Original implementation

CHANGES.txt

+=======
+CHANGES
+=======
+
+3.7.4 (2010-09-25)
+------------------
+
+- Added not declared, but needed test dependency on `zope.testing`.
+
+
+3.7.3 (2010-04-30)
+------------------
+
+- Prefer the standard libraries doctest module to the one from zope.testing.
+
+- Fixed directlyProvides IVocabularyFactory for PermissionIdsVocabulary in
+  Python code, even if it's unnecessary because IVocabularyFactory is provided
+  in zcml.
+
+- Removed the dependency on the zope.exceptions package: zope.security.checker
+  now imports ``DuplicationError`` from zope.exceptions if available, otherwise
+  it defines a package-specific ``DuplicationError`` class which inherits from
+  Exception.
+
+3.7.2 (2009-11-10)
+------------------
+
+- Added compatibility with Python 2.6 abstract base classes.
+
+3.7.1 (2009-08-13)
+------------------
+
+- Fix for LP bug 181833 (from Gustavo Niemeyer). Before "visiting" a
+  sub-object, a check should be made to ensure the object is still valid.
+  Because garbage collection may involve loops, if you garbage collect an
+  object, it is possible that the actions done on this object may modify the
+  state of other objects. This may cause another round of garbage collection,
+  eventually generating a segfault (see LP bug). The Py_VISIT macro does the
+  necessary checks, so it is used instead of the previous code.
+
+3.7.0 (2009-05-13)
+------------------
+
+- Made ``pytz`` a soft dependency:  the checker for ``pytz.UTC`` is
+  created / tested only if the package is already present.  Run
+  ``bin/test_pytz`` to run the tests with ``pytz`` on the path.
+
+3.6.3 (2009-03-23)
+------------------
+
+- Ensure that simple zope.schema's VocabularyRegistry is used for
+  PermissionVocabulary tests, because it's replaced implicitly in
+  environments with zope.app.schema installed that makes that tests
+  fail.
+
+- Fixed a bug in DecoratedSecurityCheckerDescriptor which made
+  security-wrapping location proxied exception instances throw
+  exceptions on Python 2.5.
+  See https://bugs.launchpad.net/zope3/+bug/251848
+
+3.6.2 (2009-03-14)
+------------------
+
+- Add zope.i18nmessageid.Message to non-proxied basic types. It's okay, because
+  messages are immutable. It was done by zope.app.security before.
+
+- Add "__name__" and "__parent__" attributes to list of available by default.
+  This was also done by zope.app.security package before.
+
+- Added PermissionsVocabulary and PermissionIdsVocabulary vocabularies
+  to the ``zope.security.permission`` module. They were moved from
+  the ``zope.app.security`` package.
+
+- Add zcml permission definitions for most common and useful permissions,
+  like "zope.View" and "zope.ManageContent", as well as for the special
+  "zope.Public" permission. They are placed in a separate "permissions.zcml"
+  file, so it can be easily excluded/redefined. They are selected part of
+  permissions moved from ``zope.app.security`` and used by many zope.*
+  packages.
+
+- Add `addCheckerPublic` helper function in ``zope.security.testing`` module
+  that registers the "zope.Public" permission as an IPermission utility.
+
+- Add security declarations for the ``zope.security.permisson.Permission`` class.
+
+- Improve test coverage.
+
+3.6.1 (2009-03-10)
+------------------
+
+- Use ``from`` imports instead of ``zope.deferred`` to avoid circular
+  import problems, thus drop dependency on ``zope.deferredimport``.
+
+- Raise NoInteraction when zope.security.checkPermission is called
+  without interaction being active (LP #301565).
+
+- Don't define security checkers for deprecated set types from the
+  "sets" module on Python 2.6. It's discouraged to use them and
+  `set` and `frozenset` built-in types should be used instead.
+
+- Change package's mailng list address to zope-dev at zope.org as
+  zope3-dev at zope.org is now retired.
+
+- Remove old zpkg-related files.
+
+3.6.0 (2009-01-31)
+------------------
+
+- Install decorated security checker support on LocationProxy from the
+  outside.
+
+- Added support to bootstrap on Jython.
+
+- Moved the `protectclass` module from `zope.app.security` to this
+  package to reduce the number of dependencies on `zope.app.security`.
+
+- Moved the <module> directive implementation from `zope.app.security`
+  to this package.
+
+- Moved the <class> directive implementation from `zope.app.component`
+  to this package.
+
+
+3.5.2 (2008-07-27)
+------------------
+
+- Made C code compatible with Python 2.5 on 64bit architectures.
+
+
+3.5.1 (2008-06-04)
+------------------
+
+- Add `frozenset`, `set`, `reversed`, and `sorted` to the list of safe
+  builtins.
+
+
+3.5.0 (2008-03-05)
+------------------
+
+- Changed title for ``zope.security.management.system_user`` to be more
+  presentable.
+
+
+3.4.0 (2007-10-02)
+------------------
+
+- Updated meta-data.
+
+
+3.4.0b5 (2007-08-15)
+--------------------
+
+- Bug: Fixed a circular import in the C implementation.
+
+
+3.4.0b4 (2007-08-14)
+--------------------
+
+- Bug: ``zope.security.management.system_user`` had an ugly/brittle id.
+
+
+3.4.0b3 (2007-08-14)
+--------------------
+
+- ``zope.security`` now works on Python 2.5
+
+- Bug: ``zope.security.management.system_user`` wasn't a valid principal
+  (didn't provide IPrincipal).
+
+- Bug: Fixed inclusion of doctest to use the doctest module from
+  ``zope.testing``. Now tests can be run multiple times without
+  breaking. (#98250)
+
+
+3.4.0b2 (2007-06-15)
+--------------------
+
+- Bug: Removed stack extraction in newInteraction. When using eggs this is an
+  extremly expensive function. The publisher is now more than 10 times faster
+  when using eggs and about twice as fast with a zope trunk checkout.
+
+
+3.4.0b1
+-------
+
+- Temporarily fixed the hidden (and accidental) dependency on zope.testing to
+  become optional.
+
+Note: The releases between 3.2.0 and 3.4.0b1 where not tracked as an
+individual package and have been documented in the Zope 3 changelog.
+
+
+3.2.0 (2006-01-05)
+------------------
+
+- Corresponds to the verison of the zope.security package shipped as part of
+  the Zope 3.2.0 release.
+
+- Removed deprecated helper functions, 'proxy.trustedRemoveSecurityProxy' and
+  'proxy.getProxiedObject'.
+
+- Made handling of 'management.{end,restore}Interaction' more careful w.r.t.
+  edge cases.
+
+- Made behavior of 'canWrite' consistent with 'canAccess':  if 'canAccess'
+  does not raise 'ForbiddenAttribute', then neither will 'canWrite'.  See:
+  http://www.zope.org/Collectors/Zope3-dev/506
+
+- Code style / documentation / test fixes.
+
+
+3.1.0 (2005-10-03)
+------------------
+
+- Added support for use of the new Python 2.4 datatypes, 'set' and
+  'frozenset', within checked code.
+
+- C security proxy acquired a dependency on the 'proxy.h' header from the
+  'zope.proxy' package.
+
+- XXX: the spelling of the '#include' is bizarre!  It seems to be related to
+  'zpkg'-based builds, and should likely be revisited.  For the moment, I have
+  linked in the 'zope.proxy' package into our own 'include' directory.  See
+  the subversion checkin: http://svn.zope.org/Zope3/?rev=37882&view=rev
+
+- Updated checker to avoid re-proxying objects which have and explicit
+  '__Security_checker__' assigned.
+
+- Corresponds to the verison of the zope.security package shipped as part of
+  the Zope 3.1.0 release.
+
+- Clarified contract of 'IChecker' to indicate that its 'check*' methods may
+  raise only 'Forbidden' or 'Unauthorized' exceptions.
+
+- Added interfaces, ('IPrincipal', 'IGroupAwarePrincipal', 'IGroup', and
+  'IPermission') specifying contracts of components in the security framework.
+
+- Code style / documentation / test fixes.
+
+
+3.0.0 (2004-11-07)
+------------------
+
+- Corresponds to the version of the zope.security package shipped as part of
+  the Zope X3.0.0 release.

README.txt

+The Security framework provides a generic mechanism to implement security
+policies on Python objects.

bootstrap.py

+##############################################################################
+#
+# Copyright (c) 2006 Zope Foundation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""Bootstrap a buildout-based project
+
+Simply run this script in a directory containing a buildout.cfg.
+The script accepts buildout command-line options, so you can
+use the -c option to specify an alternate configuration file.
+
+$Id: bootstrap.py 111760 2010-04-30 21:52:18Z hannosch $
+"""
+
+import os, shutil, sys, tempfile, urllib2
+from optparse import OptionParser
+
+tmpeggs = tempfile.mkdtemp()
+
+is_jython = sys.platform.startswith('java')
+
+# parsing arguments
+parser = OptionParser()
+parser.add_option("-v", "--version", dest="version",
+                          help="use a specific zc.buildout version")
+parser.add_option("-d", "--distribute",
+                   action="store_true", dest="distribute", default=False,
+                   help="Use Disribute rather than Setuptools.")
+
+parser.add_option("-c", None, action="store", dest="config_file",
+                   help=("Specify the path to the buildout configuration "
+                         "file to be used."))
+
+options, args = parser.parse_args()
+
+# if -c was provided, we push it back into args for buildout' main function
+if options.config_file is not None:
+    args += ['-c', options.config_file]
+
+if options.version is not None:
+    VERSION = '==%s' % options.version
+else:
+    VERSION = ''
+
+USE_DISTRIBUTE = options.distribute
+args = args + ['bootstrap']
+
+to_reload = False
+try:
+    import pkg_resources
+    if not hasattr(pkg_resources, '_distribute'):
+        to_reload = True
+        raise ImportError
+except ImportError:
+    ez = {}
+    if USE_DISTRIBUTE:
+        exec urllib2.urlopen('http://python-distribute.org/distribute_setup.py'
+                         ).read() in ez
+        ez['use_setuptools'](to_dir=tmpeggs, download_delay=0, no_fake=True)
+    else:
+        exec urllib2.urlopen('http://peak.telecommunity.com/dist/ez_setup.py'
+                             ).read() in ez
+        ez['use_setuptools'](to_dir=tmpeggs, download_delay=0)
+
+    if to_reload:
+        reload(pkg_resources)
+    else:
+        import pkg_resources
+
+if sys.platform == 'win32':
+    def quote(c):
+        if ' ' in c:
+            return '"%s"' % c # work around spawn lamosity on windows
+        else:
+            return c
+else:
+    def quote (c):
+        return c
+
+cmd = 'from setuptools.command.easy_install import main; main()'
+ws  = pkg_resources.working_set
+
+if USE_DISTRIBUTE:
+    requirement = 'distribute'
+else:
+    requirement = 'setuptools'
+
+if is_jython:
+    import subprocess
+
+    assert subprocess.Popen([sys.executable] + ['-c', quote(cmd), '-mqNxd',
+           quote(tmpeggs), 'zc.buildout' + VERSION],
+           env=dict(os.environ,
+               PYTHONPATH=
+               ws.find(pkg_resources.Requirement.parse(requirement)).location
+               ),
+           ).wait() == 0
+
+else:
+    assert os.spawnle(
+        os.P_WAIT, sys.executable, quote (sys.executable),
+        '-c', quote (cmd), '-mqNxd', quote (tmpeggs), 'zc.buildout' + VERSION,
+        dict(os.environ,
+            PYTHONPATH=
+            ws.find(pkg_resources.Requirement.parse(requirement)).location
+            ),
+        ) == 0
+
+ws.add_entry(tmpeggs)
+ws.require('zc.buildout' + VERSION)
+import zc.buildout.buildout
+zc.buildout.buildout.main(args)
+shutil.rmtree(tmpeggs)

buildout.cfg

+[buildout]
+develop = .
+parts = test test_pytz python coverage-test coverage-report
+
+[test]
+recipe = zc.recipe.testrunner
+eggs = zope.security [test]
+
+[test_pytz]
+recipe = zc.recipe.testrunner
+eggs = zope.security [test,pytz]
+
+[python]
+recipe = zc.recipe.egg
+eggs = zope.security [untrustedpython]
+interpreter = python
+
+[coverage-test]
+recipe = zc.recipe.testrunner
+eggs = zope.security [test]
+defaults = ['--coverage', '../../coverage']
+
+[coverage-report]
+recipe = zc.recipe.egg
+eggs = z3c.coverage
+scripts = coverage=coverage-report
+arguments = ('coverage', 'coverage/report')

include/zope.proxy/__init__.py

+##############################################################################
+#
+# Copyright (c) 2003 Zope Foundation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""More convenience functions for dealing with proxies.
+"""
+from zope.interface import moduleProvides
+from zope.proxy.interfaces import IProxyIntrospection
+from zope.proxy._zope_proxy_proxy import *
+from zope.proxy._zope_proxy_proxy import _CAPI
+
+moduleProvides(IProxyIntrospection)
+__all__ = tuple(IProxyIntrospection)
+
+def ProxyIterator(p):
+    yield p
+    while isProxy(p):
+        p = getProxiedObject(p)
+        yield p
+
+def non_overridable(func):
+    return property(lambda self: func.__get__(self))

include/zope.proxy/decorator.py

+##############################################################################
+#
+# Copyright (c) 2003 Zope Foundation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""Decorator support
+
+Decorators are proxies that are mostly transparent but that may provide
+additional features.
+"""
+__docformat__ = "reStructuredText"
+
+from zope.proxy import getProxiedObject, ProxyBase
+from zope.interface.declarations import ObjectSpecificationDescriptor
+from zope.interface.declarations import getObjectSpecification
+from zope.interface.declarations import ObjectSpecification
+from zope.interface import providedBy
+
+class DecoratorSpecificationDescriptor(ObjectSpecificationDescriptor):
+    """Support for interface declarations on decorators
+
+    >>> from zope.interface import *
+    >>> class I1(Interface):
+    ...     pass
+    >>> class I2(Interface):
+    ...     pass
+    >>> class I3(Interface):
+    ...     pass
+    >>> class I4(Interface):
+    ...     pass
+
+    >>> class D1(SpecificationDecoratorBase):
+    ...   implements(I1)
+
+
+    >>> class D2(SpecificationDecoratorBase):
+    ...   implements(I2)
+
+    >>> class X(object):
+    ...   implements(I3)
+
+    >>> x = X()
+    >>> directlyProvides(x, I4)
+
+    Interfaces of X are ordered with the directly-provided interfaces first
+
+    >>> [interface.getName() for interface in list(providedBy(x))]
+    ['I4', 'I3']
+
+    When we decorate objects, what order should the interfaces come
+    in?  One could argue that decorators are less specific, so they
+    should come last.
+
+    >>> [interface.getName() for interface in list(providedBy(D1(x)))]
+    ['I4', 'I3', 'I1']
+
+    >>> [interface.getName() for interface in list(providedBy(D2(D1(x))))]
+    ['I4', 'I3', 'I1', 'I2']
+
+    SpecificationDecorators also work with old-style classes:
+
+    >>> class X:
+    ...   implements(I3)
+
+    >>> x = X()
+    >>> directlyProvides(x, I4)
+
+    >>> [interface.getName() for interface in list(providedBy(x))]
+    ['I4', 'I3']
+
+    >>> [interface.getName() for interface in list(providedBy(D1(x)))]
+    ['I4', 'I3', 'I1']
+
+    >>> [interface.getName() for interface in list(providedBy(D2(D1(x))))]
+    ['I4', 'I3', 'I1', 'I2']
+    """
+    def __get__(self, inst, cls=None):
+        if inst is None:
+            return getObjectSpecification(cls)
+        else:
+            provided = providedBy(getProxiedObject(inst))
+
+            # Use type rather than __class__ because inst is a proxy and
+            # will return the proxied object's class.
+            cls = type(inst)
+            return ObjectSpecification(provided, cls)
+
+    def __set__(self, inst, value):
+        raise TypeError("Can't set __providedBy__ on a decorated object")
+
+
+class SpecificationDecoratorBase(ProxyBase):
+    """Base class for a proxy that provides additional interfaces."""
+
+    __providedBy__ = DecoratorSpecificationDescriptor()
+

include/zope.proxy/interfaces.py

+##############################################################################
+#
+# Copyright (c) 2001, 2002 Zope Foundation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE
+#
+##############################################################################
+"""Proxy-related interfaces.
+"""
+
+from zope.interface import Interface
+
+class IProxyIntrospection(Interface):
+    """Provides methods for indentifying proxies and extracting proxied objects
+    """
+
+    def isProxy(obj, proxytype=None):
+        """Check whether the given object is a proxy
+
+        If proxytype is not None, checkes whether the object is
+        proxied by the given proxytype.
+        """
+
+    def sameProxiedObjects(ob1, ob2):
+        """Check whether ob1 and ob2 are the same or proxies of the same object
+        """
+
+    def getProxiedObject(obj):
+        """Get the proxied Object
+
+        If the object isn't proxied, then just return the object.
+        """
+
+    def setProxiedObject(ob1, ob2):
+        """Set the underlying object for ob1 to ob2, returning the old object.
+
+        Raises TypeError if ob1 is not a proxy.
+        """
+
+    def removeAllProxies(obj):
+        """Get the proxied object with no proxies
+
+        If obj is not a proxied object, return obj.
+
+        The returned object has no proxies.
+        """
+
+    def queryProxy(obj, proxytype, default=None):
+        """Look for a proxy of the given type around the object
+
+        If no such proxy can be found, return the default.
+        """
+
+    def queryInnerProxy(obj, proxytype, default=None):
+        """Look for the inner-most proxy of the given type around the object
+
+        If no such proxy can be found, return the default.
+
+        If there is such a proxy, return the inner-most one.
+        """

include/zope.proxy/proxy.h

+#ifndef _proxy_H_
+#define _proxy_H_ 1
+
+#if PY_VERSION_HEX < 0x02050000 && !defined(PY_SSIZE_T_MIN)
+typedef int Py_ssize_t;
+#define PY_SSIZE_T_MAX INT_MAX
+#define PY_SSIZE_T_MIN INT_MIN
+typedef Py_ssize_t (*lenfunc)(PyObject *);
+typedef PyObject *(*ssizeargfunc)(PyObject *, Py_ssize_t);
+typedef PyObject *(*ssizessizeargfunc)(PyObject *, Py_ssize_t, Py_ssize_t);
+typedef int(*ssizeobjargproc)(PyObject *, Py_ssize_t, PyObject *);
+typedef int(*ssizessizeobjargproc)(PyObject *, Py_ssize_t, Py_ssize_t, PyObject *);
+#endif
+
+typedef struct {
+    PyObject_HEAD
+    PyObject *proxy_object;
+} ProxyObject;
+
+#define Proxy_GET_OBJECT(ob)   (((ProxyObject *)(ob))->proxy_object)
+
+typedef struct {
+    PyTypeObject *proxytype;
+    int (*check)(PyObject *obj);
+    PyObject *(*create)(PyObject *obj);
+    PyObject *(*getobject)(PyObject *proxy);
+} ProxyInterface;
+
+
+#ifndef PROXY_MODULE
+
+/* These are only defined in the public interface, and are not
+ * available within the module implementation.  There we use the
+ * classic Python/C API only.
+ */
+
+static ProxyInterface *_proxy_api = NULL;
+
+static int
+Proxy_Import(void)
+{
+    if (_proxy_api == NULL) {
+        PyObject *m = PyImport_ImportModule("zope.proxy");
+        if (m != NULL) {
+            PyObject *tmp = PyObject_GetAttrString(m, "_CAPI");
+            if (tmp != NULL) {
+                if (PyCObject_Check(tmp))
+                    _proxy_api = (ProxyInterface *)
+                        PyCObject_AsVoidPtr(tmp);
+                Py_DECREF(tmp);
+            }
+        }
+    }
+    return (_proxy_api == NULL) ? -1 : 0;
+}
+
+#define ProxyType               (*_proxy_api->proxytype)
+#define Proxy_Check(obj)        (_proxy_api->check((obj)))
+#define Proxy_CheckExact(obj)   ((obj)->ob_type == ProxyType)
+#define Proxy_New(obj)          (_proxy_api->create((obj)))
+#define Proxy_GetObject(proxy)  (_proxy_api->getobject((proxy)))
+
+#endif /* PROXY_MODULE */
+
+#endif /* _proxy_H_ */

include/zope.proxy/tests/__init__.py

+#
+# This file is necessary to make this directory a package.

include/zope.proxy/tests/test_decorator.py

+##############################################################################
+#
+# Copyright (c) 2003 Zope Foundation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""Test Harness
+"""
+from doctest import DocTestSuite
+
+
+def test_suite():
+    suite = DocTestSuite()
+    suite.addTest(DocTestSuite('zope.proxy.decorator'))
+    return suite

setup.cfg

+[egg_info]
+tag_build = 
+tag_date = 0
+tag_svn_revision = 0
+

setup.py

+##############################################################################
+#
+# Copyright (c) 2006 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+# This package is developed by the Zope Toolkit project, documented here:
+# http://docs.zope.org/zopetoolkit
+# When developing and releasing this package, please follow the documented
+# Zope Toolkit policies as described by this documentation.
+##############################################################################
+"""Setup for zope.security package
+
+$Id: setup.py 116839 2010-09-25 11:20:03Z icemac $
+"""
+import os
+from setuptools import setup, find_packages, Extension
+
+def read(*rnames):
+    return open(os.path.join(os.path.dirname(__file__), *rnames)).read()
+
+setup(name='zope.security',
+      version='3.7.4',
+      author='Zope Corporation and Contributors',
+      author_email='zope-dev@zope.org',
+      description='Zope Security Framework',
+      long_description=(
+          read('README.txt')
+          + '\n.. contents::\n\n' +
+          read('src', 'zope', 'security', 'README.txt')
+          + '\n\n' +
+          read('src', 'zope', 'security', 'untrustedinterpreter.txt')
+          + '\n\n' +
+          read('CHANGES.txt')
+          ),
+      keywords = "zope security policy principal permission",
+      classifiers = [
+          'Development Status :: 5 - Production/Stable',
+          'Environment :: Web Environment',
+          'Intended Audience :: Developers',
+          'License :: OSI Approved :: Zope Public License',
+          'Programming Language :: Python',
+          'Natural Language :: English',
+          'Operating System :: OS Independent',
+          'Topic :: Internet :: WWW/HTTP',
+          'Framework :: Zope3'],
+      url='http://pypi.python.org/pypi/zope.security',
+      license='ZPL 2.1',
+      packages=find_packages('src'),
+      package_dir = {'': 'src'},
+      namespace_packages=['zope'],
+      ext_modules=[Extension("zope.security._proxy",
+                             [os.path.join('src', 'zope', 'security',
+                                           "_proxy.c")
+                              ], include_dirs=['include']),
+                   Extension("zope.security._zope_security_checker",
+                             [os.path.join('src', 'zope', 'security',
+                                           "_zope_security_checker.c")
+                              ]),
+                   ],
+      install_requires=['setuptools',
+                        'zope.component',
+                        'zope.configuration',
+                        'zope.i18nmessageid',
+                        'zope.interface',
+                        'zope.location',
+                        'zope.proxy >= 3.4.2',
+                        'zope.schema',
+                        ],
+      extras_require = dict(
+          untrustedpython=["RestrictedPython"],
+          test=[
+              "RestrictedPython",
+              "zope.testing",
+              ],
+          pytz=["pytz"],
+          ),
+      include_package_data = True,
+      zip_safe = False,
+      )

src/zope.security.egg-info/SOURCES.txt

+CHANGES.txt
+README.txt
+bootstrap.py
+buildout.cfg
+setup.py
+include/zope.proxy/__init__.py
+include/zope.proxy/_zope_proxy_proxy.c
+include/zope.proxy/decorator.py
+include/zope.proxy/interfaces.py
+include/zope.proxy/proxy.h
+include/zope.proxy/tests/__init__.py
+include/zope.proxy/tests/test_decorator.py
+include/zope.proxy/tests/test_proxy.py
+src/zope/__init__.py
+src/zope.security.egg-info/PKG-INFO
+src/zope.security.egg-info/SOURCES.txt
+src/zope.security.egg-info/dependency_links.txt
+src/zope.security.egg-info/namespace_packages.txt
+src/zope.security.egg-info/not-zip-safe
+src/zope.security.egg-info/requires.txt
+src/zope.security.egg-info/top_level.txt
+src/zope/security/README.txt
+src/zope/security/__init__.py
+src/zope/security/_definitions.py
+src/zope/security/_proxy.c
+src/zope/security/_zope_security_checker.c
+src/zope/security/adapter.py
+src/zope/security/checker.py
+src/zope/security/configure.zcml
+src/zope/security/decorator.py
+src/zope/security/i18n.py
+src/zope/security/interfaces.py
+src/zope/security/management.py
+src/zope/security/meta.zcml
+src/zope/security/metaconfigure.py
+src/zope/security/metadirectives.py
+src/zope/security/permission.py
+src/zope/security/permissions.zcml
+src/zope/security/protectclass.py
+src/zope/security/proxy.py
+src/zope/security/setup.py
+src/zope/security/simplepolicies.py
+src/zope/security/testing.py
+src/zope/security/untrustedinterpreter.txt
+src/zope/security/zcml.py
+src/zope/security/examples/sandbox.py
+src/zope/security/examples/sandbox_security.py
+src/zope/security/tests/__init__.py
+src/zope/security/tests/adapter.py
+src/zope/security/tests/components.py
+src/zope/security/tests/emptymodule.py
+src/zope/security/tests/exampleclass.py
+src/zope/security/tests/module.py
+src/zope/security/tests/modulehookup.py
+src/zope/security/tests/redefineperms.zcml
+src/zope/security/tests/test_adapter.py
+src/zope/security/tests/test_checker.py
+src/zope/security/tests/test_contentdirective.py
+src/zope/security/tests/test_decorator.py
+src/zope/security/tests/test_directives.py
+src/zope/security/tests/test_location.py
+src/zope/security/tests/test_management.py
+src/zope/security/tests/test_module_directives.py
+src/zope/security/tests/test_permission.py
+src/zope/security/tests/test_protectclass.py
+src/zope/security/tests/test_protectsubclass.py
+src/zope/security/tests/test_proxy.py
+src/zope/security/tests/test_set_checkers.py
+src/zope/security/tests/test_simpleinteraction.py
+src/zope/security/tests/test_standard_checkers.py
+src/zope/security/untrustedpython/__init__.py
+src/zope/security/untrustedpython/builtins.py
+src/zope/security/untrustedpython/builtins.txt
+src/zope/security/untrustedpython/interpreter.py
+src/zope/security/untrustedpython/interpreter.txt
+src/zope/security/untrustedpython/rcompile.py
+src/zope/security/untrustedpython/rcompile.txt
+src/zope/security/untrustedpython/tests.py
\ No newline at end of file

src/zope.security.egg-info/dependency_links.txt

+

src/zope.security.egg-info/namespace_packages.txt

+zope

src/zope.security.egg-info/not-zip-safe

+

src/zope.security.egg-info/requires.txt

+setuptools
+zope.component
+zope.configuration
+zope.i18nmessageid
+zope.interface
+zope.location
+zope.proxy >= 3.4.2
+zope.schema
+
+[test]
+RestrictedPython
+zope.testing
+
+[pytz]
+pytz
+
+[untrustedpython]
+RestrictedPython
\ No newline at end of file

src/zope.security.egg-info/top_level.txt

+zope

src/zope/__init__.py

+__import__('pkg_resources').declare_namespace(__name__)

src/zope/security/__init__.py

+##############################################################################
+#
+# Copyright (c) 2004 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.0 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""Base security system
+
+$Id: __init__.py 97708 2009-03-09 16:10:49Z nadako $
+
+"""
+from zope.security.management import checkPermission
+from zope.security.checker import canWrite, canAccess

src/zope/security/_definitions.py

+##############################################################################
+#
+# Copyright (c) 2005 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""Common definitions to avoid circular imports
+"""
+import threading
+import zope.interface
+from zope.security import interfaces
+
+thread_local = threading.local()
+
+class system_user(object):
+    zope.interface.classProvides(interfaces.IPrincipal)
+    id = u'zope.security.management.system_user'
+    title = u'System'
+    description = u''

src/zope/security/adapter.py

+##############################################################################
+#
+# Copyright (c) 2004 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""Support for taking security into account in adaptation
+
+$Id: adapter.py 73624 2007-03-26 12:50:23Z dobe $
+"""
+
+from zope.security.checker import ProxyFactory
+from zope.security.proxy import removeSecurityProxy
+from zope.location import ILocation, LocationProxy
+
+def assertLocation(adapter, parent):
+    """Assert locatable adapters.
+
+    This function asserts that the adapter get location-proxied if
+    it doesn't provide ILocation itself. Further more the returned
+    locatable adapter get its parent set if its __parent__ attribute
+    is currently None.
+
+    see adapter.txt
+    """
+    # handle none-locatable adapters (A)
+    if not ILocation.providedBy(adapter):
+        locatable = LocationProxy(adapter)
+        locatable.__parent__ = parent
+        return locatable
+
+    # handle locatable, parentless adapters (B)
+    if adapter.__parent__ is None:
+        adapter.__parent__ = parent
+        return adapter
+
+    # handle locatable, parentful adapters (C)
+    else:
+        return adapter
+
+
+class LocatingTrustedAdapterFactory(object):
+    """Adapt an adapter factory to provide trusted and (locatable) adapters.
+
+    Trusted adapters always adapt unproxied objects. If asked to
+    adapt any proxied objects, it will unproxy them and then
+    security-proxy the resulting adapter (S) unless the objects where not
+    security-proxied before (N).
+
+    Further locating trusted adapters provide a location for protected
+    adapters only (S). If such a protected adapter itself does not provide
+    ILocation it is wrapped within a location proxy and it parent will
+    be set. If the adapter does provide ILocation and it's __parent__ is None,
+    we set the __parent__ to the adapter's context:
+
+    see adapter.txt
+    """
+    def __init__(self, factory):
+        self.factory = factory
+        self.__name__ = factory.__name__
+        self.__module__ = factory.__module__
+
+    # protected methods
+    def _customizeProtected(self, adapter, context):
+        return assertLocation(adapter, context)
+
+    def _customizeUnprotected(self, adapter, context):
+        if (ILocation.providedBy(adapter)
+            and adapter.__parent__ is None):
+                    adapter.__parent__ = context
+        return adapter
+
+    def __call__(self, *args):
+        for arg in args:
+            if removeSecurityProxy(arg) is not arg:
+                args = map(removeSecurityProxy, args)
+                adapter = self.factory(*args)
+                adapter = self._customizeProtected(adapter, args[0])
+                return ProxyFactory(adapter)
+
+        adapter = self.factory(*args)
+        adapter = self._customizeUnprotected(adapter, args[0])
+        return adapter
+
+
+# BBB, entire class gone in 3.2
+class TrustedAdapterFactory(LocatingTrustedAdapterFactory):
+    """Adapt an adapter factory to provide trusted adapters.
+
+    Trusted adapters always adapt unproxied objects. If asked to
+    adapt any proxied objects, it will unproxy them and then
+    security-proxy the resulting adapter unless the objects where not
+    security-proxied before.
+
+    If the adapter does provide ILocation and it's __parent__ is None,
+    we set the __parent__ to the adapter's context.
+    """
+
+    # do not location-proxy the adapter
+    def _customizeProtected(self, adapter, context):
+        return self._customizeUnprotected(adapter, context)
+
+
+class LocatingUntrustedAdapterFactory(object):
+    """Adapt an adapter factory to provide locatable untrusted adapters
+
+    Untrusted adapters always adapt proxied objects. If any permission
+    other than zope.Public is required, untrusted adapters need a location
+    in order that the local authentication mechanism can be inovked
+    correctly.
+
+    If the adapter does not provide ILocation, we location proxy it and
+    set the parent. If the adapter does provide ILocation and
+    it's __parent__ is None, we set the __parent__ to the adapter's
+    context only:
+
+    see adapter.txt
+    """
+
+    def __init__(self, factory):
+        self.factory = factory
+        self.__name__ = factory.__name__
+        self.__module__ = factory.__module__
+
+    def __call__(self, *args):
+        adapter = self.factory(*args)
+        return assertLocation(adapter, args[0])

src/zope/security/configure.zcml

+<configure xmlns="http://namespaces.zope.org/zope">
+
+  <utility
+      component=".permission.PermissionsVocabulary"
+      provides="zope.schema.interfaces.IVocabularyFactory"
+      name="Permissions"
+      />
+
+  <utility
+      component=".permission.PermissionIdsVocabulary"
+      provides="zope.schema.interfaces.IVocabularyFactory"
+      name="Permission Ids"
+      />
+
+  <class class=".permission.Permission">
+    <allow interface=".interfaces.IPermission" />
+  </class>
+
+  <include file="permissions.zcml" />
+
+</configure>

src/zope/security/i18n.py

+##############################################################################
+#
+# Copyright (c) 2003 Zope Corporation and Contributors.
+# All Rights Reserved.
+#
+# This software is subject to the provisions of the Zope Public License,
+# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
+# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
+# FOR A PARTICULAR PURPOSE.
+#
+##############################################################################
+"""Customization of zope.i18n for the Zope application server
+
+$Id: i18n.py 95326 2009-01-28 15:11:49Z brandon_rhodes $
+"""
+__docformat__ = 'restructuredtext'
+
+# import this as _ to create i18n messages in the zope domain
+from zope.i18nmessageid import MessageFactory
+ZopeMessageFactory = MessageFactory('zope')

src/zope/security/tests/__init__.py

+#
+# This file is necessary to make this directory a package.

src/zope/security/untrustedpython/__init__.py

+#