Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Z
Zope
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Kirill Smelkov
Zope
Commits
4257dbfe
Commit
4257dbfe
authored
Jun 19, 2010
by
Hanno Schlichting
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Deal with circular import problems and do some real deprecation
parent
d561f077
Changes
18
Hide whitespace changes
Inline
Side-by-side
Showing
18 changed files
with
553 additions
and
563 deletions
+553
-563
src/AccessControl/AccessControl.txt
src/AccessControl/AccessControl.txt
+1
-33
src/AccessControl/Role.py
src/AccessControl/Role.py
+19
-505
src/AccessControl/User.py
src/AccessControl/User.py
+12
-10
src/AccessControl/rolemanager.py
src/AccessControl/rolemanager.py
+506
-0
src/AccessControl/tests/testRole.py
src/AccessControl/tests/testRole.py
+1
-1
src/App/Permission.py
src/App/Permission.py
+1
-1
src/OFS/DTMLMethod.py
src/OFS/DTMLMethod.py
+1
-1
src/OFS/Folder.py
src/OFS/Folder.py
+1
-1
src/OFS/Image.py
src/OFS/Image.py
+1
-1
src/OFS/SimpleItem.py
src/OFS/SimpleItem.py
+1
-1
src/OFS/role.py
src/OFS/role.py
+2
-2
src/Products/ExternalMethod/ExternalMethod.py
src/Products/ExternalMethod/ExternalMethod.py
+1
-1
src/Products/MailHost/MailHost.py
src/Products/MailHost/MailHost.py
+1
-1
src/Products/Sessions/BrowserIdManager.py
src/Products/Sessions/BrowserIdManager.py
+1
-1
src/Products/Sessions/SessionDataManager.py
src/Products/Sessions/SessionDataManager.py
+1
-1
src/Shared/DC/ZRDB/Aqueduct.py
src/Shared/DC/ZRDB/Aqueduct.py
+1
-1
src/Shared/DC/ZRDB/Connection.py
src/Shared/DC/ZRDB/Connection.py
+1
-1
src/Shared/DC/ZRDB/DA.py
src/Shared/DC/ZRDB/DA.py
+1
-1
No files found.
src/AccessControl/AccessControl.txt
View file @
4257dbfe
...
@@ -165,10 +165,8 @@ Mail Host
...
@@ -165,10 +165,8 @@ Mail Host
o Change configuration
o Change configuration
To support the architecture, developers must derive an
To support the architecture, developers must derive an
object from the AccessControl.RoleManager mixin class,
object from the AccessControl.
rolemanager.Base
RoleManager mixin class,
and define in their class an __ac_permissions__ attribute.
and define in their class an __ac_permissions__ attribute.
This should be a tuple of tuples, where each tuple represents
This should be a tuple of tuples, where each tuple represents
...
@@ -191,8 +189,6 @@ Example:
...
@@ -191,8 +189,6 @@ Example:
('Delete properties', ['manage_delProperties']),
('Delete properties', ['manage_delProperties']),
('Default permission', ['']),
('Default permission', ['']),
)
)
The developer may also predefine useful types of access, by
The developer may also predefine useful types of access, by
specifying an __ac_types__ attribute. This should be a tuple of
specifying an __ac_types__ attribute. This should be a tuple of
...
@@ -214,8 +210,6 @@ Example:
...
@@ -214,8 +210,6 @@ Example:
)
)
Developers may also provide pre-defined role names that are
Developers may also provide pre-defined role names that are
not deletable via the interface by specifying an __ac_roles__
not deletable via the interface by specifying an __ac_roles__
attribute. This is probably not something we'll ever use under
attribute. This is probably not something we'll ever use under
...
@@ -224,29 +218,3 @@ the new architecture, but it's there if you need it.
...
@@ -224,29 +218,3 @@ the new architecture, but it's there if you need it.
Example:
Example:
__ac_roles__=('Manager', 'Anonymous')
__ac_roles__=('Manager', 'Anonymous')
src/AccessControl/Role.py
View file @
4257dbfe
...
@@ -12,509 +12,23 @@
...
@@ -12,509 +12,23 @@
##############################################################################
##############################################################################
"""Access control support
"""Access control support
"""
"""
from
cgi
import
escape
from
Acquisition
import
Acquired
# BBB
from
Acquisition
import
aq_base
from
.rolemanager
import
DEFAULTMAXLISTUSERS
from
Acquisition
import
aq_get
from
.rolemanager
import
_isBeingUsedAsAMethod
from
ExtensionClass
import
Base
from
.rolemanager
import
_isNotBeingUsedAsAMethod
from
zope.interface
import
implements
from
.rolemanager
import
BaseRoleManager
from
.rolemanager
import
reqattr
from
AccessControl
import
ClassSecurityInfo
from
.rolemanager
import
classattr
from
AccessControl.class_init
import
InitializeClass
from
.rolemanager
import
instance_dict
from
AccessControl.interfaces
import
IRoleManager
from
.rolemanager
import
class_dict
from
AccessControl.Permission
import
getPermissions
from
.rolemanager
import
instance_attrs
from
AccessControl.Permission
import
Permission
from
.rolemanager
import
class_attrs
from
AccessControl.PermissionMapping
import
RoleManager
from
.rolemanager
import
gather_permissions
from
AccessControl.Permissions
import
change_permissions
from
AccessControl.SecurityManagement
import
newSecurityManager
from
zope.deferredimport
import
deprecated
deprecated
(
"RoleManager is no longer part of AccessControl, please "
DEFAULTMAXLISTUSERS
=
250
"depend on Zope2 and import from OFS.role or use the "
"BaseRoleManager class from AccessControl.rolemanager."
,
RoleManager
=
'OFS.role:RoleManager'
,
def
_isBeingUsedAsAMethod
(
self
):
)
return
aq_get
(
self
,
'_isBeingUsedAsAMethod_'
,
0
)
def
_isNotBeingUsedAsAMethod
(
self
):
return
not
aq_get
(
self
,
'_isBeingUsedAsAMethod_'
,
0
)
class
BaseRoleManager
(
Base
,
RoleManager
):
"""An object that has configurable permissions"""
implements
(
IRoleManager
)
permissionMappingPossibleValues
=
Acquired
security
=
ClassSecurityInfo
()
__ac_roles__
=
(
'Manager'
,
'Owner'
,
'Anonymous'
,
'Authenticated'
)
__ac_local_roles__
=
None
security
.
declareProtected
(
change_permissions
,
'ac_inherited_permissions'
)
def
ac_inherited_permissions
(
self
,
all
=
0
):
# Get all permissions not defined in ourself that are inherited
# This will be a sequence of tuples with a name as the first item and
# an empty tuple as the second.
d
=
{}
perms
=
self
.
__ac_permissions__
for
p
in
perms
:
d
[
p
[
0
]]
=
None
r
=
gather_permissions
(
self
.
__class__
,
[],
d
)
if
all
:
if
hasattr
(
self
,
'_subobject_permissions'
):
for
p
in
self
.
_subobject_permissions
():
pname
=
p
[
0
]
if
not
pname
in
d
:
d
[
pname
]
=
1
r
.
append
(
p
)
r
=
list
(
perms
)
+
r
r
.
sort
()
return
tuple
(
r
)
security
.
declareProtected
(
change_permissions
,
'permission_settings'
)
def
permission_settings
(
self
,
permission
=
None
):
"""Return user-role permission settings.
If 'permission' is passed to the method then only the settings for
'permission' is returned.
"""
result
=
[]
valid
=
self
.
valid_roles
()
indexes
=
range
(
len
(
valid
))
ip
=
0
permissions
=
self
.
ac_inherited_permissions
(
1
)
# Filter permissions
if
permission
:
permissions
=
[
p
for
p
in
permissions
if
p
[
0
]
==
permission
]
for
p
in
permissions
:
name
,
value
=
p
[:
2
]
p
=
Permission
(
name
,
value
,
self
)
roles
=
p
.
getRoles
(
default
=
[])
d
=
{
'name'
:
name
,
'acquire'
:
isinstance
(
roles
,
list
)
and
'CHECKED'
or
''
,
'roles'
:
map
(
lambda
ir
,
roles
=
roles
,
valid
=
valid
,
ip
=
ip
:
{
'name'
:
"p%dr%d"
%
(
ip
,
ir
),
'checked'
:
(
valid
[
ir
]
in
roles
)
and
'CHECKED'
or
''
,
},
indexes
)
}
ip
=
ip
+
1
result
.
append
(
d
)
return
result
security
.
declareProtected
(
change_permissions
,
'manage_role'
)
def
manage_role
(
self
,
role_to_manage
,
permissions
=
[]):
"""Change the permissions given to the given role.
"""
for
p
in
self
.
ac_inherited_permissions
(
1
):
name
,
value
=
p
[:
2
]
p
=
Permission
(
name
,
value
,
self
)
p
.
setRole
(
role_to_manage
,
name
in
permissions
)
security
.
declareProtected
(
change_permissions
,
'manage_acquiredPermissions'
)
def
manage_acquiredPermissions
(
self
,
permissions
=
[]):
"""Change the permissions that acquire.
"""
for
p
in
self
.
ac_inherited_permissions
(
1
):
name
,
value
=
p
[:
2
]
p
=
Permission
(
name
,
value
,
self
)
roles
=
p
.
getRoles
()
if
roles
is
None
:
continue
if
name
in
permissions
:
p
.
setRoles
(
list
(
roles
))
else
:
p
.
setRoles
(
tuple
(
roles
))
def
manage_getUserRolesAndPermissions
(
self
,
user_id
):
""" Used for permission/role reporting for a given user_id.
Returns a dict mapping
'user_defined_in' -> path where the user account is defined
'roles' -> global roles,
'roles_in_context' -> roles in context of the current object,
'allowed_permissions' -> permissions allowed for the user,
'disallowed_permissions' -> all other permissions
"""
d
=
{}
current
=
self
while
1
:
try
:
uf
=
current
.
acl_users
except
AttributeError
:
raise
ValueError
(
'User %s could not be found'
%
user_id
)
userObj
=
uf
.
getUser
(
user_id
)
if
userObj
:
break
else
:
current
=
current
.
__parent__
newSecurityManager
(
None
,
userObj
)
# necessary?
userObj
=
userObj
.
__of__
(
uf
)
d
=
{
'user_defined_in'
:
'/'
+
uf
.
absolute_url
(
1
)}
# roles
roles
=
list
(
userObj
.
getRoles
())
roles
.
sort
()
d
[
'roles'
]
=
roles
# roles in context
roles
=
list
(
userObj
.
getRolesInContext
(
self
))
roles
.
sort
()
d
[
'roles_in_context'
]
=
roles
# permissions
allowed
=
[]
disallowed
=
[]
permMap
=
self
.
manage_getPermissionMapping
()
for
item
in
permMap
:
p
=
item
[
'permission_name'
]
if
userObj
.
has_permission
(
p
,
self
):
allowed
.
append
(
p
)
else
:
disallowed
.
append
(
p
)
d
[
'allowed_permissions'
]
=
allowed
d
[
'disallowed_permissions'
]
=
disallowed
return
d
security
.
declareProtected
(
change_permissions
,
'manage_permission'
)
def
manage_permission
(
self
,
permission_to_manage
,
roles
=
[],
acquire
=
0
):
"""Change the settings for the given permission.
If optional arg acquire is true, then the roles for the permission
are acquired, in addition to the ones specified, otherwise the
permissions are restricted to only the designated roles.
"""
for
p
in
self
.
ac_inherited_permissions
(
1
):
name
,
value
=
p
[:
2
]
if
name
==
permission_to_manage
:
p
=
Permission
(
name
,
value
,
self
)
if
acquire
:
roles
=
list
(
roles
)
else
:
roles
=
tuple
(
roles
)
p
.
setRoles
(
roles
)
return
raise
ValueError
(
"The permission <em>%s</em> is invalid."
%
escape
(
permission_to_manage
))
security
.
declareProtected
(
change_permissions
,
'permissionsOfRole'
)
def
permissionsOfRole
(
self
,
role
):
"""Returns a role to permission mapping.
"""
r
=
[]
for
p
in
self
.
ac_inherited_permissions
(
1
):
name
,
value
=
p
[:
2
]
p
=
Permission
(
name
,
value
,
self
)
roles
=
p
.
getRoles
()
r
.
append
({
'name'
:
name
,
'selected'
:
role
in
roles
and
'SELECTED'
or
''
,
})
return
r
security
.
declareProtected
(
change_permissions
,
'rolesOfPermission'
)
def
rolesOfPermission
(
self
,
permission
):
"""Returns a permission to role mapping.
"""
valid_roles
=
self
.
valid_roles
()
for
p
in
self
.
ac_inherited_permissions
(
1
):
name
,
value
=
p
[:
2
]
if
name
==
permission
:
p
=
Permission
(
name
,
value
,
self
)
roles
=
p
.
getRoles
()
return
map
(
lambda
role
,
roles
=
roles
:
{
'name'
:
role
,
'selected'
:
role
in
roles
and
'SELECTED'
or
''
,
},
valid_roles
)
raise
ValueError
(
"The permission <em>%s</em> is invalid."
%
escape
(
permission
))
security
.
declareProtected
(
change_permissions
,
'acquiredRolesAreUsedBy'
)
def
acquiredRolesAreUsedBy
(
self
,
permission
):
"""
"""
for
p
in
self
.
ac_inherited_permissions
(
1
):
name
,
value
=
p
[:
2
]
if
name
==
permission
:
p
=
Permission
(
name
,
value
,
self
)
roles
=
p
.
getRoles
()
return
isinstance
(
roles
,
list
)
and
'CHECKED'
or
''
raise
ValueError
(
"The permission <em>%s</em> is invalid."
%
escape
(
permission
))
# Local roles support
# -------------------
#
# Local roles allow a user to be given extra roles in the context
# of a particular object (and its children). When a user is given
# extra roles in a particular object, an entry for that user is made
# in the __ac_local_roles__ dict containing the extra roles.
def
has_local_roles
(
self
):
dict
=
self
.
__ac_local_roles__
or
{}
return
len
(
dict
)
def
get_local_roles
(
self
):
dict
=
self
.
__ac_local_roles__
or
{}
keys
=
dict
.
keys
()
keys
.
sort
()
info
=
[]
for
key
in
keys
:
value
=
tuple
(
dict
[
key
])
info
.
append
((
key
,
value
))
return
tuple
(
info
)
def
users_with_local_role
(
self
,
role
):
got
=
{}
for
user
,
roles
in
self
.
get_local_roles
():
if
role
in
roles
:
got
[
user
]
=
1
return
got
.
keys
()
def
get_valid_userids
(
self
):
item
=
self
dict
=
{}
_notfound
=
[]
while
1
:
aclu
=
getattr
(
aq_base
(
item
),
'__allow_groups__'
,
_notfound
)
if
aclu
is
not
_notfound
:
mlu
=
getattr
(
aclu
,
'maxlistusers'
,
_notfound
)
if
not
isinstance
(
mlu
,
int
):
mlu
=
DEFAULTMAXLISTUSERS
if
mlu
<
0
:
raise
OverflowError
un
=
getattr
(
aclu
,
'user_names'
,
_notfound
)
if
un
is
not
_notfound
:
un
=
aclu
.
__of__
(
item
).
user_names
# rewrap
unl
=
un
()
# maxlistusers of 0 is list all
if
len
(
unl
)
>
mlu
and
mlu
!=
0
:
raise
OverflowError
for
name
in
unl
:
dict
[
name
]
=
1
item
=
getattr
(
item
,
'__parent__'
,
_notfound
)
if
item
is
_notfound
:
break
keys
=
dict
.
keys
()
keys
.
sort
()
return
tuple
(
keys
)
def
get_local_roles_for_userid
(
self
,
userid
):
dict
=
self
.
__ac_local_roles__
or
{}
return
tuple
(
dict
.
get
(
userid
,
[]))
security
.
declareProtected
(
change_permissions
,
'manage_addLocalRoles'
)
def
manage_addLocalRoles
(
self
,
userid
,
roles
):
"""Set local roles for a user."""
if
not
roles
:
raise
ValueError
(
'One or more roles must be given!'
)
dict
=
self
.
__ac_local_roles__
if
dict
is
None
:
self
.
__ac_local_roles__
=
dict
=
{}
local_roles
=
list
(
dict
.
get
(
userid
,
[]))
for
r
in
roles
:
if
r
not
in
local_roles
:
local_roles
.
append
(
r
)
dict
[
userid
]
=
local_roles
self
.
_p_changed
=
True
security
.
declareProtected
(
change_permissions
,
'manage_setLocalRoles'
)
def
manage_setLocalRoles
(
self
,
userid
,
roles
):
"""Set local roles for a user."""
if
not
roles
:
raise
ValueError
(
'One or more roles must be given!'
)
dict
=
self
.
__ac_local_roles__
if
dict
is
None
:
self
.
__ac_local_roles__
=
dict
=
{}
dict
[
userid
]
=
roles
self
.
_p_changed
=
True
security
.
declareProtected
(
change_permissions
,
'manage_delLocalRoles'
)
def
manage_delLocalRoles
(
self
,
userids
):
"""Remove all local roles for a user."""
dict
=
self
.
__ac_local_roles__
if
dict
is
None
:
self
.
__ac_local_roles__
=
dict
=
{}
for
userid
in
userids
:
if
userid
in
dict
:
del
dict
[
userid
]
self
.
_p_changed
=
True
#------------------------------------------------------------
security
.
declarePrivate
(
'access_debug_info'
)
def
access_debug_info
(
self
):
"""Return debug info.
"""
clas
=
class_attrs
(
self
)
inst
=
instance_attrs
(
self
)
data
=
[]
_add
=
data
.
append
for
key
,
value
in
inst
.
items
():
if
key
.
find
(
'__roles__'
)
>=
0
:
_add
({
'name'
:
key
,
'value'
:
value
,
'class'
:
0
})
if
hasattr
(
value
,
'__roles__'
):
_add
({
'name'
:
'%s.__roles__'
%
key
,
'value'
:
value
.
__roles__
,
'class'
:
0
})
for
key
,
value
in
clas
.
items
():
if
key
.
find
(
'__roles__'
)
>=
0
:
_add
({
'name'
:
key
,
'value'
:
value
,
'class'
:
1
})
if
hasattr
(
value
,
'__roles__'
):
_add
({
'name'
:
'%s.__roles__'
%
key
,
'value'
:
value
.
__roles__
,
'class'
:
1
})
return
data
def
valid_roles
(
self
):
"""Return list of valid roles.
"""
obj
=
self
dict
=
{}
dup
=
dict
.
has_key
x
=
0
while
x
<
100
:
if
hasattr
(
obj
,
'__ac_roles__'
):
roles
=
obj
.
__ac_roles__
for
role
in
roles
:
if
not
dup
(
role
):
dict
[
role
]
=
1
if
getattr
(
obj
,
'__parent__'
,
None
)
is
None
:
break
obj
=
obj
.
__parent__
x
=
x
+
1
roles
=
dict
.
keys
()
roles
.
sort
()
return
tuple
(
roles
)
def
validate_roles
(
self
,
roles
):
"""Return true if all given roles are valid.
"""
valid
=
self
.
valid_roles
()
for
role
in
roles
:
if
role
not
in
valid
:
return
0
return
1
security
.
declareProtected
(
change_permissions
,
'userdefined_roles'
)
def
userdefined_roles
(
self
):
"""Return list of user-defined roles.
"""
roles
=
list
(
self
.
__ac_roles__
)
for
role
in
classattr
(
self
.
__class__
,
'__ac_roles__'
):
try
:
roles
.
remove
(
role
)
except
:
pass
return
tuple
(
roles
)
def
possible_permissions
(
self
):
d
=
{}
permissions
=
getPermissions
()
for
p
in
permissions
:
d
[
p
[
0
]]
=
1
for
p
in
self
.
ac_inherited_permissions
(
1
):
d
[
p
[
0
]]
=
1
d
=
d
.
keys
()
d
.
sort
()
return
d
InitializeClass
(
BaseRoleManager
)
def
reqattr
(
request
,
attr
):
try
:
return
request
[
attr
]
except
:
return
None
def
classattr
(
cls
,
attr
):
if
hasattr
(
cls
,
attr
):
return
getattr
(
cls
,
attr
)
try
:
bases
=
cls
.
__bases__
except
:
bases
=
()
for
base
in
bases
:
if
classattr
(
base
,
attr
):
return
attr
return
None
def
instance_dict
(
inst
):
try
:
return
inst
.
__dict__
except
:
return
{}
def
class_dict
(
_class
):
try
:
return
_class
.
__dict__
except
:
return
{}
def
instance_attrs
(
inst
):
return
instance_dict
(
inst
)
def
class_attrs
(
inst
,
_class
=
None
,
data
=
None
):
if
_class
is
None
:
_class
=
inst
.
__class__
data
=
{}
clas_dict
=
class_dict
(
_class
)
inst_dict
=
instance_dict
(
inst
)
inst_attr
=
inst_dict
.
has_key
for
key
,
value
in
clas_dict
.
items
():
if
not
inst_attr
(
key
):
data
[
key
]
=
value
for
base
in
_class
.
__bases__
:
data
=
class_attrs
(
inst
,
base
,
data
)
return
data
def
gather_permissions
(
klass
,
result
,
seen
):
for
base
in
klass
.
__bases__
:
if
'__ac_permissions__'
in
base
.
__dict__
:
for
p
in
base
.
__ac_permissions__
:
name
=
p
[
0
]
if
name
in
seen
:
continue
result
.
append
((
name
,
()))
seen
[
name
]
=
None
gather_permissions
(
base
,
result
,
seen
)
return
result
# BBB - this is a bit odd, but the class variable RoleManager.manage_options
# is used by a lot of code and this isn't available on the deferredimport
# wrapper
try
:
from
OFS.role
import
RoleManager
RoleManager
# pyflakes
except
ImportError
:
from
zope.deferredimport
import
deprecated
deprecated
(
"RoleManager is no longer part of AccessControl, please "
"depend on Zope2 and import from OFS.role"
,
RoleManager
=
'OFS.role:RoleManager'
,
)
src/AccessControl/User.py
View file @
4257dbfe
...
@@ -35,18 +35,20 @@ from App.Management import Navigation
...
@@ -35,18 +35,20 @@ from App.Management import Navigation
from
App.Management
import
Tabs
from
App.Management
import
Tabs
from
App.special_dtml
import
DTMLFile
from
App.special_dtml
import
DTMLFile
from
App.Dialogs
import
MessageDialog
from
App.Dialogs
import
MessageDialog
from
OFS.role
import
RoleManager
from
OFS.SimpleItem
import
Item
from
OFS.SimpleItem
import
Item
import
AuthEncoding
from
AccessControl
import
AuthEncoding
import
SpecialUsers
from
AccessControl
import
SpecialUsers
from
interfaces
import
IStandardUserFolder
from
.interfaces
import
IStandardUserFolder
from
requestmethod
import
requestmethod
from
.requestmethod
import
requestmethod
from
PermissionRole
import
_what_not_even_god_should_do
,
rolesForPermissionOn
from
.PermissionRole
import
_what_not_even_god_should_do
from
Role
import
RoleManager
,
DEFAULTMAXLISTUSERS
from
.PermissionRole
import
rolesForPermissionOn
from
SecurityManagement
import
getSecurityManager
from
.rolemanager
import
DEFAULTMAXLISTUSERS
from
SecurityManagement
import
newSecurityManager
from
.SecurityManagement
import
getSecurityManager
from
SecurityManagement
import
noSecurityManager
from
.SecurityManagement
import
newSecurityManager
from
ZopeSecurityPolicy
import
_noroles
from
.SecurityManagement
import
noSecurityManager
from
.ZopeSecurityPolicy
import
_noroles
_marker
=
[]
_marker
=
[]
...
...
src/AccessControl/rolemanager.py
0 → 100644
View file @
4257dbfe
##############################################################################
#
# Copyright (c) 2002 Zope Foundation and Contributors.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE
#
##############################################################################
"""Access control support
"""
from
cgi
import
escape
from
Acquisition
import
Acquired
from
Acquisition
import
aq_base
from
Acquisition
import
aq_get
from
ExtensionClass
import
Base
from
zope.interface
import
implements
from
AccessControl
import
ClassSecurityInfo
from
AccessControl.class_init
import
InitializeClass
from
AccessControl.interfaces
import
IRoleManager
from
AccessControl.Permission
import
getPermissions
from
AccessControl.Permission
import
Permission
from
AccessControl.PermissionMapping
import
RoleManager
from
AccessControl.Permissions
import
change_permissions
from
AccessControl.SecurityManagement
import
newSecurityManager
DEFAULTMAXLISTUSERS
=
250
def
_isBeingUsedAsAMethod
(
self
):
return
aq_get
(
self
,
'_isBeingUsedAsAMethod_'
,
0
)
def
_isNotBeingUsedAsAMethod
(
self
):
return
not
aq_get
(
self
,
'_isBeingUsedAsAMethod_'
,
0
)
class
BaseRoleManager
(
Base
,
RoleManager
):
"""An object that has configurable permissions"""
implements
(
IRoleManager
)
permissionMappingPossibleValues
=
Acquired
security
=
ClassSecurityInfo
()
__ac_roles__
=
(
'Manager'
,
'Owner'
,
'Anonymous'
,
'Authenticated'
)
__ac_local_roles__
=
None
security
.
declareProtected
(
change_permissions
,
'ac_inherited_permissions'
)
def
ac_inherited_permissions
(
self
,
all
=
0
):
# Get all permissions not defined in ourself that are inherited
# This will be a sequence of tuples with a name as the first item and
# an empty tuple as the second.
d
=
{}
perms
=
self
.
__ac_permissions__
for
p
in
perms
:
d
[
p
[
0
]]
=
None
r
=
gather_permissions
(
self
.
__class__
,
[],
d
)
if
all
:
if
hasattr
(
self
,
'_subobject_permissions'
):
for
p
in
self
.
_subobject_permissions
():
pname
=
p
[
0
]
if
not
pname
in
d
:
d
[
pname
]
=
1
r
.
append
(
p
)
r
=
list
(
perms
)
+
r
r
.
sort
()
return
tuple
(
r
)
security
.
declareProtected
(
change_permissions
,
'permission_settings'
)
def
permission_settings
(
self
,
permission
=
None
):
"""Return user-role permission settings.
If 'permission' is passed to the method then only the settings for
'permission' is returned.
"""
result
=
[]
valid
=
self
.
valid_roles
()
indexes
=
range
(
len
(
valid
))
ip
=
0
permissions
=
self
.
ac_inherited_permissions
(
1
)
# Filter permissions
if
permission
:
permissions
=
[
p
for
p
in
permissions
if
p
[
0
]
==
permission
]
for
p
in
permissions
:
name
,
value
=
p
[:
2
]
p
=
Permission
(
name
,
value
,
self
)
roles
=
p
.
getRoles
(
default
=
[])
d
=
{
'name'
:
name
,
'acquire'
:
isinstance
(
roles
,
list
)
and
'CHECKED'
or
''
,
'roles'
:
map
(
lambda
ir
,
roles
=
roles
,
valid
=
valid
,
ip
=
ip
:
{
'name'
:
"p%dr%d"
%
(
ip
,
ir
),
'checked'
:
(
valid
[
ir
]
in
roles
)
and
'CHECKED'
or
''
,
},
indexes
)
}
ip
=
ip
+
1
result
.
append
(
d
)
return
result
security
.
declareProtected
(
change_permissions
,
'manage_role'
)
def
manage_role
(
self
,
role_to_manage
,
permissions
=
[]):
"""Change the permissions given to the given role.
"""
for
p
in
self
.
ac_inherited_permissions
(
1
):
name
,
value
=
p
[:
2
]
p
=
Permission
(
name
,
value
,
self
)
p
.
setRole
(
role_to_manage
,
name
in
permissions
)
security
.
declareProtected
(
change_permissions
,
'manage_acquiredPermissions'
)
def
manage_acquiredPermissions
(
self
,
permissions
=
[]):
"""Change the permissions that acquire.
"""
for
p
in
self
.
ac_inherited_permissions
(
1
):
name
,
value
=
p
[:
2
]
p
=
Permission
(
name
,
value
,
self
)
roles
=
p
.
getRoles
()
if
roles
is
None
:
continue
if
name
in
permissions
:
p
.
setRoles
(
list
(
roles
))
else
:
p
.
setRoles
(
tuple
(
roles
))
def
manage_getUserRolesAndPermissions
(
self
,
user_id
):
""" Used for permission/role reporting for a given user_id.
Returns a dict mapping
'user_defined_in' -> path where the user account is defined
'roles' -> global roles,
'roles_in_context' -> roles in context of the current object,
'allowed_permissions' -> permissions allowed for the user,
'disallowed_permissions' -> all other permissions
"""
d
=
{}
current
=
self
while
1
:
try
:
uf
=
current
.
acl_users
except
AttributeError
:
raise
ValueError
(
'User %s could not be found'
%
user_id
)
userObj
=
uf
.
getUser
(
user_id
)
if
userObj
:
break
else
:
current
=
current
.
__parent__
newSecurityManager
(
None
,
userObj
)
# necessary?
userObj
=
userObj
.
__of__
(
uf
)
d
=
{
'user_defined_in'
:
'/'
+
uf
.
absolute_url
(
1
)}
# roles
roles
=
list
(
userObj
.
getRoles
())
roles
.
sort
()
d
[
'roles'
]
=
roles
# roles in context
roles
=
list
(
userObj
.
getRolesInContext
(
self
))
roles
.
sort
()
d
[
'roles_in_context'
]
=
roles
# permissions
allowed
=
[]
disallowed
=
[]
permMap
=
self
.
manage_getPermissionMapping
()
for
item
in
permMap
:
p
=
item
[
'permission_name'
]
if
userObj
.
has_permission
(
p
,
self
):
allowed
.
append
(
p
)
else
:
disallowed
.
append
(
p
)
d
[
'allowed_permissions'
]
=
allowed
d
[
'disallowed_permissions'
]
=
disallowed
return
d
security
.
declareProtected
(
change_permissions
,
'manage_permission'
)
def
manage_permission
(
self
,
permission_to_manage
,
roles
=
[],
acquire
=
0
):
"""Change the settings for the given permission.
If optional arg acquire is true, then the roles for the permission
are acquired, in addition to the ones specified, otherwise the
permissions are restricted to only the designated roles.
"""
for
p
in
self
.
ac_inherited_permissions
(
1
):
name
,
value
=
p
[:
2
]
if
name
==
permission_to_manage
:
p
=
Permission
(
name
,
value
,
self
)
if
acquire
:
roles
=
list
(
roles
)
else
:
roles
=
tuple
(
roles
)
p
.
setRoles
(
roles
)
return
raise
ValueError
(
"The permission <em>%s</em> is invalid."
%
escape
(
permission_to_manage
))
security
.
declareProtected
(
change_permissions
,
'permissionsOfRole'
)
def
permissionsOfRole
(
self
,
role
):
"""Returns a role to permission mapping.
"""
r
=
[]
for
p
in
self
.
ac_inherited_permissions
(
1
):
name
,
value
=
p
[:
2
]
p
=
Permission
(
name
,
value
,
self
)
roles
=
p
.
getRoles
()
r
.
append
({
'name'
:
name
,
'selected'
:
role
in
roles
and
'SELECTED'
or
''
,
})
return
r
security
.
declareProtected
(
change_permissions
,
'rolesOfPermission'
)
def
rolesOfPermission
(
self
,
permission
):
"""Returns a permission to role mapping.
"""
valid_roles
=
self
.
valid_roles
()
for
p
in
self
.
ac_inherited_permissions
(
1
):
name
,
value
=
p
[:
2
]
if
name
==
permission
:
p
=
Permission
(
name
,
value
,
self
)
roles
=
p
.
getRoles
()
return
map
(
lambda
role
,
roles
=
roles
:
{
'name'
:
role
,
'selected'
:
role
in
roles
and
'SELECTED'
or
''
,
},
valid_roles
)
raise
ValueError
(
"The permission <em>%s</em> is invalid."
%
escape
(
permission
))
security
.
declareProtected
(
change_permissions
,
'acquiredRolesAreUsedBy'
)
def
acquiredRolesAreUsedBy
(
self
,
permission
):
"""
"""
for
p
in
self
.
ac_inherited_permissions
(
1
):
name
,
value
=
p
[:
2
]
if
name
==
permission
:
p
=
Permission
(
name
,
value
,
self
)
roles
=
p
.
getRoles
()
return
isinstance
(
roles
,
list
)
and
'CHECKED'
or
''
raise
ValueError
(
"The permission <em>%s</em> is invalid."
%
escape
(
permission
))
# Local roles support
# -------------------
#
# Local roles allow a user to be given extra roles in the context
# of a particular object (and its children). When a user is given
# extra roles in a particular object, an entry for that user is made
# in the __ac_local_roles__ dict containing the extra roles.
def
has_local_roles
(
self
):
dict
=
self
.
__ac_local_roles__
or
{}
return
len
(
dict
)
def
get_local_roles
(
self
):
dict
=
self
.
__ac_local_roles__
or
{}
keys
=
dict
.
keys
()
keys
.
sort
()
info
=
[]
for
key
in
keys
:
value
=
tuple
(
dict
[
key
])
info
.
append
((
key
,
value
))
return
tuple
(
info
)
def
users_with_local_role
(
self
,
role
):
got
=
{}
for
user
,
roles
in
self
.
get_local_roles
():
if
role
in
roles
:
got
[
user
]
=
1
return
got
.
keys
()
def
get_valid_userids
(
self
):
item
=
self
dict
=
{}
_notfound
=
[]
while
1
:
aclu
=
getattr
(
aq_base
(
item
),
'__allow_groups__'
,
_notfound
)
if
aclu
is
not
_notfound
:
mlu
=
getattr
(
aclu
,
'maxlistusers'
,
_notfound
)
if
not
isinstance
(
mlu
,
int
):
mlu
=
DEFAULTMAXLISTUSERS
if
mlu
<
0
:
raise
OverflowError
un
=
getattr
(
aclu
,
'user_names'
,
_notfound
)
if
un
is
not
_notfound
:
un
=
aclu
.
__of__
(
item
).
user_names
# rewrap
unl
=
un
()
# maxlistusers of 0 is list all
if
len
(
unl
)
>
mlu
and
mlu
!=
0
:
raise
OverflowError
for
name
in
unl
:
dict
[
name
]
=
1
item
=
getattr
(
item
,
'__parent__'
,
_notfound
)
if
item
is
_notfound
:
break
keys
=
dict
.
keys
()
keys
.
sort
()
return
tuple
(
keys
)
def
get_local_roles_for_userid
(
self
,
userid
):
dict
=
self
.
__ac_local_roles__
or
{}
return
tuple
(
dict
.
get
(
userid
,
[]))
security
.
declareProtected
(
change_permissions
,
'manage_addLocalRoles'
)
def
manage_addLocalRoles
(
self
,
userid
,
roles
):
"""Set local roles for a user."""
if
not
roles
:
raise
ValueError
(
'One or more roles must be given!'
)
dict
=
self
.
__ac_local_roles__
if
dict
is
None
:
self
.
__ac_local_roles__
=
dict
=
{}
local_roles
=
list
(
dict
.
get
(
userid
,
[]))
for
r
in
roles
:
if
r
not
in
local_roles
:
local_roles
.
append
(
r
)
dict
[
userid
]
=
local_roles
self
.
_p_changed
=
True
security
.
declareProtected
(
change_permissions
,
'manage_setLocalRoles'
)
def
manage_setLocalRoles
(
self
,
userid
,
roles
):
"""Set local roles for a user."""
if
not
roles
:
raise
ValueError
(
'One or more roles must be given!'
)
dict
=
self
.
__ac_local_roles__
if
dict
is
None
:
self
.
__ac_local_roles__
=
dict
=
{}
dict
[
userid
]
=
roles
self
.
_p_changed
=
True
security
.
declareProtected
(
change_permissions
,
'manage_delLocalRoles'
)
def
manage_delLocalRoles
(
self
,
userids
):
"""Remove all local roles for a user."""
dict
=
self
.
__ac_local_roles__
if
dict
is
None
:
self
.
__ac_local_roles__
=
dict
=
{}
for
userid
in
userids
:
if
userid
in
dict
:
del
dict
[
userid
]
self
.
_p_changed
=
True
#------------------------------------------------------------
security
.
declarePrivate
(
'access_debug_info'
)
def
access_debug_info
(
self
):
"""Return debug info.
"""
clas
=
class_attrs
(
self
)
inst
=
instance_attrs
(
self
)
data
=
[]
_add
=
data
.
append
for
key
,
value
in
inst
.
items
():
if
key
.
find
(
'__roles__'
)
>=
0
:
_add
({
'name'
:
key
,
'value'
:
value
,
'class'
:
0
})
if
hasattr
(
value
,
'__roles__'
):
_add
({
'name'
:
'%s.__roles__'
%
key
,
'value'
:
value
.
__roles__
,
'class'
:
0
})
for
key
,
value
in
clas
.
items
():
if
key
.
find
(
'__roles__'
)
>=
0
:
_add
({
'name'
:
key
,
'value'
:
value
,
'class'
:
1
})
if
hasattr
(
value
,
'__roles__'
):
_add
({
'name'
:
'%s.__roles__'
%
key
,
'value'
:
value
.
__roles__
,
'class'
:
1
})
return
data
def
valid_roles
(
self
):
"""Return list of valid roles.
"""
obj
=
self
dict
=
{}
dup
=
dict
.
has_key
x
=
0
while
x
<
100
:
if
hasattr
(
obj
,
'__ac_roles__'
):
roles
=
obj
.
__ac_roles__
for
role
in
roles
:
if
not
dup
(
role
):
dict
[
role
]
=
1
if
getattr
(
obj
,
'__parent__'
,
None
)
is
None
:
break
obj
=
obj
.
__parent__
x
=
x
+
1
roles
=
dict
.
keys
()
roles
.
sort
()
return
tuple
(
roles
)
def
validate_roles
(
self
,
roles
):
"""Return true if all given roles are valid.
"""
valid
=
self
.
valid_roles
()
for
role
in
roles
:
if
role
not
in
valid
:
return
0
return
1
security
.
declareProtected
(
change_permissions
,
'userdefined_roles'
)
def
userdefined_roles
(
self
):
"""Return list of user-defined roles.
"""
roles
=
list
(
self
.
__ac_roles__
)
for
role
in
classattr
(
self
.
__class__
,
'__ac_roles__'
):
try
:
roles
.
remove
(
role
)
except
:
pass
return
tuple
(
roles
)
def
possible_permissions
(
self
):
d
=
{}
permissions
=
getPermissions
()
for
p
in
permissions
:
d
[
p
[
0
]]
=
1
for
p
in
self
.
ac_inherited_permissions
(
1
):
d
[
p
[
0
]]
=
1
d
=
d
.
keys
()
d
.
sort
()
return
d
InitializeClass
(
BaseRoleManager
)
def
reqattr
(
request
,
attr
):
try
:
return
request
[
attr
]
except
:
return
None
def
classattr
(
cls
,
attr
):
if
hasattr
(
cls
,
attr
):
return
getattr
(
cls
,
attr
)
try
:
bases
=
cls
.
__bases__
except
:
bases
=
()
for
base
in
bases
:
if
classattr
(
base
,
attr
):
return
attr
return
None
def
instance_dict
(
inst
):
try
:
return
inst
.
__dict__
except
:
return
{}
def
class_dict
(
_class
):
try
:
return
_class
.
__dict__
except
:
return
{}
def
instance_attrs
(
inst
):
return
instance_dict
(
inst
)
def
class_attrs
(
inst
,
_class
=
None
,
data
=
None
):
if
_class
is
None
:
_class
=
inst
.
__class__
data
=
{}
clas_dict
=
class_dict
(
_class
)
inst_dict
=
instance_dict
(
inst
)
inst_attr
=
inst_dict
.
has_key
for
key
,
value
in
clas_dict
.
items
():
if
not
inst_attr
(
key
):
data
[
key
]
=
value
for
base
in
_class
.
__bases__
:
data
=
class_attrs
(
inst
,
base
,
data
)
return
data
def
gather_permissions
(
klass
,
result
,
seen
):
for
base
in
klass
.
__bases__
:
if
'__ac_permissions__'
in
base
.
__dict__
:
for
p
in
base
.
__ac_permissions__
:
name
=
p
[
0
]
if
name
in
seen
:
continue
result
.
append
((
name
,
()))
seen
[
name
]
=
None
gather_permissions
(
base
,
result
,
seen
)
return
result
src/AccessControl/tests/testRole.py
View file @
4257dbfe
...
@@ -5,7 +5,7 @@ class TestRoleManager(unittest.TestCase):
...
@@ -5,7 +5,7 @@ class TestRoleManager(unittest.TestCase):
def
test_interfaces
(
self
):
def
test_interfaces
(
self
):
from
AccessControl.interfaces
import
IRoleManager
from
AccessControl.interfaces
import
IRoleManager
from
AccessControl.
Role
import
BaseRoleManager
from
AccessControl.
rolemanager
import
BaseRoleManager
from
zope.interface.verify
import
verifyClass
from
zope.interface.verify
import
verifyClass
verifyClass
(
IRoleManager
,
BaseRoleManager
)
verifyClass
(
IRoleManager
,
BaseRoleManager
)
...
...
src/App/Permission.py
View file @
4257dbfe
...
@@ -15,9 +15,9 @@
...
@@ -15,9 +15,9 @@
from
AccessControl.class_init
import
InitializeClass
from
AccessControl.class_init
import
InitializeClass
from
AccessControl.Role
import
RoleManager
from
AccessControl.SecurityInfo
import
ClassSecurityInfo
from
AccessControl.SecurityInfo
import
ClassSecurityInfo
from
Acquisition
import
Implicit
from
Acquisition
import
Implicit
from
OFS.role
import
RoleManager
from
OFS.SimpleItem
import
Item
from
OFS.SimpleItem
import
Item
from
Persistence
import
Persistent
from
Persistence
import
Persistent
...
...
src/OFS/DTMLMethod.py
View file @
4257dbfe
...
@@ -16,7 +16,6 @@ from urllib import quote
...
@@ -16,7 +16,6 @@ from urllib import quote
from
AccessControl.class_init
import
InitializeClass
from
AccessControl.class_init
import
InitializeClass
from
AccessControl.SecurityInfo
import
ClassSecurityInfo
from
AccessControl.SecurityInfo
import
ClassSecurityInfo
from
AccessControl.Role
import
RoleManager
from
Acquisition
import
Implicit
from
Acquisition
import
Implicit
from
App.special_dtml
import
DTMLFile
from
App.special_dtml
import
DTMLFile
from
App.special_dtml
import
HTML
from
App.special_dtml
import
HTML
...
@@ -33,6 +32,7 @@ from DocumentTemplate.security import RestrictedDTML
...
@@ -33,6 +32,7 @@ from DocumentTemplate.security import RestrictedDTML
from
OFS.Cache
import
Cacheable
from
OFS.Cache
import
Cacheable
from
OFS.History
import
Historical
from
OFS.History
import
Historical
from
OFS.History
import
html_diff
from
OFS.History
import
html_diff
from
OFS.role
import
RoleManager
from
OFS.SimpleItem
import
Item_w__name__
from
OFS.SimpleItem
import
Item_w__name__
from
OFS.ZDOM
import
ElementWithTitle
from
OFS.ZDOM
import
ElementWithTitle
from
webdav.Lockable
import
ResourceLockedError
from
webdav.Lockable
import
ResourceLockedError
...
...
src/OFS/Folder.py
View file @
4257dbfe
...
@@ -20,7 +20,6 @@ $Id$
...
@@ -20,7 +20,6 @@ $Id$
from
AccessControl.class_init
import
InitializeClass
from
AccessControl.class_init
import
InitializeClass
from
AccessControl.Permissions
import
add_page_templates
from
AccessControl.Permissions
import
add_page_templates
from
AccessControl.Permissions
import
add_user_folders
from
AccessControl.Permissions
import
add_user_folders
from
AccessControl.Role
import
RoleManager
from
AccessControl.SecurityManagement
import
getSecurityManager
from
AccessControl.SecurityManagement
import
getSecurityManager
from
AccessControl.unauthorized
import
Unauthorized
from
AccessControl.unauthorized
import
Unauthorized
from
App.special_dtml
import
DTMLFile
from
App.special_dtml
import
DTMLFile
...
@@ -31,6 +30,7 @@ from OFS.FindSupport import FindSupport
...
@@ -31,6 +30,7 @@ from OFS.FindSupport import FindSupport
from
OFS.interfaces
import
IFolder
from
OFS.interfaces
import
IFolder
from
OFS.ObjectManager
import
ObjectManager
from
OFS.ObjectManager
import
ObjectManager
from
OFS.PropertyManager
import
PropertyManager
from
OFS.PropertyManager
import
PropertyManager
from
OFS.role
import
RoleManager
from
OFS.SimpleItem
import
Item
from
OFS.SimpleItem
import
Item
...
...
src/OFS/Image.py
View file @
4257dbfe
...
@@ -25,7 +25,6 @@ from AccessControl.Permissions import view_management_screens
...
@@ -25,7 +25,6 @@ from AccessControl.Permissions import view_management_screens
from
AccessControl.Permissions
import
view
as
View
from
AccessControl.Permissions
import
view
as
View
from
AccessControl.Permissions
import
ftp_access
from
AccessControl.Permissions
import
ftp_access
from
AccessControl.Permissions
import
delete_objects
from
AccessControl.Permissions
import
delete_objects
from
AccessControl.Role
import
RoleManager
from
AccessControl.SecurityInfo
import
ClassSecurityInfo
from
AccessControl.SecurityInfo
import
ClassSecurityInfo
from
Acquisition
import
Implicit
from
Acquisition
import
Implicit
from
App.special_dtml
import
DTMLFile
from
App.special_dtml
import
DTMLFile
...
@@ -44,6 +43,7 @@ from zope.interface import implements
...
@@ -44,6 +43,7 @@ from zope.interface import implements
from
OFS.Cache
import
Cacheable
from
OFS.Cache
import
Cacheable
from
OFS.PropertyManager
import
PropertyManager
from
OFS.PropertyManager
import
PropertyManager
from
OFS.role
import
RoleManager
from
OFS.SimpleItem
import
Item_w__name__
from
OFS.SimpleItem
import
Item_w__name__
from
zope.event
import
notify
from
zope.event
import
notify
...
...
src/OFS/SimpleItem.py
View file @
4257dbfe
...
@@ -30,7 +30,6 @@ from AccessControl.SecurityInfo import ClassSecurityInfo
...
@@ -30,7 +30,6 @@ from AccessControl.SecurityInfo import ClassSecurityInfo
from
AccessControl.SecurityManagement
import
getSecurityManager
from
AccessControl.SecurityManagement
import
getSecurityManager
from
AccessControl.Owned
import
Owned
from
AccessControl.Owned
import
Owned
from
AccessControl.Permissions
import
view
as
View
from
AccessControl.Permissions
import
view
as
View
from
AccessControl.Role
import
RoleManager
from
AccessControl.unauthorized
import
Unauthorized
from
AccessControl.unauthorized
import
Unauthorized
from
AccessControl.ZopeSecurityPolicy
import
getRoles
from
AccessControl.ZopeSecurityPolicy
import
getRoles
from
Acquisition
import
Acquired
from
Acquisition
import
Acquired
...
@@ -58,6 +57,7 @@ from OFS.interfaces import IItem
...
@@ -58,6 +57,7 @@ from OFS.interfaces import IItem
from
OFS.interfaces
import
IItemWithName
from
OFS.interfaces
import
IItemWithName
from
OFS.interfaces
import
ISimpleItem
from
OFS.interfaces
import
ISimpleItem
from
OFS.CopySupport
import
CopySource
from
OFS.CopySupport
import
CopySource
from
OFS.role
import
RoleManager
from
OFS.Traversable
import
Traversable
from
OFS.Traversable
import
Traversable
from
OFS.ZDOM
import
Element
from
OFS.ZDOM
import
Element
...
...
src/OFS/role.py
View file @
4257dbfe
...
@@ -19,8 +19,8 @@ from App.special_dtml import DTMLFile
...
@@ -19,8 +19,8 @@ from App.special_dtml import DTMLFile
from
AccessControl
import
ClassSecurityInfo
from
AccessControl
import
ClassSecurityInfo
from
AccessControl.class_init
import
InitializeClass
from
AccessControl.class_init
import
InitializeClass
from
AccessControl.
Role
import
BaseRoleManager
from
AccessControl.
rolemanager
import
BaseRoleManager
from
AccessControl.
Role
import
reqattr
from
AccessControl.
rolemanager
import
reqattr
from
AccessControl.Permission
import
Permission
from
AccessControl.Permission
import
Permission
from
AccessControl.Permissions
import
change_permissions
from
AccessControl.Permissions
import
change_permissions
from
AccessControl.requestmethod
import
requestmethod
from
AccessControl.requestmethod
import
requestmethod
...
...
src/Products/ExternalMethod/ExternalMethod.py
View file @
4257dbfe
...
@@ -26,7 +26,6 @@ from AccessControl.class_init import InitializeClass
...
@@ -26,7 +26,6 @@ from AccessControl.class_init import InitializeClass
from
AccessControl.Permissions
import
change_external_methods
from
AccessControl.Permissions
import
change_external_methods
from
AccessControl.Permissions
import
view_management_screens
from
AccessControl.Permissions
import
view_management_screens
from
AccessControl.Permissions
import
view
as
View
from
AccessControl.Permissions
import
view
as
View
from
AccessControl.Role
import
RoleManager
from
AccessControl.SecurityInfo
import
ClassSecurityInfo
from
AccessControl.SecurityInfo
import
ClassSecurityInfo
from
Acquisition
import
Acquired
from
Acquisition
import
Acquired
from
Acquisition
import
Explicit
from
Acquisition
import
Explicit
...
@@ -36,6 +35,7 @@ from App.Extensions import getPath
...
@@ -36,6 +35,7 @@ from App.Extensions import getPath
from
App.Extensions
import
FuncCode
from
App.Extensions
import
FuncCode
from
App.special_dtml
import
DTMLFile
from
App.special_dtml
import
DTMLFile
from
App.special_dtml
import
HTML
from
App.special_dtml
import
HTML
from
OFS.role
import
RoleManager
from
OFS.SimpleItem
import
Item
from
OFS.SimpleItem
import
Item
from
OFS.SimpleItem
import
pretty_tb
from
OFS.SimpleItem
import
pretty_tb
from
Persistence
import
Persistent
from
Persistence
import
Persistent
...
...
src/Products/MailHost/MailHost.py
View file @
4257dbfe
...
@@ -40,11 +40,11 @@ from AccessControl.class_init import InitializeClass
...
@@ -40,11 +40,11 @@ from AccessControl.class_init import InitializeClass
from
AccessControl.SecurityInfo
import
ClassSecurityInfo
from
AccessControl.SecurityInfo
import
ClassSecurityInfo
from
AccessControl.Permissions
import
change_configuration
,
view
from
AccessControl.Permissions
import
change_configuration
,
view
from
AccessControl.Permissions
import
use_mailhost_services
from
AccessControl.Permissions
import
use_mailhost_services
from
AccessControl.Role
import
RoleManager
from
Acquisition
import
Implicit
from
Acquisition
import
Implicit
from
App.special_dtml
import
DTMLFile
from
App.special_dtml
import
DTMLFile
from
DateTime.DateTime
import
DateTime
from
DateTime.DateTime
import
DateTime
from
Persistence
import
Persistent
from
Persistence
import
Persistent
from
OFS.role
import
RoleManager
from
OFS.SimpleItem
import
Item
from
OFS.SimpleItem
import
Item
from
zope.interface
import
implements
from
zope.interface
import
implements
...
...
src/Products/Sessions/BrowserIdManager.py
View file @
4257dbfe
...
@@ -24,7 +24,6 @@ from urlparse import urlunparse
...
@@ -24,7 +24,6 @@ from urlparse import urlunparse
from
AccessControl.class_init
import
InitializeClass
from
AccessControl.class_init
import
InitializeClass
from
AccessControl.Owned
import
Owned
from
AccessControl.Owned
import
Owned
from
AccessControl.Role
import
RoleManager
from
AccessControl.SecurityInfo
import
ClassSecurityInfo
from
AccessControl.SecurityInfo
import
ClassSecurityInfo
from
Acquisition
import
Implicit
from
Acquisition
import
Implicit
from
Acquisition
import
aq_parent
from
Acquisition
import
aq_parent
...
@@ -33,6 +32,7 @@ from App.Management import Tabs
...
@@ -33,6 +32,7 @@ from App.Management import Tabs
from
App.special_dtml
import
DTMLFile
from
App.special_dtml
import
DTMLFile
from
Persistence
import
Persistent
from
Persistence
import
Persistent
from
persistent
import
TimeStamp
from
persistent
import
TimeStamp
from
OFS.role
import
RoleManager
from
OFS.SimpleItem
import
Item
from
OFS.SimpleItem
import
Item
from
ZPublisher.BeforeTraverse
import
registerBeforeTraverse
from
ZPublisher.BeforeTraverse
import
registerBeforeTraverse
from
ZPublisher.BeforeTraverse
import
unregisterBeforeTraverse
from
ZPublisher.BeforeTraverse
import
unregisterBeforeTraverse
...
...
src/Products/Sessions/SessionDataManager.py
View file @
4257dbfe
...
@@ -16,11 +16,11 @@ import sys
...
@@ -16,11 +16,11 @@ import sys
from
AccessControl.class_init
import
InitializeClass
from
AccessControl.class_init
import
InitializeClass
from
AccessControl.Owned
import
Owned
from
AccessControl.Owned
import
Owned
from
AccessControl.Role
import
RoleManager
from
AccessControl.SecurityInfo
import
ClassSecurityInfo
from
AccessControl.SecurityInfo
import
ClassSecurityInfo
from
Acquisition
import
Implicit
from
Acquisition
import
Implicit
from
App.special_dtml
import
DTMLFile
from
App.special_dtml
import
DTMLFile
from
App.Management
import
Tabs
from
App.Management
import
Tabs
from
OFS.role
import
RoleManager
from
OFS.SimpleItem
import
Item
from
OFS.SimpleItem
import
Item
from
Persistence
import
Persistent
from
Persistence
import
Persistent
from
ZPublisher.BeforeTraverse
import
registerBeforeTraverse
from
ZPublisher.BeforeTraverse
import
registerBeforeTraverse
...
...
src/Shared/DC/ZRDB/Aqueduct.py
View file @
4257dbfe
...
@@ -21,12 +21,12 @@ import os
...
@@ -21,12 +21,12 @@ import os
import
re
import
re
import
string
import
string
from
AccessControl.Role
import
RoleManager
from
Acquisition
import
Implicit
from
Acquisition
import
Implicit
from
App.Common
import
package_home
from
App.Common
import
package_home
from
DateTime.DateTime
import
DateTime
from
DateTime.DateTime
import
DateTime
from
DocumentTemplate
import
File
from
DocumentTemplate
import
File
from
DocumentTemplate
import
HTML
from
DocumentTemplate
import
HTML
from
OFS.role
import
RoleManager
from
OFS.SimpleItem
import
Item
from
OFS.SimpleItem
import
Item
from
Persistence
import
Persistent
from
Persistence
import
Persistent
from
zExceptions
import
Redirect
from
zExceptions
import
Redirect
...
...
src/Shared/DC/ZRDB/Connection.py
View file @
4257dbfe
...
@@ -26,13 +26,13 @@ from AccessControl.Permissions import view_management_screens
...
@@ -26,13 +26,13 @@ from AccessControl.Permissions import view_management_screens
from
AccessControl.Permissions
import
change_database_connections
from
AccessControl.Permissions
import
change_database_connections
from
AccessControl.Permissions
import
test_database_connections
from
AccessControl.Permissions
import
test_database_connections
from
AccessControl.Permissions
import
open_close_database_connection
from
AccessControl.Permissions
import
open_close_database_connection
from
AccessControl.Role
import
RoleManager
from
AccessControl.SecurityInfo
import
ClassSecurityInfo
from
AccessControl.SecurityInfo
import
ClassSecurityInfo
from
Acquisition
import
Implicit
from
Acquisition
import
Implicit
from
App.Dialogs
import
MessageDialog
from
App.Dialogs
import
MessageDialog
from
App.special_dtml
import
DTMLFile
from
App.special_dtml
import
DTMLFile
from
DateTime.DateTime
import
DateTime
from
DateTime.DateTime
import
DateTime
from
DocumentTemplate
import
HTML
from
DocumentTemplate
import
HTML
from
OFS.role
import
RoleManager
from
OFS.SimpleItem
import
Item
from
OFS.SimpleItem
import
Item
from
Persistence
import
Persistent
from
Persistence
import
Persistent
from
zExceptions
import
BadRequest
from
zExceptions
import
BadRequest
...
...
src/Shared/DC/ZRDB/DA.py
View file @
4257dbfe
...
@@ -23,7 +23,6 @@ from AccessControl.class_init import InitializeClass
...
@@ -23,7 +23,6 @@ from AccessControl.class_init import InitializeClass
from
AccessControl.Permissions
import
change_database_methods
from
AccessControl.Permissions
import
change_database_methods
from
AccessControl.Permissions
import
use_database_methods
from
AccessControl.Permissions
import
use_database_methods
from
AccessControl.Permissions
import
view_management_screens
from
AccessControl.Permissions
import
view_management_screens
from
AccessControl.Role
import
RoleManager
from
AccessControl.SecurityInfo
import
ClassSecurityInfo
from
AccessControl.SecurityInfo
import
ClassSecurityInfo
from
AccessControl.SecurityManagement
import
getSecurityManager
from
AccessControl.SecurityManagement
import
getSecurityManager
from
Acquisition
import
Implicit
from
Acquisition
import
Implicit
...
@@ -35,6 +34,7 @@ from DocumentTemplate.security import RestrictedDTML
...
@@ -35,6 +34,7 @@ from DocumentTemplate.security import RestrictedDTML
from
DateTime.DateTime
import
DateTime
from
DateTime.DateTime
import
DateTime
from
ExtensionClass
import
Base
from
ExtensionClass
import
Base
from
BTrees.OOBTree
import
OOBucket
as
Bucket
from
BTrees.OOBTree
import
OOBucket
as
Bucket
from
OFS.role
import
RoleManager
from
OFS.SimpleItem
import
Item
from
OFS.SimpleItem
import
Item
from
Persistence
import
Persistent
from
Persistence
import
Persistent
from
webdav.Resource
import
Resource
from
webdav.Resource
import
Resource
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment