Commit 3168d870 authored by Martin Aspeli's avatar Martin Aspeli

Merge r114488 from 2.12 branch

parent 916bcfd9
...@@ -201,15 +201,7 @@ class view(zope.browserpage.metaconfigure.view): ...@@ -201,15 +201,7 @@ class view(zope.browserpage.metaconfigure.view):
): ):
if permission is None: if permission is None:
permission = 'zope.Public' permission = 'zope.Public'
elif permission in ('zope.Public', 'zope2.Public'):
# No need to warn about the default case
pass
else:
warnings.warn("The permission option of the <browser:view /> "
"directive is not supported in Zope 2. " + \
"Ignored for %s in %s" %
(str(class_), _context.info), stacklevel=3)
super(view, self).__init__( super(view, self).__init__(
_context, permission, for_=for_, name=name, layer=layer, _context, permission, for_=for_, name=name, layer=layer,
class_=class_, allowed_interface=allowed_interface, class_=class_, allowed_interface=allowed_interface,
...@@ -314,6 +306,42 @@ class view(zope.browserpage.metaconfigure.view): ...@@ -314,6 +306,42 @@ class view(zope.browserpage.metaconfigure.view):
newclass, (for_, layer), self.provides, name, newclass, (for_, layer), self.provides, name,
_context.info), _context.info),
) )
# Security
_context.action(
discriminator = ('five:protectClass', newclass),
callable = protectClass,
args = (newclass, permission)
)
if allowed_attributes:
for attr in allowed_attributes:
_context.action(
discriminator = ('five:protectName', newclass, attr),
callable = protectName,
args = (newclass, attr, permission)
)
# Make everything else private
allowed = allowed_attributes or []
private_attrs = [name for name in dir(newclass)
if (not name.startswith('_')) and
(name not in allowed) and
ismethod(getattr(newclass, name))]
for attr in private_attrs:
_context.action(
discriminator = ('five:protectName', newclass, attr),
callable = protectName,
args = (newclass, attr, CheckerPrivateId)
)
# Protect the class
_context.action(
discriminator = ('five:initialize:class', newclass),
callable = InitializeClass,
args = (newclass,)
)
_factory_map = {'image':{'prefix':'ImageResource', _factory_map = {'image':{'prefix':'ImageResource',
'count':0, 'count':0,
......
...@@ -253,12 +253,34 @@ C methods work the same ...@@ -253,12 +253,34 @@ C methods work the same
>>> aq_parent(aq_inner(context)) >>> aq_parent(aq_inner(context))
<Folder at /test_folder_1_> <Folder at /test_folder_1_>
The same applies to a view registered with <browser:view /> instead of
<browser:page />
>>> request = TestRequest()
>>> view = getMultiAdapter((self.folder.testoid, request), name=u'permission_view')
>>> view.__ac_permissions__
(('View management screens', ('',)),)
>>> aq_acquire(view, '__roles__')
('Manager',)
>>> context = view.context
>>> from Acquisition import ImplicitAcquisitionWrapper
>>> type(context) == ImplicitAcquisitionWrapper
True
>>> view.__parent__ == view.context
True
>>> aq_parent(view) == view.context
True
>>> context.aq_inner.aq_parent
<Folder at /test_folder_1_>
>>> aq_parent(aq_inner(context))
<Folder at /test_folder_1_>
High-level security High-level security
------------------- -------------------
>>> protected_view_names = [ >>> protected_view_names = [
... 'eagle.txt', 'falcon.html', 'owl.html', 'flamingo.html', ... 'eagle.txt', 'falcon.html', 'owl.html', 'flamingo.html',
... 'condor.html'] ... 'condor.html', 'permission_view']
>>> >>>
>>> public_view_names = [ >>> public_view_names = [
... 'public_attribute_page', ... 'public_attribute_page',
......
...@@ -232,7 +232,15 @@ ...@@ -232,7 +232,15 @@
class=".pages.SimpleView" class=".pages.SimpleView"
permission="zope2.Public" permission="zope2.Public"
/> />
<!-- A named view with permissions -->
<browser:view
name="permission_view"
for="Products.Five.tests.testing.simplecontent.ISimpleContent"
class=".pages.CallView"
permission="zope2.ViewManagementScreens"
/>
<!-- stuff that we'll override in overrides.zcml --> <!-- stuff that we'll override in overrides.zcml -->
<browser:page <browser:page
for="Products.Five.tests.testing.simplecontent.ISimpleContent" for="Products.Five.tests.testing.simplecontent.ISimpleContent"
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment