Mercurial > p > roundup > code

annotate roundup/security.py @ 4622:9d5825bf0b2d

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Nicer display of multi-line error messages.
author Ralf Schlatterbeck <rsc@runtux.com>
date Mon, 14 May 2012 13:04:20 +0200
parents 8137456a86f3
children 87b0358790ed
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 1644
diff changeset
1 """Handle the security declarations used in Roundup trackers.
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 1644
diff changeset
2 """
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 1644
diff changeset
3 __docformat__ = 'restructuredtext'
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 1644
diff changeset
4
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
5 import weakref
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
6
2983
9614a101b68f Stuff from the train ride this morning:
Richard Jones <richard@users.sourceforge.net>
parents: 2834
diff changeset
7 from roundup import hyperdb, support
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
8
908
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
9 class Permission:
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
10 ''' Defines a Permission with the attributes
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
11 - name
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
12 - description
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
13 - klass (optional)
2983
9614a101b68f Stuff from the train ride this morning:
Richard Jones <richard@users.sourceforge.net>
parents: 2834
diff changeset
14 - properties (optional)
2652
281beec48408 add note about new functionality to Permission class docstring;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2649
diff changeset
15 - check function (optional)
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
16
908
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
17 The klass may be unset, indicating that this permission is not
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
18 locked to a particular class. That means there may be multiple
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
19 Permissions for the same name for different classes.
2652
281beec48408 add note about new functionality to Permission class docstring;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2649
diff changeset
20
2983
9614a101b68f Stuff from the train ride this morning:
Richard Jones <richard@users.sourceforge.net>
parents: 2834
diff changeset
21 If property names are set, permission is restricted to those
9614a101b68f Stuff from the train ride this morning:
Richard Jones <richard@users.sourceforge.net>
parents: 2834
diff changeset
22 properties only.
2652
281beec48408 add note about new functionality to Permission class docstring;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2649
diff changeset
23
281beec48408 add note about new functionality to Permission class docstring;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2649
diff changeset
24 If check function is set, permission is granted only when
281beec48408 add note about new functionality to Permission class docstring;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2649
diff changeset
25 the function returns value interpreted as boolean true.
281beec48408 add note about new functionality to Permission class docstring;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2649
diff changeset
26 The function is called with arguments db, userid, itemid.
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
27 '''
2649
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
28 def __init__(self, name='', description='', klass=None,
2983
9614a101b68f Stuff from the train ride this morning:
Richard Jones <richard@users.sourceforge.net>
parents: 2834
diff changeset
29 properties=None, check=None):
908
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
30 self.name = name
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
31 self.description = description
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
32 self.klass = klass
2983
9614a101b68f Stuff from the train ride this morning:
Richard Jones <richard@users.sourceforge.net>
parents: 2834
diff changeset
33 self.properties = properties
9614a101b68f Stuff from the train ride this morning:
Richard Jones <richard@users.sourceforge.net>
parents: 2834
diff changeset
34 self._properties_dict = support.TruthDict(properties)
2649
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
35 self.check = check
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
36
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
37 def test(self, db, permission, classname, property, userid, itemid):
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
38 if permission != self.name:
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
39 return 0
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
40
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
41 # are we checking the correct class
3535
75dc225613cc fix security check for hasPermission(Permission, None)
Richard Jones <richard@users.sourceforge.net>
parents: 3117
diff changeset
42 if self.klass is not None and self.klass != classname:
2649
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
43 return 0
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
44
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
45 # what about property?
2983
9614a101b68f Stuff from the train ride this morning:
Richard Jones <richard@users.sourceforge.net>
parents: 2834
diff changeset
46 if property is not None and not self._properties_dict[property]:
2649
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
47 return 0
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
48
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
49 # check code
3117
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
50 if itemid is not None and self.check is not None:
2649
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
51 if not self.check(db, userid, itemid):
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
52 return 0
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
53
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
54 # we have a winner
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
55 return 1
908
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
56
4438
222efa59ee6c search permissions must allow transitive properties
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4437
diff changeset
57 def searchable(self, classname, property):
4437
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
58 """ A Permission is searchable for the given permission if it
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
59 doesn't include a check method and otherwise matches the
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
60 given parameters.
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
61 """
4438
222efa59ee6c search permissions must allow transitive properties
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4437
diff changeset
62 if self.name not in ('View', 'Search'):
4437
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
63 return 0
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
64
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
65 # are we checking the correct class
4443
9edbab31e2ac - admin permissions are special:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4438
diff changeset
66 if self.klass is not None and self.klass != classname:
4437
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
67 return 0
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
68
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
69 # what about property?
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
70 if not self._properties_dict[property]:
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
71 return 0
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
72
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
73 if self.check:
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
74 return 0
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
75
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
76 return 1
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
77
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
78
908
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
79 def __repr__(self):
2649
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
80 return '<Permission 0x%x %r,%r,%r,%r>'%(id(self), self.name,
3115
ece73371713c fix Permission.__repr__()
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2991
diff changeset
81 self.klass, self.properties, self.check)
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
82
3117
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
83 def __cmp__(self, other):
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
84 if self.name != other.name:
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
85 return cmp(self.name, other.name)
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
86
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
87 if self.klass != other.klass: return 1
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
88 if self.properties != other.properties: return 1
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
89 if self.check != other.check: return 1
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
90
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
91 # match
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
92 return 0
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
93
908
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
94 class Role:
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
95 ''' Defines a Role with the attributes
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
96 - name
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
97 - description
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
98 - permissions
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
99 '''
908
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
100 def __init__(self, name='', description='', permissions=None):
1512
9b93d140b8e6 role names made case insensitive
Andrey Lebedev <kedder@users.sourceforge.net>
parents: 1218
diff changeset
101 self.name = name.lower()
908
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
102 self.description = description
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
103 if permissions is None:
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
104 permissions = []
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
105 self.permissions = permissions
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
106
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
107 def __repr__(self):
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
108 return '<Role 0x%x %r,%r>'%(id(self), self.name, self.permissions)
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
109
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
110 class Security:
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
111 def __init__(self, db):
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
112 ''' Initialise the permission and role classes, and add in the
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
113 base roles (for admin user).
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
114 '''
908
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
115 self.db = weakref.proxy(db) # use a weak ref to avoid circularity
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
116
908
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
117 # permssions are mapped by name to a list of Permissions by class
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
118 self.permission = {}
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
119
908
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
120 # roles are mapped by name to the Role
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
121 self.role = {}
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
122
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
123 # the default Roles
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
124 self.addRole(name="User", description="A regular user, no privs")
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
125 self.addRole(name="Admin", description="An admin user, full privs")
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
126 self.addRole(name="Anonymous", description="An anonymous user")
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
127
4088
34434785f308 Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents: 3535
diff changeset
128 # default permissions - Admin may do anything
34434785f308 Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents: 3535
diff changeset
129 for p in 'create edit retire view'.split():
34434785f308 Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents: 3535
diff changeset
130 p = self.addPermission(name=p.title(),
34434785f308 Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents: 3535
diff changeset
131 description="User may %s everthing"%p)
34434785f308 Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents: 3535
diff changeset
132 self.addPermissionToRole('Admin', p)
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
133
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
134 # initialise the permissions and roles needed for the UIs
992
6003d6fa02a5 new CGI frontend support
Richard Jones <richard@users.sourceforge.net>
parents: 938
diff changeset
135 from roundup.cgi import client
6003d6fa02a5 new CGI frontend support
Richard Jones <richard@users.sourceforge.net>
parents: 938
diff changeset
136 client.initialiseSecurity(self)
938
62c49e259047 preparation for moving cgi modules around
Richard Jones <richard@users.sourceforge.net>
parents: 909
diff changeset
137 from roundup import mailgw
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
138 mailgw.initialiseSecurity(self)
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
139
3117
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
140 def getPermission(self, permission, classname=None, properties=None,
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
141 check=None):
905
502a5ae11cc5 Very close now. The cgi and mailgw now use the new security API.
Richard Jones <richard@users.sourceforge.net>
parents: 902
diff changeset
142 ''' Find the Permission matching the name and for the class, if the
502a5ae11cc5 Very close now. The cgi and mailgw now use the new security API.
Richard Jones <richard@users.sourceforge.net>
parents: 902
diff changeset
143 classname is specified.
502a5ae11cc5 Very close now. The cgi and mailgw now use the new security API.
Richard Jones <richard@users.sourceforge.net>
parents: 902
diff changeset
144
502a5ae11cc5 Very close now. The cgi and mailgw now use the new security API.
Richard Jones <richard@users.sourceforge.net>
parents: 902
diff changeset
145 Raise ValueError if there is no exact match.
502a5ae11cc5 Very close now. The cgi and mailgw now use the new security API.
Richard Jones <richard@users.sourceforge.net>
parents: 902
diff changeset
146 '''
908
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
147 if not self.permission.has_key(permission):
905
502a5ae11cc5 Very close now. The cgi and mailgw now use the new security API.
Richard Jones <richard@users.sourceforge.net>
parents: 902
diff changeset
148 raise ValueError, 'No permission "%s" defined'%permission
909
ef9c759c243e Fix to hasPermission, thanks Stefan Seefeld.
Richard Jones <richard@users.sourceforge.net>
parents: 908
diff changeset
149
2834
Richard Jones <richard@users.sourceforge.net>
parents: 2723
diff changeset
150 if classname:
Richard Jones <richard@users.sourceforge.net>
parents: 2723
diff changeset
151 try:
Richard Jones <richard@users.sourceforge.net>
parents: 2723
diff changeset
152 self.db.getclass(classname)
Richard Jones <richard@users.sourceforge.net>
parents: 2723
diff changeset
153 except KeyError:
Richard Jones <richard@users.sourceforge.net>
parents: 2723
diff changeset
154 raise ValueError, 'No class "%s" defined'%classname
Richard Jones <richard@users.sourceforge.net>
parents: 2723
diff changeset
155
909
ef9c759c243e Fix to hasPermission, thanks Stefan Seefeld.
Richard Jones <richard@users.sourceforge.net>
parents: 908
diff changeset
156 # look through all the permissions of the given name
3117
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
157 tester = Permission(permission, klass=classname, properties=properties,
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
158 check=check)
908
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
159 for perm in self.permission[permission]:
3117
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
160 if perm == tester:
908
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
161 return perm
905
502a5ae11cc5 Very close now. The cgi and mailgw now use the new security API.
Richard Jones <richard@users.sourceforge.net>
parents: 902
diff changeset
162 raise ValueError, 'No permission "%s" defined for "%s"'%(permission,
502a5ae11cc5 Very close now. The cgi and mailgw now use the new security API.
Richard Jones <richard@users.sourceforge.net>
parents: 902
diff changeset
163 classname)
502a5ae11cc5 Very close now. The cgi and mailgw now use the new security API.
Richard Jones <richard@users.sourceforge.net>
parents: 902
diff changeset
164
2649
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
165 def hasPermission(self, permission, userid, classname=None,
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
166 property=None, itemid=None):
3117
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
167 '''Look through all the Roles, and hence Permissions, and
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
168 see if "permission" exists given the constraints of
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
169 classname, property and itemid.
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
170
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
171 If classname is specified (and only classname) then the
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
172 search will match if there is *any* Permission for that
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
173 classname, even if the Permission has additional
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
174 constraints.
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
175
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
176 If property is specified, the Permission matched must have
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
177 either no properties listed or the property must appear in
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
178 the list.
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
179
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
180 If itemid is specified, the Permission matched must have
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
181 either no check function defined or the check function,
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
182 when invoked, must return a True value.
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
183
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
184 Note that this functionality is actually implemented by the
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
185 Permission.test() method.
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
186 '''
2983
9614a101b68f Stuff from the train ride this morning:
Richard Jones <richard@users.sourceforge.net>
parents: 2834
diff changeset
187 if itemid and classname is None:
2649
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
188 raise ValueError, 'classname must accompany itemid'
4306
966592263fb8 Clean up all the places where role processing occurs.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4088
diff changeset
189 for rolename in self.db.user.get_roles(userid):
1218
4c9882cb16a3 more docco work
Richard Jones <richard@users.sourceforge.net>
parents: 1090
diff changeset
190 if not rolename or not self.role.has_key(rolename):
905
502a5ae11cc5 Very close now. The cgi and mailgw now use the new security API.
Richard Jones <richard@users.sourceforge.net>
parents: 902
diff changeset
191 continue
909
ef9c759c243e Fix to hasPermission, thanks Stefan Seefeld.
Richard Jones <richard@users.sourceforge.net>
parents: 908
diff changeset
192 # for each of the user's Roles, check the permissions
908
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
193 for perm in self.role[rolename].permissions:
3117
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
194 # permission match?
2649
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
195 if perm.test(self.db, permission, classname, property,
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
196 userid, itemid):
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
197 return 1
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
198 return 0
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
199
4444
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
200 def roleHasSearchPermission(self, classname, property, *rolenames):
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
201 """ For each of the given roles, check the permissions.
4438
222efa59ee6c search permissions must allow transitive properties
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4437
diff changeset
202 Property can be a transitive property.
4437
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
203 """
4444
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
204 perms = []
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
205 # pre-compute permissions
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
206 for rn in rolenames :
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
207 for perm in self.role[rn].permissions:
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
208 perms.append(perm)
4438
222efa59ee6c search permissions must allow transitive properties
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4437
diff changeset
209 # Note: break from inner loop means "found"
222efa59ee6c search permissions must allow transitive properties
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4437
diff changeset
210 # break from outer loop means "not found"
4444
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
211 cn = classname
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
212 prev = None
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
213 prop = None
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
214 Link = hyperdb.Link
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
215 Multilink = hyperdb.Multilink
4438
222efa59ee6c search permissions must allow transitive properties
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4437
diff changeset
216 for propname in property.split('.'):
4444
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
217 if prev:
4438
222efa59ee6c search permissions must allow transitive properties
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4437
diff changeset
218 try:
4444
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
219 cn = prop.classname
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
220 except AttributeError:
4438
222efa59ee6c search permissions must allow transitive properties
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4437
diff changeset
221 break
4444
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
222 prev = propname
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
223 try:
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
224 cls = self.db.getclass(cn)
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
225 prop = cls.getprops()[propname]
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
226 except KeyError:
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
227 break
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
228 for perm in perms:
4438
222efa59ee6c search permissions must allow transitive properties
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4437
diff changeset
229 if perm.searchable(cn, propname):
222efa59ee6c search permissions must allow transitive properties
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4437
diff changeset
230 break
222efa59ee6c search permissions must allow transitive properties
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4437
diff changeset
231 else:
222efa59ee6c search permissions must allow transitive properties
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4437
diff changeset
232 break
222efa59ee6c search permissions must allow transitive properties
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4437
diff changeset
233 else:
4444
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
234 # for Link and Multilink require search permission on label-
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
235 # and order-properties and on ID
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
236 if isinstance(prop, Multilink) or isinstance(prop, Link):
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
237 try:
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
238 cls = self.db.getclass(prop.classname)
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
239 except KeyError:
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
240 return 0
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
241 props = dict.fromkeys(('id', cls.labelprop(), cls.orderprop()))
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
242 for p in props.iterkeys():
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
243 for perm in perms:
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
244 if perm.searchable(prop.classname, p):
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
245 break
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
246 else:
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
247 return 0
4438
222efa59ee6c search permissions must allow transitive properties
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4437
diff changeset
248 return 1
4437
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
249 return 0
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
250
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
251 def hasSearchPermission(self, userid, classname, property):
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
252 '''Look through all the Roles, and hence Permissions, and
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
253 see if "permission" exists given the constraints of
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
254 classname and property.
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
255
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
256 A search permission is granted if we find a 'View' or
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
257 'Search' permission for the user which does *not* include
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
258 a check function. If such a permission is found, the user may
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
259 search for the given property in the given class.
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
260
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
261 Note that classname *and* property are mandatory arguments.
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
262
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
263 Contrary to hasPermission, the search will *not* match if
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
264 there are additional constraints (namely a search function)
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
265 on a Permission found.
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
266
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
267 Concerning property, the Permission matched must have
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
268 either no properties listed or the property must appear in
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
269 the list.
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
270 '''
4444
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
271 roles = [r for r in self.db.user.get_roles(userid)
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
272 if r and self.role.has_key(r)]
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
273 return self.roleHasSearchPermission (classname, property, *roles)
4437
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
274
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
275 def addPermission(self, **propspec):
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
276 ''' Create a new Permission with the properties defined in
3117
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
277 'propspec'. See the Permission class for the possible
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
278 keyword args.
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
279 '''
908
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
280 perm = Permission(**propspec)
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
281 self.permission.setdefault(perm.name, []).append(perm)
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
282 return perm
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
283
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
284 def addRole(self, **propspec):
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
285 ''' Create a new Role with the properties defined in 'propspec'
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
286 '''
908
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
287 role = Role(**propspec)
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
288 self.role[role.name] = role
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
289 return role
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
290
3117
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
291 def addPermissionToRole(self, rolename, permission, classname=None,
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
292 properties=None, check=None):
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
293 ''' Add the permission to the role's permission list.
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
294
908
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
295 'rolename' is the name of the role to add the permission to.
2991
b9a55628a78d more doc fixes
Richard Jones <richard@users.sourceforge.net>
parents: 2983
diff changeset
296
b9a55628a78d more doc fixes
Richard Jones <richard@users.sourceforge.net>
parents: 2983
diff changeset
297 'permission' is either a Permission *or* a permission name
3115
ece73371713c fix Permission.__repr__()
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2991
diff changeset
298 accompanied by 'classname' (thus in the second case a Permission
2991
b9a55628a78d more doc fixes
Richard Jones <richard@users.sourceforge.net>
parents: 2983
diff changeset
299 is obtained by passing 'permission' and 'classname' to
b9a55628a78d more doc fixes
Richard Jones <richard@users.sourceforge.net>
parents: 2983
diff changeset
300 self.getPermission)
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
301 '''
2991
b9a55628a78d more doc fixes
Richard Jones <richard@users.sourceforge.net>
parents: 2983
diff changeset
302 if not isinstance(permission, Permission):
3117
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
303 permission = self.getPermission(permission, classname,
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
304 properties, check)
1512
9b93d140b8e6 role names made case insensitive
Andrey Lebedev <kedder@users.sourceforge.net>
parents: 1218
diff changeset
305 role = self.role[rolename.lower()]
908
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
306 role.permissions.append(permission)
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
307
4437
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
308 # Convenience methods for removing non-allowed properties from a
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
309 # filterspec or sort/group list
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
310
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
311 def filterFilterspec(self, userid, classname, filterspec):
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
312 """ Return a filterspec that has all non-allowed properties removed.
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
313 """
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
314 return dict ([(k, v) for k, v in filterspec.iteritems()
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
315 if self.hasSearchPermission(userid,classname,k)])
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
316
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
317 def filterSortspec(self, userid, classname, sort):
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
318 """ Return a sort- or group-list that has all non-allowed properties
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
319 removed.
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
320 """
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
321 if isinstance(sort, tuple) and sort[0] in '+-':
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
322 sort = [sort]
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
323 return [(d, p) for d, p in sort
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
324 if self.hasSearchPermission(userid,classname,p)]
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
325
2652
281beec48408 add note about new functionality to Permission class docstring;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2649
diff changeset
326 # vim: set filetype=python sts=4 sw=4 et si :
Roundup Issue Tracker: http://roundup-tracker.org/