Detect if roles are passed in to validate. If so, use them.

99135a61 · Chris McDonough · 0295116b · 99135a61
Commit 99135a61 authored Jan 10, 2001 by Chris McDonough
Hide whitespace changes
Inline Side-by-side

Showing with 17 additions and 9 deletions

lib/python/AccessControl/ZopeSecurityPolicy.py lib/python/AccessControl/ZopeSecurityPolicy.py +17 -9

No files found.
--- a/lib/python/AccessControl/ZopeSecurityPolicy.py
+++ b/lib/python/AccessControl/ZopeSecurityPolicy.py
@@ -85,11 +85,11 @@
 __doc__='''Define Zope\'s default security policy


-$Id: ZopeSecurityPolicy.py,v 1.7 2000/07/05 13:51:21 brian Exp $'''
-__version__='$Revision: 1.7 $'[11:-2]
+$Id: ZopeSecurityPolicy.py,v 1.8 2001/01/10 20:22:18 chrism Exp $'''
+__version__='$Revision: 1.8 $'[11:-2]

 import SimpleObjectPolicies
-_noroles=[]
+_noroles=SimpleObjectPolicies._noroles

 from PermissionRole import _what_not_even_god_should_do, rolesForPermissionOn

@@ -97,8 +97,9 @@ from PermissionRole import _what_not_even_god_should_do, rolesForPermissionOn
 class ZopeSecurityPolicy:
    
    def validate(self, accessed, container, name, value, context,
-                 None=None, type=type, IntType=type(0), DictType=type({}),
-                 getattr=getattr, _noroles=_noroles, StringType=type(''),
+                 roles=_noroles, None=None, type=type, IntType=type(0),
+                 DictType=type({}), getattr=getattr, _noroles=_noroles,
+                 StringType=type(''),
                 Containers=SimpleObjectPolicies.Containers,
                 valid_aq_=('aq_parent','aq_explicit')):

@@ -113,14 +114,21 @@ class ZopeSecurityPolicy:
        accessedbase=getattr(accessed, 'aq_base', container)

        ############################################################
-        # Try to get roles
-        roles=getattr(value, '__roles__', _noroles)
+        # If roles weren't passed in, we'll try to get them from the object
+
+        if roles is _noroles:
+            roles=getattr(value, '__roles__', _noroles)
+
+        ############################################################
+        # We still might not have any roles

        if roles is _noroles:

            ############################################################
-            # We have an object without roles. Presumabely, it's
-            # some simple object, like a string or a list.
+            # We have an object without roles and we didn't get a list
+            # of roles passed in. Presumably, the value is some simple
+            # object like a string or a list.  We'll try to get roles
+            # from its container.
            if container is None: return 0 # Bail if no container

            roles=getattr(container, '__roles__', _noroles)