本文整理汇总了Python中AccessControl类的典型用法代码示例。如果您正苦于以下问题:Python AccessControl类的具体用法?Python AccessControl怎么用?Python AccessControl使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
在下文中一共展示了AccessControl类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: setupSecurityOptions
def setupSecurityOptions(self):
import AccessControl
AccessControl.setImplementation(self.cfg.security_policy_implementation)
AccessControl.setDefaultBehaviors(
not self.cfg.skip_ownership_checking, not self.cfg.skip_authentication_checking, self.cfg.verbose_security
)示例2: _create_yearfolder
def _create_yearfolder(inbox, year):
"""creates the yearfolder for the given year"""
_sm = AccessControl.getSecurityManager()
AccessControl.SecurityManagement.newSecurityManager(
inbox.REQUEST,
AccessControl.SecurityManagement.SpecialUsers.system)
try:
# for creating the folder, we need to be a superuser since
# normal user should not be able to add year folders.
# --- help i18ndude ---
msg = _(u'yearfolder_title', default=u'Closed ${year}',
mapping=dict(year=str(year)))
# --- / help i18ndude ---
folder_title = translate(str(msg), msg.domain, msg.mapping,
context=inbox.REQUEST, default=msg.default)
folder = createContentInContainer(
inbox, 'opengever.inbox.yearfolder',
title=folder_title, id=year)
except:
AccessControl.SecurityManagement.setSecurityManager(_sm)
raise
else:
AccessControl.SecurityManagement.setSecurityManager(_sm)
return folder示例3: __enter__
def __enter__(self):
assert self._original_security is None
self._original_security = AccessControl.getSecurityManager()
_system_user = AccessControl.SecurityManagement.SpecialUsers.system
AccessControl.SecurityManagement.newSecurityManager(None, _system_user)示例4: is_already_done
def is_already_done(self, transition, text):
"""This method returns `True` if this exact request was already
executed.
This is the case when the sender client has a conflict error when
committing and the sender-request needs to be re-done. In this case
this view is called another time but the changes were already made
and committed - so we need to return "OK" and do nothing.
"""
response_container = IResponseContainer(self.context)
if len(response_container) == 0:
return False
last_response = response_container[-1]
current_user = AccessControl.getSecurityManager().getUser()
if (
last_response.transition == transition
and last_response.creator == current_user.getId()
and last_response.text == text
):
return True
else:
return False示例5: setUp
def setUp(self):
"""Shared test environment set-up, ran before every test."""
portal = self.portal = self.layer['portal']
portal._setObject('hpm', HasProtectedMethods('hpm'))
sm = AccessControl.getSecurityManager()
sm._policy._verbose = 1
for role in ('Member', 'VIP', 'Manager'):
portal._addRole(role)
for permission, roles in role_mapping:
portal.manage_permission(permission, roles, 1)
api.user.create(
username='boss',
email='[email protected]',
password='123',
roles=('Member', 'VIP')
)
self._old_sm = AccessControl.SecurityManagement.getSecurityManager()
AccessControl.SecurityManagement.newSecurityManager(
self.portal.REQUEST,
self.portal.acl_users.getUser('boss'),
)示例6: participate_user
def participate_user(self):
"""Participates `self.user` on `self.context`.
"""
local_roles = dict(self.context.get_local_roles())
# get all current local roles of the user on this context
user_roles = list(local_roles.get(self.member.getId(), []))
user_roles.extend(self.roles())
# make the roles unique
user_roles = dict(zip(user_roles, user_roles)).keys()
# Set the local roles with the security of the inviter. If
# he has no longer permissions on this context this will
# fail.
_old_security_manager = AccessControl.getSecurityManager()
_new_user = self.context.acl_users.getUserById(
self.invitation.inviter)
AccessControl.SecurityManagement.newSecurityManager(
self.request, _new_user)
try:
self.context.manage_setLocalRoles(self.member.getId(),
user_roles)
self.context.reindexObjectSecurity()
except:
AccessControl.SecurityManagement.setSecurityManager(
_old_security_manager)
raise
else:
AccessControl.SecurityManagement.setSecurityManager(
_old_security_manager)示例7: get_visible_groups
def get_visible_groups(self):
# get the top level site ID to use with the cache
site_root = self.context.site_root()
top_level_site_id = site_root.getId()
user = AccessControl.getSecurityManager().getUser()
userId = user.getId()
groups = '-'.join(user.getGroups())
key = '-'.join((top_level_site_id, self.siteInfo.id, groups))
if self.siteUserVisibleGroupsIds.has_key(key): # lint:ok
visibleGroupsIds = self.siteUserVisibleGroupsIds.get(key)
visibleGroups = []
for groupId in visibleGroupsIds:
try:
visibleGroups.append(getattr(self.groupsObj, groupId))
except:
log.warn("trouble adding '%s' to visible groups" % groupId)
else:
top = time.time()
visibleGroups = self.__visible_groups_for_current_user()
visibleGroupsIds = [group.getId() for group in visibleGroups]
self.siteUserVisibleGroupsIds.add(key, visibleGroupsIds)
bottom = time.time()
log.debug("Generated visible-groups for (%s) on %s (%s) in "
"%.2fms" % (userId, self.siteInfo.name,
self.siteInfo.id, (bottom - top) * 1000.0))
assert type(visibleGroups) == list, "visibleGroups is not a list"
return visibleGroups示例8: __visible_groups_for_current_user
def __visible_groups_for_current_user(self):
securityManager = AccessControl.getSecurityManager()
allGroups = self.get_all_groups()
# Quite a simple process, really: itterate through all the groups,
# checking to see if the "messages" instance is visible.
visibleGroups = []
for group in allGroups:
# AM: "Visible groups" should really be: groups which a user
# is a member of, public groups, and private groups.
# Therefore, we should only be checking the visibility of the
# group, not of the messages.
#
# A separate method ("visible messages" or similar) should be
# used to determine what messages and files should be included
# in search results (and in turn, latest topics and files on a
# site homepage) should be shown to users.
# **HOWEVER** at this point in time, we do not make a
# distinction. Therefore, to preserve security, we define
# "visible groups" very restrictively.
if (hasattr(group, 'messages')
and securityManager.checkPermission('View', group)
and securityManager.checkPermission(
'View', group.aq_explicit.messages)):
visibleGroups.append(group)
assert type(visibleGroups) == list
return visibleGroups示例9: member_groups
def member_groups(self):
user = AccessControl.getSecurityManager().getUser()
memberGroups = self.groupsInfo.get_member_groups_for_user(user, user)
if self.maxGroupsToDisplay:
memberGroups = memberGroups[:self.maxGroupsToDisplay]
groups = map(IGSGroupInfo, memberGroups)
return groups示例10: getTransitionVocab
def getTransitionVocab(context):
if AccessControl.getSecurityManager(
).getUser() == AccessControl.SpecialUsers.nobody:
return SimpleVocabulary([])
wftool = getToolByName(context, 'portal_workflow')
transitions = []
if opengever.task.task.ITask.providedBy(context) and \
context.REQUEST.URL.find('++add++opengever.task.task') == -1:
for tdef in wftool.getTransitionsFor(context):
transitions.append(SimpleVocabulary.createTerm(
tdef['id'],
tdef['id'],
PMF(tdef['id'], default=tdef['title_or_id'])))
return SimpleVocabulary(transitions)
else:
wf = wftool.get(wftool.getChainForPortalType('opengever.task.task')[0])
state = wf.states.get(wf.initial_state)
for tid in state.transitions:
tdef = wf.transitions.get(tid, None)
transitions.append(SimpleVocabulary.createTerm(
tdef.id,
tdef.id,
PMF(tdef.id, default=tdef.title_or_id)))
return SimpleVocabulary(transitions)示例11: update_cache
def update_cache(self, xslt_obj, source, result, anonymous_only=1):
""" Update the page cache, based on several conditions.
"""
import time, md5, AccessControl
sm = AccessControl.getSecurityManager()
user_id = sm.getUser().getId()
if anonymous_only and user_id != None:
return 0
checksum = md5.new(source).hexdigest()
page_cache = getattr(self, '_page_cache', OOBTree())
# create the cache file name -- include the user_id, primarily for
# debugging
xid = xslt_obj.getId()
cache_fname = '%s_%s_%s' % (xid, user_id, checksum)
cachekey = '%s%s' % (xid, checksum)
if user_id == None:
page_cache[cachekey] = (cache_fname, time.time(), 0)
else:
page_cache[cachekey] = (cache_fname, time.time(), 1)
cache_file = file('%s/%s' % (self.cache_dir, cache_fname), 'w+')
cache_file.write(result)
cache_file.close()
self._page_cache = page_cache
return 1示例12: attachable_documents_vocabulary
def attachable_documents_vocabulary(context):
terms = []
user = AccessControl.getSecurityManager().getUser()
if user == AccessControl.SpecialUsers.nobody:
return SimpleVocabulary(terms)
intids = getUtility(IIntIds)
ids = []
for doc in context.getFolderContents(
full_objects=True,
contentFilter={'portal_type': ['opengever.document.document',
'ftw.mail.mail']}):
key = str(intids.getId(doc))
label = doc.Title()
terms.append(SimpleVocabulary.createTerm(key, key, label))
ids.append(key)
for relation in getattr(context, 'relatedItems', []):
key = str(relation.to_id)
# check if the task doesn't contain the related document allready
if key in ids:
continue
label = relation.to_object.Title()
terms.append(SimpleVocabulary.createTerm(key, key, label))
return SimpleVocabulary(terms)示例13: checkPermission
def checkPermission(permission, context=None):
"""
Return true if the current user has the specified permission on the given
context or the dmd; otherwise, return false.
"""
manager = AccessControl.getSecurityManager()
context = context or get_dmd()
return manager.checkPermission(permission, context)示例14: __call__
def __call__(self, *args, **kwargs):
"""Add the zope user to the security context, as done in
PageTemplateFile"""
if not kwargs.has_key('args'):
kwargs['args'] = args
bound_names = {'options': kwargs}
security = AccessControl.getSecurityManager()
bound_names['user'] = security.getUser()
return self.pt_render(extra_context=bound_names)示例15: configure_zope
def configure_zope(config_filename, debug_mode=False):
"""Read zope.conf with zdaemon^Wzcrap.
"""
from Zope2.Startup import options, handlers
import AccessControl
del sys.argv[1:]
opts = options.ZopeOptions()
opts.configfile = config_filename
opts.realize(raise_getopt_errs=0)
handlers.handleConfig(opts.configroot, opts.confighandlers)
AccessControl.setImplementation(
opts.configroot.security_policy_implementation)
AccessControl.setDefaultBehaviors(
not opts.configroot.skip_ownership_checking,
not opts.configroot.skip_authentication_checking,
opts.configroot.verbose_security)
App.config.setConfiguration(opts.configroot)
set_zope_debug_mode(debug_mode)