/tests/testPermissionMapping.py
+import unittest
+
+
+class TestRoleManager(unittest.TestCase):
+
+    def test_interfaces(self):
+        from AccessControl.interfaces import IPermissionMappingSupport
+        from AccessControl.PermissionMapping import RoleManager
+        from zope.interface.verify import verifyClass
+
+        verifyClass(IPermissionMappingSupport, RoleManager)
+
+
+def test_suite():
+    return unittest.TestSuite((
+        unittest.makeSuite(TestRoleManager),
+        ))
--- a/src/AccessControl/tests/testPermissionRole.py
+++ b/src/AccessControl/tests/testPermissionRole.py
--- a/src/AccessControl/tests/testRole.py
+++ b/src/AccessControl/tests/testRole.py
--- a/src/AccessControl/tests/testSecurityManager.py
+++ b/src/AccessControl/tests/testSecurityManager.py
--- a/src/AccessControl/tests/testZCML.py
+++ b/src/AccessControl/tests/testZCML.py
--- a/src/AccessControl/tests/testZopeGuards.py
+++ b/src/AccessControl/tests/testZopeGuards.py
--- a/src/AccessControl/tests/testZopeSecurityPolicy.py
+++ b/src/AccessControl/tests/testZopeSecurityPolicy.py
--- a/src/AccessControl/tests/test_requestmethod.py
+++ b/src/AccessControl/tests/test_requestmethod.py
--- a/src/AccessControl/tests/test_safeiter.py
+++ b/src/AccessControl/tests/test_safeiter.py
--- a/src/AccessControl/tests/test_tainted.py
+++ b/src/AccessControl/tests/test_tainted.py
--- a/src/AccessControl/tests/test_userfolder.py
+++ b/src/AccessControl/tests/test_userfolder.py
--- a/src/AccessControl/tests/test_users.py
+++ b/src/AccessControl/tests/test_users.py
--- a/src/AccessControl/unauthorized.py
+++ b/src/AccessControl/unauthorized.py
--- a/src/AccessControl/userfolder.py
+++ b/src/AccessControl/userfolder.py
--- a/src/AccessControl/users.py
+++ b/src/AccessControl/users.py