Mercurial > p > roundup > code
annotate roundup/security.py @ 8472:224ccb8b49ca
refactor: change some classes to use __slots__
Speed up access to and reduce size of some low level classes. A few
classes in security.py, rest.py are heavily used. But for all, it
prevents adding random properties to lower level classes that people
shouldn't be mucking with. While doing this I found some test cases
accessing an invalid property name and this change caused the cases to
crash.
admin.py:
Use new method Role.props_dict() and Permission.props_dict() where
original code just referenced __dict__ when printing Role/Permission.
mlink_expr.py:
Add slots to multiple classes.
Classes Binary and Unary set real properties/attributes. Classes that
inherit from them (Equals, Empty, Not, Or, And) define empty slots
tuple to eliminate need for __dict__.
Class Expression also gets a slot.
rate_limit.py:
RateLimit and Gcra classes get slots.
A couple of pep8 fixes: sort imports, remove trailing spaces on a
line, remove unused noqa comment.
rest.py:
Add slots to class SimulateFieldStorageFromJson and FsValue
classes. The memory savings from this could be useful as well as
speedier access to the attributes.
security.py:
Add slots to Permission class. To prevent conflict between slot
limit_perm_to_props_only and the class variable of the same name,
rename the class variable to limit_perm_to_props_only_default.
Also define method props_dict() to allow other code to get a dict to
iterate over when checking permissions.
Add slots to class Role along with props_dict() method.
Add slots to class Security. Also have to add explicit __dict__ slot
to support test override of the hasPermission() method. Add
props_dict() method, currently unused, but added for symmetry.
support.py:
TruthDict and PrioList gets slots.
test/test_cgi.py:
Fix incorrect setting of permission property. Was setting
permissions. So testing may not have been doing what we thought it
was. Multiple places found with this typo.
Remove setting of permissions in some places where it should
have no effect on the test and looks like it was just copypasta.
test/test_xmlrpc.py
Remove setting of permissions in some places where it should
have no effect on the test and looks like it was just copypasta.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Mon, 03 Nov 2025 00:13:04 -0500 |
| parents | 43899d99fc4d |
| children | 19152fd94fcf |
| rev | line source |
|---|---|
|
2005
fc52d57c6c3e
documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents:
1644
diff
changeset
|
1 """Handle the security declarations used in Roundup trackers. |
|
fc52d57c6c3e
documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents:
1644
diff
changeset
|
2 """ |
|
fc52d57c6c3e
documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents:
1644
diff
changeset
|
3 __docformat__ = 'restructuredtext' |
|
fc52d57c6c3e
documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents:
1644
diff
changeset
|
4 |
|
8299
43899d99fc4d
refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents:
8294
diff
changeset
|
5 import logging |
|
902
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
6 import weakref |
|
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
7 |
|
2983
9614a101b68f
Stuff from the train ride this morning:
Richard Jones <richard@users.sourceforge.net>
parents:
2834
diff
changeset
|
8 from roundup import hyperdb, support |
|
902
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
9 |
|
5196
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
10 logger = logging.getLogger('roundup.security') |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
11 |
|
6012
06e6bc21b67e
flake8 changes whitepace and formatting
John Rouillard <rouilj@ieee.org>
parents:
5414
diff
changeset
|
12 |
|
908
a8d80ffe37cc
Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents:
905
diff
changeset
|
13 class Permission: |
|
a8d80ffe37cc
Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents:
905
diff
changeset
|
14 ''' Defines a Permission with the attributes |
|
a8d80ffe37cc
Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents:
905
diff
changeset
|
15 - name |
|
a8d80ffe37cc
Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents:
905
diff
changeset
|
16 - description |
|
a8d80ffe37cc
Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents:
905
diff
changeset
|
17 - klass (optional) |
|
2983
9614a101b68f
Stuff from the train ride this morning:
Richard Jones <richard@users.sourceforge.net>
parents:
2834
diff
changeset
|
18 - properties (optional) |
|
2652
281beec48408
add note about new functionality to Permission class docstring;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
2649
diff
changeset
|
19 - check function (optional) |
|
5196
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
20 - props_only (optional, internal field is limit_perm_to_props_only) |
|
8472
224ccb8b49ca
refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents:
8299
diff
changeset
|
21 default value taken from Permission.limit_perm_to_props_only_default. |
|
8125
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
22 - filter function (optional) returns filter arguments for |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
23 determining which records are visible by the user. The filter |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
24 function comes into play when determining if a set of nodes |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
25 found via a filter call of a class can be seen by the user -- |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
26 the normal way would be to call the permissions for each item |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
27 found, the filter call performs this on the database for all |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
28 nodes. |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
29 Signature of the filter function: |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
30 filter(db, userid, klass) |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
31 The filter must return a list of dictionaries with filter parameters. |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
32 Note that sort and group parameters of the filter call should |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
33 not be set by filter method (they will be overwritten) and the |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
34 parameter search_matches must not be set. |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
35 An empty list returned means no access for this filter method. |
|
902
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
36 |
|
908
a8d80ffe37cc
Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents:
905
diff
changeset
|
37 The klass may be unset, indicating that this permission is not |
|
902
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
38 locked to a particular class. That means there may be multiple |
|
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
39 Permissions for the same name for different classes. |
|
2652
281beec48408
add note about new functionality to Permission class docstring;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
2649
diff
changeset
|
40 |
|
2983
9614a101b68f
Stuff from the train ride this morning:
Richard Jones <richard@users.sourceforge.net>
parents:
2834
diff
changeset
|
41 If property names are set, permission is restricted to those |
|
9614a101b68f
Stuff from the train ride this morning:
Richard Jones <richard@users.sourceforge.net>
parents:
2834
diff
changeset
|
42 properties only. |
|
2652
281beec48408
add note about new functionality to Permission class docstring;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
2649
diff
changeset
|
43 |
|
281beec48408
add note about new functionality to Permission class docstring;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
2649
diff
changeset
|
44 If check function is set, permission is granted only when |
|
281beec48408
add note about new functionality to Permission class docstring;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
2649
diff
changeset
|
45 the function returns value interpreted as boolean true. |
|
281beec48408
add note about new functionality to Permission class docstring;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
2649
diff
changeset
|
46 The function is called with arguments db, userid, itemid. |
|
5196
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
47 |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
48 When the system checks klass permission rather than the klass |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
49 property permission (i.e. properties=None and item=None), it |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
50 will apply any permission that matches on permission name and |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
51 class. If the permission has a check function, the check |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
52 function will be run. By making the permission valid only for |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
53 properties using props_only=True the permission will be |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
54 skipped. You can set the default value for props_only for all |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
55 properties by calling: |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
56 |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
57 db.security.set_props_only_default() |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
58 |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
59 with a True or False value. |
|
902
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
60 ''' |
|
5196
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
61 |
|
8472
224ccb8b49ca
refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents:
8299
diff
changeset
|
62 __slots__ = ( |
|
224ccb8b49ca
refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents:
8299
diff
changeset
|
63 "_properties_dict", |
|
224ccb8b49ca
refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents:
8299
diff
changeset
|
64 "check", |
|
224ccb8b49ca
refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents:
8299
diff
changeset
|
65 "check_version", |
|
224ccb8b49ca
refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents:
8299
diff
changeset
|
66 "description", |
|
224ccb8b49ca
refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents:
8299
diff
changeset
|
67 "filter", |
|
224ccb8b49ca
refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents:
8299
diff
changeset
|
68 "klass", |
|
224ccb8b49ca
refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents:
8299
diff
changeset
|
69 "limit_perm_to_props_only", |
|
224ccb8b49ca
refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents:
8299
diff
changeset
|
70 "name", |
|
224ccb8b49ca
refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents:
8299
diff
changeset
|
71 "properties") |
|
224ccb8b49ca
refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents:
8299
diff
changeset
|
72 |
|
224ccb8b49ca
refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents:
8299
diff
changeset
|
73 limit_perm_to_props_only_default = False |
|
5196
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
74 |
|
2649
1df7d4a41da4
Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents:
2005
diff
changeset
|
75 def __init__(self, name='', description='', klass=None, |
|
8125
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
76 properties=None, check=None, props_only=None, filter=None): |
|
5269
c94fd717e28c
Fix http://issues.roundup-tracker.org/issue2550952 make __call__
John Rouillard <rouilj@ieee.org>
parents:
5199
diff
changeset
|
77 from roundup.anypy import findargspec |
|
908
a8d80ffe37cc
Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents:
905
diff
changeset
|
78 self.name = name |
|
a8d80ffe37cc
Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents:
905
diff
changeset
|
79 self.description = description |
|
a8d80ffe37cc
Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents:
905
diff
changeset
|
80 self.klass = klass |
|
2983
9614a101b68f
Stuff from the train ride this morning:
Richard Jones <richard@users.sourceforge.net>
parents:
2834
diff
changeset
|
81 self.properties = properties |
|
9614a101b68f
Stuff from the train ride this morning:
Richard Jones <richard@users.sourceforge.net>
parents:
2834
diff
changeset
|
82 self._properties_dict = support.TruthDict(properties) |
|
2649
1df7d4a41da4
Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents:
2005
diff
changeset
|
83 self.check = check |
|
8125
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
84 self.filter = filter |
|
5196
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
85 if properties is not None: |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
86 # Set to None unless properties are defined. |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
87 # This means that: |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
88 # a=Property(name="Edit", klass="issue", check=dummy, |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
89 # props_only=True) |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
90 # b=Property(name="Edit", klass="issue", check=dummy, |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
91 # props_only=False) |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
92 # a == b will be true. |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
93 if props_only is None: |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
94 self.limit_perm_to_props_only = \ |
|
8472
224ccb8b49ca
refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents:
8299
diff
changeset
|
95 Permission.limit_perm_to_props_only_default |
|
5196
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
96 else: |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
97 # see note on use of bool() in set_props_only_default() |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
98 self.limit_perm_to_props_only = bool(props_only) |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
99 else: |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
100 self.limit_perm_to_props_only = None |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
101 |
|
5186
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5128
diff
changeset
|
102 if check is None: |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5128
diff
changeset
|
103 self.check_version = 0 |
| 8155 | 104 if filter is not None: |
| 105 if klass is None: | |
| 106 s = "Definition of a filter function" \ | |
| 107 " needs a check function if no klass is given" | |
| 108 raise ValueError(s) | |
| 109 self.check = self.check_factory(klass, filter) | |
| 110 self.check_version = 1 | |
|
5186
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5128
diff
changeset
|
111 else: |
|
6012
06e6bc21b67e
flake8 changes whitepace and formatting
John Rouillard <rouilj@ieee.org>
parents:
5414
diff
changeset
|
112 args = findargspec.findargspec(check) |
|
5269
c94fd717e28c
Fix http://issues.roundup-tracker.org/issue2550952 make __call__
John Rouillard <rouilj@ieee.org>
parents:
5199
diff
changeset
|
113 # args[2] is the keywords argument. Leave it as a subscript and |
|
c94fd717e28c
Fix http://issues.roundup-tracker.org/issue2550952 make __call__
John Rouillard <rouilj@ieee.org>
parents:
5199
diff
changeset
|
114 # do not use named tuple reference as names change in python 3. |
|
5186
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5128
diff
changeset
|
115 # If there is a **parameter defined in the function spec, the |
|
5269
c94fd717e28c
Fix http://issues.roundup-tracker.org/issue2550952 make __call__
John Rouillard <rouilj@ieee.org>
parents:
5199
diff
changeset
|
116 # value of the 3rd argument (2nd index) in the tuple is not None. |
|
5186
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5128
diff
changeset
|
117 if args[2] is None: |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5128
diff
changeset
|
118 # function definition is function(db, userid, itemid) |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5128
diff
changeset
|
119 self.check_version = 1 |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5128
diff
changeset
|
120 else: |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5128
diff
changeset
|
121 # function definition is function(db, userid, itemid, **other) |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5128
diff
changeset
|
122 self.check_version = 2 |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5128
diff
changeset
|
123 |
| 8155 | 124 def check_factory(self, klass, filter_function): |
| 125 """ When a Permission defines a filter function but no check | |
| 126 function, we manufacture a check function here | |
| 127 """ | |
| 128 def check(db, userid, itemid): | |
| 129 cls = db.getclass(klass) | |
| 130 args = filter_function(db, userid, cls) | |
| 131 for a in args: | |
| 132 if cls.filter([itemid], **a): | |
| 133 return True | |
|
8299
43899d99fc4d
refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents:
8294
diff
changeset
|
134 return False |
|
43899d99fc4d
refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents:
8294
diff
changeset
|
135 |
| 8155 | 136 return check |
| 137 | |
|
8472
224ccb8b49ca
refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents:
8299
diff
changeset
|
138 def props_dict(self): |
|
224ccb8b49ca
refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents:
8299
diff
changeset
|
139 return {name: getattr(self, name) for name in self.__slots__} |
|
224ccb8b49ca
refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents:
8299
diff
changeset
|
140 |
|
2649
1df7d4a41da4
Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents:
2005
diff
changeset
|
141 def test(self, db, permission, classname, property, userid, itemid): |
|
5196
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
142 ''' Test permissions 5 args: |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
143 permission - string like Edit, Register etc. Required, no wildcard. |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
144 classname - string like issue, msg etc. Can be None to match any |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
145 class. |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
146 property - array of strings that are property names. Optional. |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
147 if None this is an item or klass access check. |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
148 userid - number that is id for user. |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
149 itemid - id for classname. e.g. 3 in issue3. If missing this is |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
150 a class access check, otherwies it's a object access check. |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
151 ''' |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
152 |
|
2649
1df7d4a41da4
Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents:
2005
diff
changeset
|
153 if permission != self.name: |
|
1df7d4a41da4
Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents:
2005
diff
changeset
|
154 return 0 |
|
1df7d4a41da4
Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents:
2005
diff
changeset
|
155 |
|
1df7d4a41da4
Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents:
2005
diff
changeset
|
156 # are we checking the correct class |
|
3535
75dc225613cc
fix security check for hasPermission(Permission, None)
Richard Jones <richard@users.sourceforge.net>
parents:
3117
diff
changeset
|
157 if self.klass is not None and self.klass != classname: |
|
2649
1df7d4a41da4
Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents:
2005
diff
changeset
|
158 return 0 |
|
1df7d4a41da4
Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents:
2005
diff
changeset
|
159 |
|
1df7d4a41da4
Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents:
2005
diff
changeset
|
160 # what about property? |
|
8139
de58ff07890e
Rename parameter of hasPermission
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8131
diff
changeset
|
161 # Note that _properties_dict always returns True if it was |
|
de58ff07890e
Rename parameter of hasPermission
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8131
diff
changeset
|
162 # initialized with empty properties |
|
2983
9614a101b68f
Stuff from the train ride this morning:
Richard Jones <richard@users.sourceforge.net>
parents:
2834
diff
changeset
|
163 if property is not None and not self._properties_dict[property]: |
|
2649
1df7d4a41da4
Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents:
2005
diff
changeset
|
164 return 0 |
|
1df7d4a41da4
Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents:
2005
diff
changeset
|
165 |
|
5196
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
166 # is this a props_only permission and permissions are set |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
167 if property is None and self.properties is not None and \ |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
168 self.limit_perm_to_props_only: |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
169 return 0 |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
170 |
|
2649
1df7d4a41da4
Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents:
2005
diff
changeset
|
171 # check code |
|
3117
460eb0209a9e
Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents:
3115
diff
changeset
|
172 if itemid is not None and self.check is not None: |
|
5186
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5128
diff
changeset
|
173 if self.check_version == 1: |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5128
diff
changeset
|
174 if not self.check(db, userid, itemid): |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5128
diff
changeset
|
175 return 0 |
|
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5128
diff
changeset
|
176 elif self.check_version == 2: |
|
6012
06e6bc21b67e
flake8 changes whitepace and formatting
John Rouillard <rouilj@ieee.org>
parents:
5414
diff
changeset
|
177 if not self.check(db, userid, itemid, property=property, |
|
06e6bc21b67e
flake8 changes whitepace and formatting
John Rouillard <rouilj@ieee.org>
parents:
5414
diff
changeset
|
178 permission=permission, classname=classname): |
|
5186
36630a062fb5
Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents:
5128
diff
changeset
|
179 return 0 |
|
2649
1df7d4a41da4
Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents:
2005
diff
changeset
|
180 |
|
1df7d4a41da4
Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents:
2005
diff
changeset
|
181 # we have a winner |
|
1df7d4a41da4
Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents:
2005
diff
changeset
|
182 return 1 |
|
908
a8d80ffe37cc
Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents:
905
diff
changeset
|
183 |
|
4438
222efa59ee6c
search permissions must allow transitive properties
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4437
diff
changeset
|
184 def searchable(self, classname, property): |
|
4437
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
185 """ A Permission is searchable for the given permission if it |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
186 doesn't include a check method and otherwise matches the |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
187 given parameters. |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
188 """ |
|
4438
222efa59ee6c
search permissions must allow transitive properties
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4437
diff
changeset
|
189 if self.name not in ('View', 'Search'): |
|
4437
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
190 return 0 |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
191 |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
192 # are we checking the correct class |
|
4443
9edbab31e2ac
- admin permissions are special:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4438
diff
changeset
|
193 if self.klass is not None and self.klass != classname: |
|
4437
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
194 return 0 |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
195 |
|
8131
8e9181dfc9fa
Fix searchable checks in roundup/security.py
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8125
diff
changeset
|
196 # Do not allow access if we have a check method |
|
8e9181dfc9fa
Fix searchable checks in roundup/security.py
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8125
diff
changeset
|
197 if self.check: |
|
8e9181dfc9fa
Fix searchable checks in roundup/security.py
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8125
diff
changeset
|
198 return 0 |
|
8e9181dfc9fa
Fix searchable checks in roundup/security.py
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8125
diff
changeset
|
199 |
|
4437
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
200 # what about property? |
|
8139
de58ff07890e
Rename parameter of hasPermission
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8131
diff
changeset
|
201 # Note that _properties_dict always returns True if it was |
|
de58ff07890e
Rename parameter of hasPermission
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8131
diff
changeset
|
202 # initialized with empty properties |
|
4437
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
203 if not self._properties_dict[property]: |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
204 return 0 |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
205 |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
206 return 1 |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
207 |
|
908
a8d80ffe37cc
Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents:
905
diff
changeset
|
208 def __repr__(self): |
|
6012
06e6bc21b67e
flake8 changes whitepace and formatting
John Rouillard <rouilj@ieee.org>
parents:
5414
diff
changeset
|
209 return '<Permission 0x%x %r,%r,%r,%r,%r>' % (id(self), self.name, |
|
5196
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
210 self.klass, self.properties, self.check, |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
211 self.limit_perm_to_props_only) |
|
902
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
212 |
|
5414
3fa026621f69
Python 3 preparation: comparisons.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5395
diff
changeset
|
213 def __eq__(self, other): |
|
3117
460eb0209a9e
Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents:
3115
diff
changeset
|
214 if self.name != other.name: |
|
5414
3fa026621f69
Python 3 preparation: comparisons.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5395
diff
changeset
|
215 return False |
|
3117
460eb0209a9e
Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents:
3115
diff
changeset
|
216 |
|
5414
3fa026621f69
Python 3 preparation: comparisons.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5395
diff
changeset
|
217 if self.klass != other.klass: return False |
|
3fa026621f69
Python 3 preparation: comparisons.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5395
diff
changeset
|
218 if self.properties != other.properties: return False |
|
3fa026621f69
Python 3 preparation: comparisons.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5395
diff
changeset
|
219 if self.check != other.check: return False |
|
5196
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
220 if self.limit_perm_to_props_only != \ |
|
6012
06e6bc21b67e
flake8 changes whitepace and formatting
John Rouillard <rouilj@ieee.org>
parents:
5414
diff
changeset
|
221 other.limit_perm_to_props_only: return False |
|
3117
460eb0209a9e
Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents:
3115
diff
changeset
|
222 |
|
460eb0209a9e
Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents:
3115
diff
changeset
|
223 # match |
|
5414
3fa026621f69
Python 3 preparation: comparisons.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5395
diff
changeset
|
224 return True |
|
3fa026621f69
Python 3 preparation: comparisons.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5395
diff
changeset
|
225 |
|
3fa026621f69
Python 3 preparation: comparisons.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5395
diff
changeset
|
226 def __ne__(self, other): |
|
3fa026621f69
Python 3 preparation: comparisons.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5395
diff
changeset
|
227 return not self.__eq__(other) |
|
3117
460eb0209a9e
Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents:
3115
diff
changeset
|
228 |
|
6012
06e6bc21b67e
flake8 changes whitepace and formatting
John Rouillard <rouilj@ieee.org>
parents:
5414
diff
changeset
|
229 def __getitem__(self, index): |
|
5196
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
230 return (self.name, self.klass, self.properties, self.check, |
|
6012
06e6bc21b67e
flake8 changes whitepace and formatting
John Rouillard <rouilj@ieee.org>
parents:
5414
diff
changeset
|
231 self.limit_perm_to_props_only)[index] |
|
06e6bc21b67e
flake8 changes whitepace and formatting
John Rouillard <rouilj@ieee.org>
parents:
5414
diff
changeset
|
232 |
|
5196
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
233 |
|
908
a8d80ffe37cc
Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents:
905
diff
changeset
|
234 class Role: |
|
a8d80ffe37cc
Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents:
905
diff
changeset
|
235 ''' Defines a Role with the attributes |
|
a8d80ffe37cc
Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents:
905
diff
changeset
|
236 - name |
|
a8d80ffe37cc
Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents:
905
diff
changeset
|
237 - description |
|
a8d80ffe37cc
Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents:
905
diff
changeset
|
238 - permissions |
|
902
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
239 ''' |
|
8472
224ccb8b49ca
refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents:
8299
diff
changeset
|
240 |
|
224ccb8b49ca
refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents:
8299
diff
changeset
|
241 __slots__ = ("_permissions", "description", "name") |
|
224ccb8b49ca
refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents:
8299
diff
changeset
|
242 |
|
908
a8d80ffe37cc
Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents:
905
diff
changeset
|
243 def __init__(self, name='', description='', permissions=None): |
|
1512
9b93d140b8e6
role names made case insensitive
Andrey Lebedev <kedder@users.sourceforge.net>
parents:
1218
diff
changeset
|
244 self.name = name.lower() |
|
908
a8d80ffe37cc
Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents:
905
diff
changeset
|
245 self.description = description |
|
8119
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
246 # This is a dict of permission names each containing a dict of |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
247 # *class names*, with a special entry for non-class permissions |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
248 # where the key is None. In each class dict we have a dictionary |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
249 # with the values True and False for permission with and without |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
250 # a check method. These dicts each contain a list of permissions. |
|
908
a8d80ffe37cc
Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents:
905
diff
changeset
|
251 if permissions is None: |
|
8119
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
252 self._permissions = {} |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
253 elif isinstance(permissions, list): |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
254 self._permissions = {} |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
255 for p in permissions: |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
256 self.addPermission(p) |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
257 else: |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
258 raise ValueError("Invalid permissions for Role: %s" % permissions) |
|
908
a8d80ffe37cc
Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents:
905
diff
changeset
|
259 |
|
a8d80ffe37cc
Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents:
905
diff
changeset
|
260 def __repr__(self): |
|
8119
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
261 pl = self.permission_list() |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
262 return '<Role 0x%x %r,%r>' % (id(self), self.name, pl) |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
263 |
|
8299
43899d99fc4d
refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents:
8294
diff
changeset
|
264 def addPermission(self, *permissions): |
|
8119
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
265 for p in permissions: |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
266 pn = p.name |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
267 self._permissions.setdefault(pn, {}) |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
268 cn = p.klass |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
269 if p.klass not in self._permissions[pn]: |
|
8299
43899d99fc4d
refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents:
8294
diff
changeset
|
270 self._permissions[pn][cn] = {False: [], True: []} |
|
8119
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
271 self._permissions[pn][cn][bool(p.check)].append(p) |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
272 |
|
8299
43899d99fc4d
refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents:
8294
diff
changeset
|
273 def filter_iter(self, permission, classname): |
|
8125
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
274 """ Loop over all permissions for the current role on the class |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
275 with a check method (and props_only False). |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
276 """ |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
277 if permission not in self._permissions: |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
278 return |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
279 for c in (None, classname): |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
280 if c not in self._permissions[permission]: |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
281 continue |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
282 perms = self._permissions[permission][c][True] |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
283 for p in perms: |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
284 if p.limit_perm_to_props_only and p.properties: |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
285 continue |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
286 yield p |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
287 |
|
8299
43899d99fc4d
refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents:
8294
diff
changeset
|
288 def hasPermission(self, db, perm, uid, classname, property, itemid, chk): |
|
8119
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
289 # if itemid is given a classname must, too, checked in caller |
|
8294
302c797756e6
fix: issue2550962. remove assert in Role::hasPermission
John Rouillard <rouilj@ieee.org>
parents:
8155
diff
changeset
|
290 if itemid and classname is None: |
|
302c797756e6
fix: issue2550962. remove assert in Role::hasPermission
John Rouillard <rouilj@ieee.org>
parents:
8155
diff
changeset
|
291 raise ValueError('classname must accompany itemid') |
|
302c797756e6
fix: issue2550962. remove assert in Role::hasPermission
John Rouillard <rouilj@ieee.org>
parents:
8155
diff
changeset
|
292 |
|
8119
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
293 perms = self._permissions |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
294 if perm not in perms: |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
295 return False |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
296 # If we have a classname we also need to check permission with |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
297 # an empty classname (e.g. 'admin' has access on everything) |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
298 if classname is not None and None in perms[perm]: |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
299 for p in perms[perm][None][chk]: |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
300 # permission match? |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
301 if p.test(db, perm, classname, property, uid, itemid): |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
302 return True |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
303 if classname not in perms[perm]: |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
304 return False |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
305 for p in perms[perm][classname][chk]: |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
306 # permission match? |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
307 if p.test(db, perm, classname, property, uid, itemid): |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
308 return True |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
309 |
|
8299
43899d99fc4d
refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents:
8294
diff
changeset
|
310 return False |
|
43899d99fc4d
refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents:
8294
diff
changeset
|
311 |
|
43899d99fc4d
refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents:
8294
diff
changeset
|
312 def permission_list(self): |
|
8119
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
313 """ Used for reporting in admin tool """ |
|
8299
43899d99fc4d
refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents:
8294
diff
changeset
|
314 perm_list = [] |
|
8119
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
315 for p in self._permissions: |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
316 for c in self._permissions[p]: |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
317 for cond in (False, True): |
|
8299
43899d99fc4d
refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents:
8294
diff
changeset
|
318 perm_list.extend(self._permissions[p][c][cond]) |
|
43899d99fc4d
refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents:
8294
diff
changeset
|
319 perm_list.sort(key=lambda x: (x.klass or '', x.name)) |
|
43899d99fc4d
refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents:
8294
diff
changeset
|
320 return perm_list |
|
8119
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
321 |
|
8472
224ccb8b49ca
refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents:
8299
diff
changeset
|
322 def props_dict(self): |
|
224ccb8b49ca
refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents:
8299
diff
changeset
|
323 return {name: getattr(self, name) for name in self.__slots__} |
|
224ccb8b49ca
refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents:
8299
diff
changeset
|
324 |
|
8299
43899d99fc4d
refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents:
8294
diff
changeset
|
325 def searchable(self, classname, propname): |
|
43899d99fc4d
refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents:
8294
diff
changeset
|
326 for perm_name in 'View', 'Search': |
|
8119
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
327 # Only permissions without a check method |
|
8299
43899d99fc4d
refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents:
8294
diff
changeset
|
328 if perm_name not in self._permissions: |
|
8119
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
329 continue |
|
8299
43899d99fc4d
refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents:
8294
diff
changeset
|
330 perms = self._permissions[perm_name] |
|
43899d99fc4d
refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents:
8294
diff
changeset
|
331 if classname not in perms and None not in perms: |
|
8119
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
332 continue |
|
8299
43899d99fc4d
refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents:
8294
diff
changeset
|
333 if None in perms: |
|
43899d99fc4d
refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents:
8294
diff
changeset
|
334 for p in perms[None][False]: |
|
8131
8e9181dfc9fa
Fix searchable checks in roundup/security.py
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8125
diff
changeset
|
335 if p.searchable(classname, propname): |
|
8e9181dfc9fa
Fix searchable checks in roundup/security.py
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8125
diff
changeset
|
336 return True |
|
8299
43899d99fc4d
refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents:
8294
diff
changeset
|
337 if classname in perms: |
|
43899d99fc4d
refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents:
8294
diff
changeset
|
338 for p in perms[classname][False]: |
|
8131
8e9181dfc9fa
Fix searchable checks in roundup/security.py
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8125
diff
changeset
|
339 if p.searchable(classname, propname): |
|
8e9181dfc9fa
Fix searchable checks in roundup/security.py
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8125
diff
changeset
|
340 return True |
|
8299
43899d99fc4d
refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents:
8294
diff
changeset
|
341 return False |
|
6012
06e6bc21b67e
flake8 changes whitepace and formatting
John Rouillard <rouilj@ieee.org>
parents:
5414
diff
changeset
|
342 |
|
902
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
343 |
|
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
344 class Security: |
|
8472
224ccb8b49ca
refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents:
8299
diff
changeset
|
345 |
|
224ccb8b49ca
refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents:
8299
diff
changeset
|
346 # __dict__ is needed to allow mocking of db.security.hasPermission |
|
224ccb8b49ca
refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents:
8299
diff
changeset
|
347 # in test/test_templating.py. Define slots for properties used in |
|
224ccb8b49ca
refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents:
8299
diff
changeset
|
348 # production to increase speed. |
|
224ccb8b49ca
refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents:
8299
diff
changeset
|
349 __slots__ = ("__dict__", "db", "permission", "role") |
|
224ccb8b49ca
refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents:
8299
diff
changeset
|
350 |
|
902
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
351 def __init__(self, db): |
|
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
352 ''' Initialise the permission and role classes, and add in the |
|
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
353 base roles (for admin user). |
|
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
354 ''' |
|
908
a8d80ffe37cc
Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents:
905
diff
changeset
|
355 self.db = weakref.proxy(db) # use a weak ref to avoid circularity |
|
902
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
356 |
|
8119
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
357 # Permissions are mapped by name to a list of Permissions by class |
|
908
a8d80ffe37cc
Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents:
905
diff
changeset
|
358 self.permission = {} |
|
902
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
359 |
|
908
a8d80ffe37cc
Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents:
905
diff
changeset
|
360 # roles are mapped by name to the Role |
|
a8d80ffe37cc
Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents:
905
diff
changeset
|
361 self.role = {} |
|
902
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
362 |
|
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
363 # the default Roles |
|
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
364 self.addRole(name="User", description="A regular user, no privs") |
|
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
365 self.addRole(name="Admin", description="An admin user, full privs") |
|
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
366 self.addRole(name="Anonymous", description="An anonymous user") |
|
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
367 |
|
4088
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3535
diff
changeset
|
368 # default permissions - Admin may do anything |
|
8299
43899d99fc4d
refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents:
8294
diff
changeset
|
369 for perm_name in 'create edit restore retire view'.split(): |
|
43899d99fc4d
refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents:
8294
diff
changeset
|
370 p = self.addPermission(name=perm_name.title(), |
|
43899d99fc4d
refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents:
8294
diff
changeset
|
371 description="User may %s everything" % |
|
43899d99fc4d
refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents:
8294
diff
changeset
|
372 perm_name) |
|
4088
34434785f308
Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents:
3535
diff
changeset
|
373 self.addPermissionToRole('Admin', p) |
|
902
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
374 |
|
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
375 # initialise the permissions and roles needed for the UIs |
|
992
6003d6fa02a5
new CGI frontend support
Richard Jones <richard@users.sourceforge.net>
parents:
938
diff
changeset
|
376 from roundup.cgi import client |
|
6003d6fa02a5
new CGI frontend support
Richard Jones <richard@users.sourceforge.net>
parents:
938
diff
changeset
|
377 client.initialiseSecurity(self) |
|
938
62c49e259047
preparation for moving cgi modules around
Richard Jones <richard@users.sourceforge.net>
parents:
909
diff
changeset
|
378 from roundup import mailgw |
|
902
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
379 mailgw.initialiseSecurity(self) |
|
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
380 |
|
8125
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
381 def filter_iter(self, permission, userid, classname): |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
382 """ Loop over all permissions for the current user on the class |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
383 with a check method (and props_only False). |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
384 """ |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
385 for rolename in self.db.user.get_roles(userid): |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
386 if not rolename or (rolename not in self.role): |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
387 continue |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
388 r = self.role[rolename] |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
389 for perm in r.filter_iter(permission, classname): |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
390 yield perm |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
391 |
|
3117
460eb0209a9e
Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents:
3115
diff
changeset
|
392 def getPermission(self, permission, classname=None, properties=None, |
|
6012
06e6bc21b67e
flake8 changes whitepace and formatting
John Rouillard <rouilj@ieee.org>
parents:
5414
diff
changeset
|
393 check=None, props_only=None): |
|
905
502a5ae11cc5
Very close now. The cgi and mailgw now use the new security API.
Richard Jones <richard@users.sourceforge.net>
parents:
902
diff
changeset
|
394 ''' Find the Permission matching the name and for the class, if the |
|
502a5ae11cc5
Very close now. The cgi and mailgw now use the new security API.
Richard Jones <richard@users.sourceforge.net>
parents:
902
diff
changeset
|
395 classname is specified. |
|
502a5ae11cc5
Very close now. The cgi and mailgw now use the new security API.
Richard Jones <richard@users.sourceforge.net>
parents:
902
diff
changeset
|
396 |
|
502a5ae11cc5
Very close now. The cgi and mailgw now use the new security API.
Richard Jones <richard@users.sourceforge.net>
parents:
902
diff
changeset
|
397 Raise ValueError if there is no exact match. |
|
502a5ae11cc5
Very close now. The cgi and mailgw now use the new security API.
Richard Jones <richard@users.sourceforge.net>
parents:
902
diff
changeset
|
398 ''' |
|
5128
4058fc1ec746
replacing depricated has_key references by in to support python 3. Errors reported by python -3 roundup_server. Unit tests test_config test_security pass although test_config is a bit weak in coverage.
John Rouillard <rouilj@ieee.org>
parents:
5127
diff
changeset
|
399 if permission not in self.permission: |
|
6012
06e6bc21b67e
flake8 changes whitepace and formatting
John Rouillard <rouilj@ieee.org>
parents:
5414
diff
changeset
|
400 raise ValueError('No permission "%s" defined' % permission) |
|
909
ef9c759c243e
Fix to hasPermission, thanks Stefan Seefeld.
Richard Jones <richard@users.sourceforge.net>
parents:
908
diff
changeset
|
401 |
| 2834 | 402 if classname: |
| 403 try: | |
| 404 self.db.getclass(classname) | |
| 405 except KeyError: | |
|
6012
06e6bc21b67e
flake8 changes whitepace and formatting
John Rouillard <rouilj@ieee.org>
parents:
5414
diff
changeset
|
406 raise ValueError('No class "%s" defined' % classname) |
| 2834 | 407 |
|
909
ef9c759c243e
Fix to hasPermission, thanks Stefan Seefeld.
Richard Jones <richard@users.sourceforge.net>
parents:
908
diff
changeset
|
408 # look through all the permissions of the given name |
|
3117
460eb0209a9e
Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents:
3115
diff
changeset
|
409 tester = Permission(permission, klass=classname, properties=properties, |
|
5196
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
410 check=check, |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
411 props_only=props_only) |
|
908
a8d80ffe37cc
Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents:
905
diff
changeset
|
412 for perm in self.permission[permission]: |
|
3117
460eb0209a9e
Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents:
3115
diff
changeset
|
413 if perm == tester: |
|
908
a8d80ffe37cc
Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents:
905
diff
changeset
|
414 return perm |
|
6012
06e6bc21b67e
flake8 changes whitepace and formatting
John Rouillard <rouilj@ieee.org>
parents:
5414
diff
changeset
|
415 raise ValueError('No permission "%s" defined for "%s"' % (permission, |
|
06e6bc21b67e
flake8 changes whitepace and formatting
John Rouillard <rouilj@ieee.org>
parents:
5414
diff
changeset
|
416 classname)) |
|
905
502a5ae11cc5
Very close now. The cgi and mailgw now use the new security API.
Richard Jones <richard@users.sourceforge.net>
parents:
902
diff
changeset
|
417 |
|
2649
1df7d4a41da4
Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents:
2005
diff
changeset
|
418 def hasPermission(self, permission, userid, classname=None, |
|
8139
de58ff07890e
Rename parameter of hasPermission
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8131
diff
changeset
|
419 property=None, itemid=None, |
|
de58ff07890e
Rename parameter of hasPermission
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8131
diff
changeset
|
420 skip_permissions_with_check=False): |
|
3117
460eb0209a9e
Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents:
3115
diff
changeset
|
421 '''Look through all the Roles, and hence Permissions, and |
|
460eb0209a9e
Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents:
3115
diff
changeset
|
422 see if "permission" exists given the constraints of |
|
5196
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
423 classname, property, itemid, and props_only. |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
424 |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
425 If classname is specified (and only classname) the |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
426 search will match: |
|
3117
460eb0209a9e
Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents:
3115
diff
changeset
|
427 |
|
5196
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
428 if there is *any* Permission for that classname, and |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
429 that Permission was not created with props_only = True |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
430 |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
431 *NOTE* the Permission will match even if there are |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
432 additional constraints like a check or properties and |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
433 props_only is False. This can be unexpected. Using |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
434 props_only = True or setting the default value to True can |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
435 help prevent surprises. |
|
3117
460eb0209a9e
Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents:
3115
diff
changeset
|
436 |
|
460eb0209a9e
Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents:
3115
diff
changeset
|
437 If property is specified, the Permission matched must have |
|
460eb0209a9e
Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents:
3115
diff
changeset
|
438 either no properties listed or the property must appear in |
|
460eb0209a9e
Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents:
3115
diff
changeset
|
439 the list. |
|
460eb0209a9e
Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents:
3115
diff
changeset
|
440 |
|
460eb0209a9e
Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents:
3115
diff
changeset
|
441 If itemid is specified, the Permission matched must have |
|
460eb0209a9e
Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents:
3115
diff
changeset
|
442 either no check function defined or the check function, |
|
460eb0209a9e
Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents:
3115
diff
changeset
|
443 when invoked, must return a True value. |
|
460eb0209a9e
Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents:
3115
diff
changeset
|
444 |
|
460eb0209a9e
Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents:
3115
diff
changeset
|
445 Note that this functionality is actually implemented by the |
|
460eb0209a9e
Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents:
3115
diff
changeset
|
446 Permission.test() method. |
|
5196
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
447 |
|
902
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
448 ''' |
|
2983
9614a101b68f
Stuff from the train ride this morning:
Richard Jones <richard@users.sourceforge.net>
parents:
2834
diff
changeset
|
449 if itemid and classname is None: |
|
5378
35ea9b1efc14
Python 3 preparation: "raise" syntax.
Joseph Myers <jsm@polyomino.org.uk>
parents:
5269
diff
changeset
|
450 raise ValueError('classname must accompany itemid') |
|
8119
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
451 # for each of the user's Roles, check the permissions |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
452 # Note that checks with a check method are typically a lot more |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
453 # expensive than the ones without. So we check the ones without |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
454 # a check method first |
|
8121
2a4d0413bd20
When computing batch check class-permissions first
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8120
diff
changeset
|
455 checklist = (False, True) |
|
8139
de58ff07890e
Rename parameter of hasPermission
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8131
diff
changeset
|
456 if skip_permissions_with_check: |
|
8121
2a4d0413bd20
When computing batch check class-permissions first
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8120
diff
changeset
|
457 checklist = (False,) |
|
2a4d0413bd20
When computing batch check class-permissions first
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8120
diff
changeset
|
458 for has_check in checklist: |
|
8119
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
459 for rolename in self.db.user.get_roles(userid): |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
460 if not rolename or (rolename not in self.role): |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
461 continue |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
462 r = self.role[rolename] |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
463 v = r.hasPermission(self.db, permission, userid, classname, |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
464 property, itemid, has_check) |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
465 if v: |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
466 return v |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
467 return False |
|
902
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
468 |
|
8125
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
469 def is_filterable(self, permission, userid, classname): |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
470 """ Check if all permissions for the current user on the class |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
471 with a check method (and props_only False) also have a |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
472 filter method. We only consider permissions with props_only |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
473 set to False. Note that this will return True if there are |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
474 no permissions with a check method found, the performed |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
475 checks later will find no matching records. |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
476 """ |
|
8299
43899d99fc4d
refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents:
8294
diff
changeset
|
477 for perm in self.filter_iter(permission, userid, classname): |
|
8125
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
478 if not perm.filter: |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
479 return False |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
480 return True |
|
b358da7c89e5
Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents:
8121
diff
changeset
|
481 |
|
8472
224ccb8b49ca
refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents:
8299
diff
changeset
|
482 def props_dict(self): |
|
224ccb8b49ca
refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents:
8299
diff
changeset
|
483 return {name: getattr(self, name) for name in self.__slots__} |
|
224ccb8b49ca
refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents:
8299
diff
changeset
|
484 |
|
4444
8137456a86f3
more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4443
diff
changeset
|
485 def roleHasSearchPermission(self, classname, property, *rolenames): |
|
8137456a86f3
more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4443
diff
changeset
|
486 """ For each of the given roles, check the permissions. |
|
4438
222efa59ee6c
search permissions must allow transitive properties
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4437
diff
changeset
|
487 Property can be a transitive property. |
|
4437
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
488 """ |
|
4438
222efa59ee6c
search permissions must allow transitive properties
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4437
diff
changeset
|
489 # Note: break from inner loop means "found" |
|
222efa59ee6c
search permissions must allow transitive properties
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4437
diff
changeset
|
490 # break from outer loop means "not found" |
|
4444
8137456a86f3
more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4443
diff
changeset
|
491 cn = classname |
|
8137456a86f3
more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4443
diff
changeset
|
492 prev = None |
|
8137456a86f3
more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4443
diff
changeset
|
493 prop = None |
|
8137456a86f3
more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4443
diff
changeset
|
494 Link = hyperdb.Link |
|
8137456a86f3
more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4443
diff
changeset
|
495 Multilink = hyperdb.Multilink |
|
4438
222efa59ee6c
search permissions must allow transitive properties
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4437
diff
changeset
|
496 for propname in property.split('.'): |
|
4444
8137456a86f3
more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4443
diff
changeset
|
497 if prev: |
|
4438
222efa59ee6c
search permissions must allow transitive properties
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4437
diff
changeset
|
498 try: |
|
4444
8137456a86f3
more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4443
diff
changeset
|
499 cn = prop.classname |
|
8137456a86f3
more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4443
diff
changeset
|
500 except AttributeError: |
|
4438
222efa59ee6c
search permissions must allow transitive properties
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4437
diff
changeset
|
501 break |
|
4444
8137456a86f3
more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4443
diff
changeset
|
502 prev = propname |
|
8137456a86f3
more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4443
diff
changeset
|
503 try: |
|
8137456a86f3
more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4443
diff
changeset
|
504 cls = self.db.getclass(cn) |
|
8137456a86f3
more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4443
diff
changeset
|
505 prop = cls.getprops()[propname] |
|
8137456a86f3
more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4443
diff
changeset
|
506 except KeyError: |
|
8137456a86f3
more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4443
diff
changeset
|
507 break |
|
8119
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
508 for rn in rolenames: |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
509 if self.role[rn].searchable(cn, propname): |
|
4438
222efa59ee6c
search permissions must allow transitive properties
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4437
diff
changeset
|
510 break |
|
222efa59ee6c
search permissions must allow transitive properties
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4437
diff
changeset
|
511 else: |
|
222efa59ee6c
search permissions must allow transitive properties
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4437
diff
changeset
|
512 break |
|
222efa59ee6c
search permissions must allow transitive properties
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4437
diff
changeset
|
513 else: |
|
4444
8137456a86f3
more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4443
diff
changeset
|
514 # for Link and Multilink require search permission on label- |
|
8137456a86f3
more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4443
diff
changeset
|
515 # and order-properties and on ID |
|
8299
43899d99fc4d
refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents:
8294
diff
changeset
|
516 if isinstance(prop, (Link, Multilink)): |
|
4444
8137456a86f3
more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4443
diff
changeset
|
517 try: |
|
8137456a86f3
more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4443
diff
changeset
|
518 cls = self.db.getclass(prop.classname) |
|
8137456a86f3
more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4443
diff
changeset
|
519 except KeyError: |
|
8137456a86f3
more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4443
diff
changeset
|
520 return 0 |
|
8137456a86f3
more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4443
diff
changeset
|
521 props = dict.fromkeys(('id', cls.labelprop(), cls.orderprop())) |
|
8299
43899d99fc4d
refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents:
8294
diff
changeset
|
522 for p in props: |
|
8119
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
523 for rn in rolenames: |
|
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
524 if self.role[rn].searchable(prop.classname, p): |
|
4444
8137456a86f3
more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4443
diff
changeset
|
525 break |
|
8137456a86f3
more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4443
diff
changeset
|
526 else: |
|
8137456a86f3
more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4443
diff
changeset
|
527 return 0 |
|
4438
222efa59ee6c
search permissions must allow transitive properties
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4437
diff
changeset
|
528 return 1 |
|
4437
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
529 return 0 |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
530 |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
531 def hasSearchPermission(self, userid, classname, property): |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
532 '''Look through all the Roles, and hence Permissions, and |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
533 see if "permission" exists given the constraints of |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
534 classname and property. |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
535 |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
536 A search permission is granted if we find a 'View' or |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
537 'Search' permission for the user which does *not* include |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
538 a check function. If such a permission is found, the user may |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
539 search for the given property in the given class. |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
540 |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
541 Note that classname *and* property are mandatory arguments. |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
542 |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
543 Contrary to hasPermission, the search will *not* match if |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
544 there are additional constraints (namely a search function) |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
545 on a Permission found. |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
546 |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
547 Concerning property, the Permission matched must have |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
548 either no properties listed or the property must appear in |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
549 the list. |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
550 ''' |
|
4444
8137456a86f3
more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4443
diff
changeset
|
551 roles = [r for r in self.db.user.get_roles(userid) |
|
5128
4058fc1ec746
replacing depricated has_key references by in to support python 3. Errors reported by python -3 roundup_server. Unit tests test_config test_security pass although test_config is a bit weak in coverage.
John Rouillard <rouilj@ieee.org>
parents:
5127
diff
changeset
|
552 if r and (r in self.role)] |
|
6012
06e6bc21b67e
flake8 changes whitepace and formatting
John Rouillard <rouilj@ieee.org>
parents:
5414
diff
changeset
|
553 return self.roleHasSearchPermission(classname, property, *roles) |
|
4437
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
554 |
|
902
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
555 def addPermission(self, **propspec): |
|
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
556 ''' Create a new Permission with the properties defined in |
|
3117
460eb0209a9e
Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents:
3115
diff
changeset
|
557 'propspec'. See the Permission class for the possible |
|
460eb0209a9e
Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents:
3115
diff
changeset
|
558 keyword args. |
|
902
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
559 ''' |
|
908
a8d80ffe37cc
Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents:
905
diff
changeset
|
560 perm = Permission(**propspec) |
|
a8d80ffe37cc
Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents:
905
diff
changeset
|
561 self.permission.setdefault(perm.name, []).append(perm) |
|
a8d80ffe37cc
Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents:
905
diff
changeset
|
562 return perm |
|
902
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
563 |
|
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
564 def addRole(self, **propspec): |
|
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
565 ''' Create a new Role with the properties defined in 'propspec' |
|
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
566 ''' |
|
908
a8d80ffe37cc
Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents:
905
diff
changeset
|
567 role = Role(**propspec) |
|
a8d80ffe37cc
Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents:
905
diff
changeset
|
568 self.role[role.name] = role |
|
a8d80ffe37cc
Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents:
905
diff
changeset
|
569 return role |
|
902
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
570 |
|
5196
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
571 def set_props_only_default(self, props_only=None): |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
572 if props_only is not None: |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
573 # NOTE: only valid values are True and False because these |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
574 # will be compared as part of tuple == tuple and |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
575 # (3,) == (True,) is False even though 3 is a True value |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
576 # in a boolean context. So use bool() to coerce value. |
|
8472
224ccb8b49ca
refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents:
8299
diff
changeset
|
577 Permission.limit_perm_to_props_only_default = \ |
|
5196
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
578 bool(props_only) |
|
e0732fd6a6c7
Implement props_only feature for permissions.
rouilj@uland
parents:
5186
diff
changeset
|
579 |
|
5199
1f72b73d7770
Still trying to figure out why travis ci fails without a call to
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
580 def get_props_only_default(self): |
|
8472
224ccb8b49ca
refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents:
8299
diff
changeset
|
581 return Permission.limit_perm_to_props_only_default |
|
5199
1f72b73d7770
Still trying to figure out why travis ci fails without a call to
John Rouillard <rouilj@ieee.org>
parents:
5196
diff
changeset
|
582 |
|
3117
460eb0209a9e
Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents:
3115
diff
changeset
|
583 def addPermissionToRole(self, rolename, permission, classname=None, |
|
6012
06e6bc21b67e
flake8 changes whitepace and formatting
John Rouillard <rouilj@ieee.org>
parents:
5414
diff
changeset
|
584 properties=None, check=None, props_only=None): |
|
902
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
585 ''' Add the permission to the role's permission list. |
|
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
586 |
|
908
a8d80ffe37cc
Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents:
905
diff
changeset
|
587 'rolename' is the name of the role to add the permission to. |
|
2991
b9a55628a78d
more doc fixes
Richard Jones <richard@users.sourceforge.net>
parents:
2983
diff
changeset
|
588 |
|
b9a55628a78d
more doc fixes
Richard Jones <richard@users.sourceforge.net>
parents:
2983
diff
changeset
|
589 'permission' is either a Permission *or* a permission name |
|
3115
ece73371713c
fix Permission.__repr__()
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
2991
diff
changeset
|
590 accompanied by 'classname' (thus in the second case a Permission |
|
2991
b9a55628a78d
more doc fixes
Richard Jones <richard@users.sourceforge.net>
parents:
2983
diff
changeset
|
591 is obtained by passing 'permission' and 'classname' to |
|
b9a55628a78d
more doc fixes
Richard Jones <richard@users.sourceforge.net>
parents:
2983
diff
changeset
|
592 self.getPermission) |
|
902
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
593 ''' |
|
2991
b9a55628a78d
more doc fixes
Richard Jones <richard@users.sourceforge.net>
parents:
2983
diff
changeset
|
594 if not isinstance(permission, Permission): |
|
3117
460eb0209a9e
Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents:
3115
diff
changeset
|
595 permission = self.getPermission(permission, classname, |
|
6012
06e6bc21b67e
flake8 changes whitepace and formatting
John Rouillard <rouilj@ieee.org>
parents:
5414
diff
changeset
|
596 properties, check, props_only) |
|
1512
9b93d140b8e6
role names made case insensitive
Andrey Lebedev <kedder@users.sourceforge.net>
parents:
1218
diff
changeset
|
597 role = self.role[rolename.lower()] |
|
8119
c12377fb4144
Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents:
6012
diff
changeset
|
598 role.addPermission(permission) |
|
902
b0d3d3535998
Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff
changeset
|
599 |
|
4437
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
600 # Convenience methods for removing non-allowed properties from a |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
601 # filterspec or sort/group list |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
602 |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
603 def filterFilterspec(self, userid, classname, filterspec): |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
604 """ Return a filterspec that has all non-allowed properties removed. |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
605 """ |
|
8299
43899d99fc4d
refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents:
8294
diff
changeset
|
606 return {k: v for k, v in filterspec.items() |
|
43899d99fc4d
refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents:
8294
diff
changeset
|
607 if self.hasSearchPermission(userid, classname, k)} |
|
4437
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
608 |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
609 def filterSortspec(self, userid, classname, sort): |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
610 """ Return a sort- or group-list that has all non-allowed properties |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
611 removed. |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
612 """ |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
613 if isinstance(sort, tuple) and sort[0] in '+-': |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
614 sort = [sort] |
|
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
615 return [(d, p) for d, p in sort |
|
6012
06e6bc21b67e
flake8 changes whitepace and formatting
John Rouillard <rouilj@ieee.org>
parents:
5414
diff
changeset
|
616 if self.hasSearchPermission(userid, classname, p)] |
|
4437
261c9f913ff7
- Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents:
4306
diff
changeset
|
617 |
|
2652
281beec48408
add note about new functionality to Permission class docstring;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents:
2649
diff
changeset
|
618 # vim: set filetype=python sts=4 sw=4 et si : |