{ "info": { "author": "Souheil Chelfouh", "author_email": "trollfot@gmail.com", "bugtrack_url": null, "classifiers": [ "Programming Language :: Python" ], "description": "========================\ndolmen.security.policies\n========================\n\n``dolmen.security.policies`` provides a pluggable way to handle\nobject-level security.\n\n >>> from zope.location import Location\n >>> from zope.interface import implements\n >>> from zope.annotation.interfaces import IAttributeAnnotatable\n\n >>> class Content(Location):\n ... implements(IAttributeAnnotatable)\n ... def __init__(self, parent, name):\n ... self.__parent__ = parent\n ... self.__name__ = name\n\n >>> class MyFolder(Location):\n ... implements(IAttributeAnnotatable)\n ... def __init__(self):\n ... self.contents = {}\n\n >>> folder = MyFolder()\n >>> contentA = folder.contents['a'] = Content(folder, 'a')\n\n\nRoles\n=====\n\nStandard behavior\n-----------------\n\nOut of the box settings\n~~~~~~~~~~~~~~~~~~~~~~~\n\n >>> from zope.securitypolicy.zopepolicy import settingsForObject\n >>> pprint(settingsForObject(contentA))\n [('a',\n {'principalPermissions': [], 'principalRoles': [], 'rolePermissions': []}),\n (None,\n {'principalPermissions': [], 'principalRoles': [], 'rolePermissions': []}),\n ('global settings',\n {'principalPermissions': [{'permission': 'zope.View',\n\t\t\t 'principal': 'zope.test',\n\t\t\t 'setting': PermissionSetting: Allow}],\n 'principalRoles': [],\n 'rolePermissions': [{'permission': 'zope.ManageContent',\n\t\t\t 'role': 'test.role',\n\t\t\t 'setting': PermissionSetting: Allow}]})]\n\n\nAssign a role to the test user\n~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n\n >>> from zope.securitypolicy.interfaces import IPrincipalRoleManager\n >>> manager = IPrincipalRoleManager(folder)\n >>> manager.assignRoleToPrincipal('test.role', 'zope.test')\n\n\nTest the role application\n~~~~~~~~~~~~~~~~~~~~~~~~~\n\n >>> from zope.securitypolicy.interfaces import IPrincipalRoleMap\n >>> folder_rpm = IPrincipalRoleMap(folder)\n >>> print folder_rpm.getRolesForPrincipal('zope.test')\n [('test.role', PermissionSetting: Allow)]\n\n \nRole inheritence\n~~~~~~~~~~~~~~~~\n\n >>> pprint(settingsForObject(contentA))\n [('a',\n {'principalPermissions': [], 'principalRoles': [], 'rolePermissions': []}),\n (None,\n {'principalPermissions': [],\n 'principalRoles': [{'principal': 'zope.test',\n\t\t\t 'role': 'test.role',\n\t\t\t 'setting': PermissionSetting: Allow}],\n 'rolePermissions': []}),\n ('global settings',\n {'principalPermissions': [{'permission': 'zope.View',\n\t\t\t 'principal': 'zope.test',\n\t\t\t 'setting': PermissionSetting: Allow}],\n 'principalRoles': [],\n 'rolePermissions': [{'permission': 'zope.ManageContent',\n\t\t\t 'role': 'test.role',\n\t\t\t 'setting': PermissionSetting: Allow}]})]\n\n\nAdditive behavior\n-----------------\n\n >>> import grokcore.component as grok\n >>> from grokcore.component.testing import grok_component\n >>> from zope.securitypolicy.interfaces import Allow, Deny\n >>> from zope.securitypolicy.securitymap import SecurityMap\n >>> from dolmen.security.policies.principalrole import ExtraRoleMap\n >>> from zope.securitypolicy.interfaces import IPrincipalRoleManager\n\n >>> class MyHomefolder(Location):\n ... implements(IAttributeAnnotatable)\n ... def __init__(self, id):\n ... self.__name__ = \"%s homepage\" % id\n ... self.userid = id\n\n >>> home = MyHomefolder('zope.test')\n >>> pprint(settingsForObject(home)[0])\n ('zope.test homepage',\n {'principalPermissions': [], 'principalRoles': [], 'rolePermissions': []})\n\n >>> class HomepageRoleManager(ExtraRoleMap):\n ... grok.context(MyHomefolder)\n ...\n ... def _compute_extra_data(self):\n ... extra_map = SecurityMap()\n ... extra_map.addCell('test.role', self.context.userid, Allow)\n ... return extra_map\n\n >>> from zope.component import provideAdapter\n >>> from zope.securitypolicy.interfaces import (\n ... IPrincipalRoleManager, IPrincipalRoleMap, IRolePermissionMap)\n\n >>> provideAdapter(\n ... HomepageRoleManager, (MyHomefolder,), IPrincipalRoleManager)\n >>> provideAdapter(\n ... HomepageRoleManager, (MyHomefolder,), IPrincipalRoleMap)\n\n >>> pprint(settingsForObject(home)[0])\n ('zope.test homepage',\n {'principalPermissions': [],\n 'principalRoles': [{'principal': 'zope.test',\n 'role': 'test.role',\n 'setting': PermissionSetting: Allow}],\n 'rolePermissions': []})\n\n\nChecking the permissions::\n\n >>> from zope.security.testing import Principal, Participation\n >>> from zope.security.management import newInteraction, endInteraction\n >>> newInteraction(Participation(Principal('zope.test')))\n\n >>> from zope.security import checkPermission\n >>> checkPermission('zope.ManageContent', home)\n True\n\n >>> home.userid = \"someone else\"\n >>> checkPermission('zope.ManageContent', home)\n False\n\n >>> home.userid = \"zope.test\"\n >>> checkPermission('zope.ManageContent', home)\n True\n\n\nRole Permissions\n----------------\n\nWe can allow/deny permissions on roles too::\n\n >>> from dolmen.security.policies import ExtraRolePermissionMap\n >>> from zope.securitypolicy.interfaces import IRolePermissionManager\n\n >>> class HomepageRolePermissionManager(ExtraRolePermissionMap):\n ... grok.context(MyHomefolder)\n ...\n ... def _compute_extra_data(self):\n ... extra_map = SecurityMap()\n ... extra_map.addCell('zope.ManageContent', 'test.role', Deny)\n ... return extra_map\n\n >>> provideAdapter(\n ... HomepageRolePermissionManager, (MyHomefolder,),\n ... IRolePermissionManager)\n\n >>> pprint(settingsForObject(home)[0])\n ('zope.test homepage',\n {'principalPermissions': [],\n 'principalRoles': [{'principal': 'zope.test',\n 'role': 'test.role',\n 'setting': PermissionSetting: Allow}],\n 'rolePermissions': [{'permission': 'zope.ManageContent',\n 'role': 'test.role',\n 'setting': PermissionSetting: Deny}]})\n\n >>> checkPermission('zope.ManageContent', home)\n False\n\n >>> endInteraction()\n\n\nChangelog\n=========\n\n0.3 (2011-02-22)\n----------------\n\n* Added base adapter for `IRolePermissionManager`. This allows to deny\n or allow permissions by role. [goschtl]\n\n\n0.2 (2011-01-19)\n----------------\n\n* Re-packaging\n\n\n0.1 (2011-01-18)\n----------------\n\n* Initial release", "description_content_type": null, "docs_url": null, "download_url": "UNKNOWN", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "http://www.dolmen-project.org", "keywords": "Grok security", "license": "GPL", "maintainer": null, "maintainer_email": null, "name": "dolmen.security.policies", "package_url": "https://pypi.org/project/dolmen.security.policies/", "platform": "Any", "project_url": "https://pypi.org/project/dolmen.security.policies/", "project_urls": { "Download": "UNKNOWN", "Homepage": "http://www.dolmen-project.org" }, "release_url": "https://pypi.org/project/dolmen.security.policies/0.3/", "requires_dist": null, "requires_python": null, "summary": "A collection of security maps baseclasses", "version": "0.3" }, "last_serial": 791338, "releases": { "0.1": [ { "comment_text": "", "digests": { "md5": "16a29b23779372661032f4c29ee17120", "sha256": "960c5da8e8f55b907cc233666b02b1926725934b60ed18670a0a07642f0a1c0a" }, "downloads": -1, "filename": "dolmen.security.policies-0.1.tar.gz", "has_sig": false, "md5_digest": "16a29b23779372661032f4c29ee17120", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 3785, "upload_time": "2011-01-18T18:01:21", "url": "https://files.pythonhosted.org/packages/c9/7c/b65d47a0eb9edba9c0cf48bf172e38da2dca6b2fe8de6d4ce6d0fc8a7b72/dolmen.security.policies-0.1.tar.gz" } ], "0.2": [ { "comment_text": "", "digests": { "md5": "17d13a043dd6b9dfb9d8e87cee429534", "sha256": "55e4c64eeec9cd6a5f66117b67aefb11ce08e9874f973cef86a4dc91e75d9779" }, "downloads": -1, "filename": "dolmen.security.policies-0.2.tar.gz", "has_sig": false, "md5_digest": "17d13a043dd6b9dfb9d8e87cee429534", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 4638, "upload_time": "2011-01-19T11:30:33", "url": "https://files.pythonhosted.org/packages/a0/89/af080659debd4b5737e485d0490cbd7cebe9d0b9ef0c62adf5501ce624d6/dolmen.security.policies-0.2.tar.gz" } ], "0.3": [ { "comment_text": "", "digests": { "md5": "c73dd71947c79e9938cc03f4c635ac1b", "sha256": "a1fb643aeead9e0d65b345bcf2cfcd52d7d67ce21441b30f5d5aad59f7abd492" }, "downloads": -1, "filename": "dolmen.security.policies-0.3.tar.gz", "has_sig": false, "md5_digest": "c73dd71947c79e9938cc03f4c635ac1b", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 5144, "upload_time": "2011-02-22T17:10:07", "url": "https://files.pythonhosted.org/packages/0a/b8/023ff20d364581072c066ac2c0aa4680ba1c1746ee3d315bddaa6cb7dc12/dolmen.security.policies-0.3.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "c73dd71947c79e9938cc03f4c635ac1b", "sha256": "a1fb643aeead9e0d65b345bcf2cfcd52d7d67ce21441b30f5d5aad59f7abd492" }, "downloads": -1, "filename": "dolmen.security.policies-0.3.tar.gz", "has_sig": false, "md5_digest": "c73dd71947c79e9938cc03f4c635ac1b", "packagetype": "sdist", "python_version": "source", "requires_python": null, "size": 5144, "upload_time": "2011-02-22T17:10:07", "url": "https://files.pythonhosted.org/packages/0a/b8/023ff20d364581072c066ac2c0aa4680ba1c1746ee3d315bddaa6cb7dc12/dolmen.security.policies-0.3.tar.gz" } ] }