Mercurial > p > roundup > code

annotate roundup/security.py @ 8513:d7d91e25a1c2

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
chore(build): bump anchore/scan-action from 7.2.3 to 7.3.0 pull #80
author John Rouillard <rouilj@ieee.org>
date Tue, 27 Jan 2026 21:41:37 -0500
parents 224ccb8b49ca
children 19152fd94fcf
Ignore whitespace changes - Everywhere: Within whitespace: At end of lines:
rev   line source
2005
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 1644
diff changeset
1 """Handle the security declarations used in Roundup trackers.
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 1644
diff changeset
2 """
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 1644
diff changeset
3 __docformat__ = 'restructuredtext'
fc52d57c6c3e documentation cleanup
Richard Jones <richard@users.sourceforge.net>
parents: 1644
diff changeset
4
8299
43899d99fc4d refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents: 8294
diff changeset
5 import logging
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
6 import weakref
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
7
2983
9614a101b68f Stuff from the train ride this morning:
Richard Jones <richard@users.sourceforge.net>
parents: 2834
diff changeset
8 from roundup import hyperdb, support
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
9
5196
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
10 logger = logging.getLogger('roundup.security')
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
11
6012
06e6bc21b67e flake8 changes whitepace and formatting
John Rouillard <rouilj@ieee.org>
parents: 5414
diff changeset
12
908
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
13 class Permission:
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
14 ''' Defines a Permission with the attributes
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
15 - name
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
16 - description
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
17 - klass (optional)
2983
9614a101b68f Stuff from the train ride this morning:
Richard Jones <richard@users.sourceforge.net>
parents: 2834
diff changeset
18 - properties (optional)
2652
281beec48408 add note about new functionality to Permission class docstring;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2649
diff changeset
19 - check function (optional)
5196
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
20 - props_only (optional, internal field is limit_perm_to_props_only)
8472
224ccb8b49ca refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents: 8299
diff changeset
21 default value taken from Permission.limit_perm_to_props_only_default.
8125
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
22 - filter function (optional) returns filter arguments for
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
23 determining which records are visible by the user. The filter
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
24 function comes into play when determining if a set of nodes
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
25 found via a filter call of a class can be seen by the user --
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
26 the normal way would be to call the permissions for each item
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
27 found, the filter call performs this on the database for all
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
28 nodes.
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
29 Signature of the filter function:
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
30 filter(db, userid, klass)
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
31 The filter must return a list of dictionaries with filter parameters.
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
32 Note that sort and group parameters of the filter call should
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
33 not be set by filter method (they will be overwritten) and the
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
34 parameter search_matches must not be set.
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
35 An empty list returned means no access for this filter method.
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
36
908
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
37 The klass may be unset, indicating that this permission is not
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
38 locked to a particular class. That means there may be multiple
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
39 Permissions for the same name for different classes.
2652
281beec48408 add note about new functionality to Permission class docstring;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2649
diff changeset
40
2983
9614a101b68f Stuff from the train ride this morning:
Richard Jones <richard@users.sourceforge.net>
parents: 2834
diff changeset
41 If property names are set, permission is restricted to those
9614a101b68f Stuff from the train ride this morning:
Richard Jones <richard@users.sourceforge.net>
parents: 2834
diff changeset
42 properties only.
2652
281beec48408 add note about new functionality to Permission class docstring;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2649
diff changeset
43
281beec48408 add note about new functionality to Permission class docstring;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2649
diff changeset
44 If check function is set, permission is granted only when
281beec48408 add note about new functionality to Permission class docstring;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2649
diff changeset
45 the function returns value interpreted as boolean true.
281beec48408 add note about new functionality to Permission class docstring;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2649
diff changeset
46 The function is called with arguments db, userid, itemid.
5196
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
47
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
48 When the system checks klass permission rather than the klass
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
49 property permission (i.e. properties=None and item=None), it
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
50 will apply any permission that matches on permission name and
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
51 class. If the permission has a check function, the check
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
52 function will be run. By making the permission valid only for
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
53 properties using props_only=True the permission will be
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
54 skipped. You can set the default value for props_only for all
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
55 properties by calling:
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
56
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
57 db.security.set_props_only_default()
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
58
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
59 with a True or False value.
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
60 '''
5196
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
61
8472
224ccb8b49ca refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents: 8299
diff changeset
62 __slots__ = (
224ccb8b49ca refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents: 8299
diff changeset
63 "_properties_dict",
224ccb8b49ca refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents: 8299
diff changeset
64 "check",
224ccb8b49ca refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents: 8299
diff changeset
65 "check_version",
224ccb8b49ca refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents: 8299
diff changeset
66 "description",
224ccb8b49ca refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents: 8299
diff changeset
67 "filter",
224ccb8b49ca refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents: 8299
diff changeset
68 "klass",
224ccb8b49ca refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents: 8299
diff changeset
69 "limit_perm_to_props_only",
224ccb8b49ca refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents: 8299
diff changeset
70 "name",
224ccb8b49ca refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents: 8299
diff changeset
71 "properties")
224ccb8b49ca refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents: 8299
diff changeset
72
224ccb8b49ca refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents: 8299
diff changeset
73 limit_perm_to_props_only_default = False
5196
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
74
2649
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
75 def __init__(self, name='', description='', klass=None,
8125
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
76 properties=None, check=None, props_only=None, filter=None):
5269
c94fd717e28c Fix http://issues.roundup-tracker.org/issue2550952 make __call__
John Rouillard <rouilj@ieee.org>
parents: 5199
diff changeset
77 from roundup.anypy import findargspec
908
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
78 self.name = name
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
79 self.description = description
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
80 self.klass = klass
2983
9614a101b68f Stuff from the train ride this morning:
Richard Jones <richard@users.sourceforge.net>
parents: 2834
diff changeset
81 self.properties = properties
9614a101b68f Stuff from the train ride this morning:
Richard Jones <richard@users.sourceforge.net>
parents: 2834
diff changeset
82 self._properties_dict = support.TruthDict(properties)
2649
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
83 self.check = check
8125
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
84 self.filter = filter
5196
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
85 if properties is not None:
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
86 # Set to None unless properties are defined.
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
87 # This means that:
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
88 # a=Property(name="Edit", klass="issue", check=dummy,
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
89 # props_only=True)
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
90 # b=Property(name="Edit", klass="issue", check=dummy,
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
91 # props_only=False)
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
92 # a == b will be true.
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
93 if props_only is None:
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
94 self.limit_perm_to_props_only = \
8472
224ccb8b49ca refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents: 8299
diff changeset
95 Permission.limit_perm_to_props_only_default
5196
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
96 else:
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
97 # see note on use of bool() in set_props_only_default()
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
98 self.limit_perm_to_props_only = bool(props_only)
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
99 else:
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
100 self.limit_perm_to_props_only = None
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
101
5186
36630a062fb5 Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents: 5128
diff changeset
102 if check is None:
36630a062fb5 Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents: 5128
diff changeset
103 self.check_version = 0
8155
e9af08743759 Add check_factory
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8139
diff changeset
104 if filter is not None:
e9af08743759 Add check_factory
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8139
diff changeset
105 if klass is None:
e9af08743759 Add check_factory
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8139
diff changeset
106 s = "Definition of a filter function" \
e9af08743759 Add check_factory
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8139
diff changeset
107 " needs a check function if no klass is given"
e9af08743759 Add check_factory
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8139
diff changeset
108 raise ValueError(s)
e9af08743759 Add check_factory
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8139
diff changeset
109 self.check = self.check_factory(klass, filter)
e9af08743759 Add check_factory
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8139
diff changeset
110 self.check_version = 1
5186
36630a062fb5 Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents: 5128
diff changeset
111 else:
6012
06e6bc21b67e flake8 changes whitepace and formatting
John Rouillard <rouilj@ieee.org>
parents: 5414
diff changeset
112 args = findargspec.findargspec(check)
5269
c94fd717e28c Fix http://issues.roundup-tracker.org/issue2550952 make __call__
John Rouillard <rouilj@ieee.org>
parents: 5199
diff changeset
113 # args[2] is the keywords argument. Leave it as a subscript and
c94fd717e28c Fix http://issues.roundup-tracker.org/issue2550952 make __call__
John Rouillard <rouilj@ieee.org>
parents: 5199
diff changeset
114 # do not use named tuple reference as names change in python 3.
5186
36630a062fb5 Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents: 5128
diff changeset
115 # If there is a **parameter defined in the function spec, the
5269
c94fd717e28c Fix http://issues.roundup-tracker.org/issue2550952 make __call__
John Rouillard <rouilj@ieee.org>
parents: 5199
diff changeset
116 # value of the 3rd argument (2nd index) in the tuple is not None.
5186
36630a062fb5 Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents: 5128
diff changeset
117 if args[2] is None:
36630a062fb5 Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents: 5128
diff changeset
118 # function definition is function(db, userid, itemid)
36630a062fb5 Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents: 5128
diff changeset
119 self.check_version = 1
36630a062fb5 Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents: 5128
diff changeset
120 else:
36630a062fb5 Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents: 5128
diff changeset
121 # function definition is function(db, userid, itemid, **other)
36630a062fb5 Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents: 5128
diff changeset
122 self.check_version = 2
36630a062fb5 Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents: 5128
diff changeset
123
8155
e9af08743759 Add check_factory
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8139
diff changeset
124 def check_factory(self, klass, filter_function):
e9af08743759 Add check_factory
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8139
diff changeset
125 """ When a Permission defines a filter function but no check
e9af08743759 Add check_factory
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8139
diff changeset
126 function, we manufacture a check function here
e9af08743759 Add check_factory
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8139
diff changeset
127 """
e9af08743759 Add check_factory
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8139
diff changeset
128 def check(db, userid, itemid):
e9af08743759 Add check_factory
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8139
diff changeset
129 cls = db.getclass(klass)
e9af08743759 Add check_factory
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8139
diff changeset
130 args = filter_function(db, userid, cls)
e9af08743759 Add check_factory
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8139
diff changeset
131 for a in args:
e9af08743759 Add check_factory
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8139
diff changeset
132 if cls.filter([itemid], **a):
e9af08743759 Add check_factory
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8139
diff changeset
133 return True
8299
43899d99fc4d refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents: 8294
diff changeset
134 return False
43899d99fc4d refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents: 8294
diff changeset
135
8155
e9af08743759 Add check_factory
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8139
diff changeset
136 return check
e9af08743759 Add check_factory
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8139
diff changeset
137
8472
224ccb8b49ca refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents: 8299
diff changeset
138 def props_dict(self):
224ccb8b49ca refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents: 8299
diff changeset
139 return {name: getattr(self, name) for name in self.__slots__}
224ccb8b49ca refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents: 8299
diff changeset
140
2649
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
141 def test(self, db, permission, classname, property, userid, itemid):
5196
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
142 ''' Test permissions 5 args:
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
143 permission - string like Edit, Register etc. Required, no wildcard.
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
144 classname - string like issue, msg etc. Can be None to match any
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
145 class.
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
146 property - array of strings that are property names. Optional.
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
147 if None this is an item or klass access check.
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
148 userid - number that is id for user.
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
149 itemid - id for classname. e.g. 3 in issue3. If missing this is
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
150 a class access check, otherwies it's a object access check.
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
151 '''
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
152
2649
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
153 if permission != self.name:
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
154 return 0
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
155
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
156 # are we checking the correct class
3535
75dc225613cc fix security check for hasPermission(Permission, None)
Richard Jones <richard@users.sourceforge.net>
parents: 3117
diff changeset
157 if self.klass is not None and self.klass != classname:
2649
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
158 return 0
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
159
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
160 # what about property?
8139
de58ff07890e Rename parameter of hasPermission
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8131
diff changeset
161 # Note that _properties_dict always returns True if it was
de58ff07890e Rename parameter of hasPermission
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8131
diff changeset
162 # initialized with empty properties
2983
9614a101b68f Stuff from the train ride this morning:
Richard Jones <richard@users.sourceforge.net>
parents: 2834
diff changeset
163 if property is not None and not self._properties_dict[property]:
2649
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
164 return 0
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
165
5196
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
166 # is this a props_only permission and permissions are set
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
167 if property is None and self.properties is not None and \
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
168 self.limit_perm_to_props_only:
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
169 return 0
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
170
2649
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
171 # check code
3117
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
172 if itemid is not None and self.check is not None:
5186
36630a062fb5 Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents: 5128
diff changeset
173 if self.check_version == 1:
36630a062fb5 Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents: 5128
diff changeset
174 if not self.check(db, userid, itemid):
36630a062fb5 Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents: 5128
diff changeset
175 return 0
36630a062fb5 Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents: 5128
diff changeset
176 elif self.check_version == 2:
6012
06e6bc21b67e flake8 changes whitepace and formatting
John Rouillard <rouilj@ieee.org>
parents: 5414
diff changeset
177 if not self.check(db, userid, itemid, property=property,
06e6bc21b67e flake8 changes whitepace and formatting
John Rouillard <rouilj@ieee.org>
parents: 5414
diff changeset
178 permission=permission, classname=classname):
5186
36630a062fb5 Check in enhanced form for check command used by addPermission.
John Rouillard <rouilj@ieee.org>
parents: 5128
diff changeset
179 return 0
2649
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
180
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
181 # we have a winner
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
182 return 1
908
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
183
4438
222efa59ee6c search permissions must allow transitive properties
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4437
diff changeset
184 def searchable(self, classname, property):
4437
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
185 """ A Permission is searchable for the given permission if it
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
186 doesn't include a check method and otherwise matches the
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
187 given parameters.
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
188 """
4438
222efa59ee6c search permissions must allow transitive properties
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4437
diff changeset
189 if self.name not in ('View', 'Search'):
4437
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
190 return 0
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
191
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
192 # are we checking the correct class
4443
9edbab31e2ac - admin permissions are special:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4438
diff changeset
193 if self.klass is not None and self.klass != classname:
4437
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
194 return 0
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
195
8131
8e9181dfc9fa Fix searchable checks in roundup/security.py
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8125
diff changeset
196 # Do not allow access if we have a check method
8e9181dfc9fa Fix searchable checks in roundup/security.py
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8125
diff changeset
197 if self.check:
8e9181dfc9fa Fix searchable checks in roundup/security.py
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8125
diff changeset
198 return 0
8e9181dfc9fa Fix searchable checks in roundup/security.py
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8125
diff changeset
199
4437
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
200 # what about property?
8139
de58ff07890e Rename parameter of hasPermission
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8131
diff changeset
201 # Note that _properties_dict always returns True if it was
de58ff07890e Rename parameter of hasPermission
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8131
diff changeset
202 # initialized with empty properties
4437
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
203 if not self._properties_dict[property]:
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
204 return 0
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
205
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
206 return 1
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
207
908
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
208 def __repr__(self):
6012
06e6bc21b67e flake8 changes whitepace and formatting
John Rouillard <rouilj@ieee.org>
parents: 5414
diff changeset
209 return '<Permission 0x%x %r,%r,%r,%r,%r>' % (id(self), self.name,
5196
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
210 self.klass, self.properties, self.check,
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
211 self.limit_perm_to_props_only)
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
212
5414
3fa026621f69 Python 3 preparation: comparisons.
Joseph Myers <jsm@polyomino.org.uk>
parents: 5395
diff changeset
213 def __eq__(self, other):
3117
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
214 if self.name != other.name:
5414
3fa026621f69 Python 3 preparation: comparisons.
Joseph Myers <jsm@polyomino.org.uk>
parents: 5395
diff changeset
215 return False
3117
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
216
5414
3fa026621f69 Python 3 preparation: comparisons.
Joseph Myers <jsm@polyomino.org.uk>
parents: 5395
diff changeset
217 if self.klass != other.klass: return False
3fa026621f69 Python 3 preparation: comparisons.
Joseph Myers <jsm@polyomino.org.uk>
parents: 5395
diff changeset
218 if self.properties != other.properties: return False
3fa026621f69 Python 3 preparation: comparisons.
Joseph Myers <jsm@polyomino.org.uk>
parents: 5395
diff changeset
219 if self.check != other.check: return False
5196
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
220 if self.limit_perm_to_props_only != \
6012
06e6bc21b67e flake8 changes whitepace and formatting
John Rouillard <rouilj@ieee.org>
parents: 5414
diff changeset
221 other.limit_perm_to_props_only: return False
3117
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
222
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
223 # match
5414
3fa026621f69 Python 3 preparation: comparisons.
Joseph Myers <jsm@polyomino.org.uk>
parents: 5395
diff changeset
224 return True
3fa026621f69 Python 3 preparation: comparisons.
Joseph Myers <jsm@polyomino.org.uk>
parents: 5395
diff changeset
225
3fa026621f69 Python 3 preparation: comparisons.
Joseph Myers <jsm@polyomino.org.uk>
parents: 5395
diff changeset
226 def __ne__(self, other):
3fa026621f69 Python 3 preparation: comparisons.
Joseph Myers <jsm@polyomino.org.uk>
parents: 5395
diff changeset
227 return not self.__eq__(other)
3117
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
228
6012
06e6bc21b67e flake8 changes whitepace and formatting
John Rouillard <rouilj@ieee.org>
parents: 5414
diff changeset
229 def __getitem__(self, index):
5196
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
230 return (self.name, self.klass, self.properties, self.check,
6012
06e6bc21b67e flake8 changes whitepace and formatting
John Rouillard <rouilj@ieee.org>
parents: 5414
diff changeset
231 self.limit_perm_to_props_only)[index]
06e6bc21b67e flake8 changes whitepace and formatting
John Rouillard <rouilj@ieee.org>
parents: 5414
diff changeset
232
5196
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
233
908
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
234 class Role:
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
235 ''' Defines a Role with the attributes
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
236 - name
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
237 - description
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
238 - permissions
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
239 '''
8472
224ccb8b49ca refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents: 8299
diff changeset
240
224ccb8b49ca refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents: 8299
diff changeset
241 __slots__ = ("_permissions", "description", "name")
224ccb8b49ca refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents: 8299
diff changeset
242
908
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
243 def __init__(self, name='', description='', permissions=None):
1512
9b93d140b8e6 role names made case insensitive
Andrey Lebedev <kedder@users.sourceforge.net>
parents: 1218
diff changeset
244 self.name = name.lower()
908
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
245 self.description = description
8119
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
246 # This is a dict of permission names each containing a dict of
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
247 # *class names*, with a special entry for non-class permissions
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
248 # where the key is None. In each class dict we have a dictionary
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
249 # with the values True and False for permission with and without
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
250 # a check method. These dicts each contain a list of permissions.
908
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
251 if permissions is None:
8119
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
252 self._permissions = {}
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
253 elif isinstance(permissions, list):
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
254 self._permissions = {}
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
255 for p in permissions:
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
256 self.addPermission(p)
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
257 else:
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
258 raise ValueError("Invalid permissions for Role: %s" % permissions)
908
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
259
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
260 def __repr__(self):
8119
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
261 pl = self.permission_list()
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
262 return '<Role 0x%x %r,%r>' % (id(self), self.name, pl)
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
263
8299
43899d99fc4d refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents: 8294
diff changeset
264 def addPermission(self, *permissions):
8119
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
265 for p in permissions:
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
266 pn = p.name
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
267 self._permissions.setdefault(pn, {})
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
268 cn = p.klass
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
269 if p.klass not in self._permissions[pn]:
8299
43899d99fc4d refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents: 8294
diff changeset
270 self._permissions[pn][cn] = {False: [], True: []}
8119
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
271 self._permissions[pn][cn][bool(p.check)].append(p)
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
272
8299
43899d99fc4d refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents: 8294
diff changeset
273 def filter_iter(self, permission, classname):
8125
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
274 """ Loop over all permissions for the current role on the class
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
275 with a check method (and props_only False).
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
276 """
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
277 if permission not in self._permissions:
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
278 return
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
279 for c in (None, classname):
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
280 if c not in self._permissions[permission]:
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
281 continue
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
282 perms = self._permissions[permission][c][True]
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
283 for p in perms:
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
284 if p.limit_perm_to_props_only and p.properties:
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
285 continue
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
286 yield p
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
287
8299
43899d99fc4d refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents: 8294
diff changeset
288 def hasPermission(self, db, perm, uid, classname, property, itemid, chk):
8119
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
289 # if itemid is given a classname must, too, checked in caller
8294
302c797756e6 fix: issue2550962. remove assert in Role::hasPermission
John Rouillard <rouilj@ieee.org>
parents: 8155
diff changeset
290 if itemid and classname is None:
302c797756e6 fix: issue2550962. remove assert in Role::hasPermission
John Rouillard <rouilj@ieee.org>
parents: 8155
diff changeset
291 raise ValueError('classname must accompany itemid')
302c797756e6 fix: issue2550962. remove assert in Role::hasPermission
John Rouillard <rouilj@ieee.org>
parents: 8155
diff changeset
292
8119
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
293 perms = self._permissions
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
294 if perm not in perms:
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
295 return False
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
296 # If we have a classname we also need to check permission with
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
297 # an empty classname (e.g. 'admin' has access on everything)
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
298 if classname is not None and None in perms[perm]:
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
299 for p in perms[perm][None][chk]:
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
300 # permission match?
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
301 if p.test(db, perm, classname, property, uid, itemid):
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
302 return True
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
303 if classname not in perms[perm]:
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
304 return False
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
305 for p in perms[perm][classname][chk]:
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
306 # permission match?
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
307 if p.test(db, perm, classname, property, uid, itemid):
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
308 return True
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
309
8299
43899d99fc4d refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents: 8294
diff changeset
310 return False
43899d99fc4d refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents: 8294
diff changeset
311
43899d99fc4d refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents: 8294
diff changeset
312 def permission_list(self):
8119
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
313 """ Used for reporting in admin tool """
8299
43899d99fc4d refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents: 8294
diff changeset
314 perm_list = []
8119
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
315 for p in self._permissions:
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
316 for c in self._permissions[p]:
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
317 for cond in (False, True):
8299
43899d99fc4d refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents: 8294
diff changeset
318 perm_list.extend(self._permissions[p][c][cond])
43899d99fc4d refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents: 8294
diff changeset
319 perm_list.sort(key=lambda x: (x.klass or '', x.name))
43899d99fc4d refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents: 8294
diff changeset
320 return perm_list
8119
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
321
8472
224ccb8b49ca refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents: 8299
diff changeset
322 def props_dict(self):
224ccb8b49ca refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents: 8299
diff changeset
323 return {name: getattr(self, name) for name in self.__slots__}
224ccb8b49ca refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents: 8299
diff changeset
324
8299
43899d99fc4d refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents: 8294
diff changeset
325 def searchable(self, classname, propname):
43899d99fc4d refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents: 8294
diff changeset
326 for perm_name in 'View', 'Search':
8119
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
327 # Only permissions without a check method
8299
43899d99fc4d refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents: 8294
diff changeset
328 if perm_name not in self._permissions:
8119
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
329 continue
8299
43899d99fc4d refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents: 8294
diff changeset
330 perms = self._permissions[perm_name]
43899d99fc4d refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents: 8294
diff changeset
331 if classname not in perms and None not in perms:
8119
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
332 continue
8299
43899d99fc4d refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents: 8294
diff changeset
333 if None in perms:
43899d99fc4d refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents: 8294
diff changeset
334 for p in perms[None][False]:
8131
8e9181dfc9fa Fix searchable checks in roundup/security.py
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8125
diff changeset
335 if p.searchable(classname, propname):
8e9181dfc9fa Fix searchable checks in roundup/security.py
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8125
diff changeset
336 return True
8299
43899d99fc4d refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents: 8294
diff changeset
337 if classname in perms:
43899d99fc4d refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents: 8294
diff changeset
338 for p in perms[classname][False]:
8131
8e9181dfc9fa Fix searchable checks in roundup/security.py
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8125
diff changeset
339 if p.searchable(classname, propname):
8e9181dfc9fa Fix searchable checks in roundup/security.py
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8125
diff changeset
340 return True
8299
43899d99fc4d refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents: 8294
diff changeset
341 return False
6012
06e6bc21b67e flake8 changes whitepace and formatting
John Rouillard <rouilj@ieee.org>
parents: 5414
diff changeset
342
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
343
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
344 class Security:
8472
224ccb8b49ca refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents: 8299
diff changeset
345
224ccb8b49ca refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents: 8299
diff changeset
346 # __dict__ is needed to allow mocking of db.security.hasPermission
224ccb8b49ca refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents: 8299
diff changeset
347 # in test/test_templating.py. Define slots for properties used in
224ccb8b49ca refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents: 8299
diff changeset
348 # production to increase speed.
224ccb8b49ca refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents: 8299
diff changeset
349 __slots__ = ("__dict__", "db", "permission", "role")
224ccb8b49ca refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents: 8299
diff changeset
350
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
351 def __init__(self, db):
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
352 ''' Initialise the permission and role classes, and add in the
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
353 base roles (for admin user).
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
354 '''
908
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
355 self.db = weakref.proxy(db) # use a weak ref to avoid circularity
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
356
8119
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
357 # Permissions are mapped by name to a list of Permissions by class
908
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
358 self.permission = {}
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
359
908
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
360 # roles are mapped by name to the Role
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
361 self.role = {}
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
362
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
363 # the default Roles
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
364 self.addRole(name="User", description="A regular user, no privs")
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
365 self.addRole(name="Admin", description="An admin user, full privs")
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
366 self.addRole(name="Anonymous", description="An anonymous user")
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
367
4088
34434785f308 Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents: 3535
diff changeset
368 # default permissions - Admin may do anything
8299
43899d99fc4d refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents: 8294
diff changeset
369 for perm_name in 'create edit restore retire view'.split():
43899d99fc4d refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents: 8294
diff changeset
370 p = self.addPermission(name=perm_name.title(),
43899d99fc4d refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents: 8294
diff changeset
371 description="User may %s everything" %
43899d99fc4d refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents: 8294
diff changeset
372 perm_name)
4088
34434785f308 Plug a number of security holes:
Richard Jones <richard@users.sourceforge.net>
parents: 3535
diff changeset
373 self.addPermissionToRole('Admin', p)
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
374
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
375 # initialise the permissions and roles needed for the UIs
992
6003d6fa02a5 new CGI frontend support
Richard Jones <richard@users.sourceforge.net>
parents: 938
diff changeset
376 from roundup.cgi import client
6003d6fa02a5 new CGI frontend support
Richard Jones <richard@users.sourceforge.net>
parents: 938
diff changeset
377 client.initialiseSecurity(self)
938
62c49e259047 preparation for moving cgi modules around
Richard Jones <richard@users.sourceforge.net>
parents: 909
diff changeset
378 from roundup import mailgw
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
379 mailgw.initialiseSecurity(self)
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
380
8125
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
381 def filter_iter(self, permission, userid, classname):
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
382 """ Loop over all permissions for the current user on the class
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
383 with a check method (and props_only False).
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
384 """
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
385 for rolename in self.db.user.get_roles(userid):
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
386 if not rolename or (rolename not in self.role):
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
387 continue
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
388 r = self.role[rolename]
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
389 for perm in r.filter_iter(permission, classname):
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
390 yield perm
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
391
3117
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
392 def getPermission(self, permission, classname=None, properties=None,
6012
06e6bc21b67e flake8 changes whitepace and formatting
John Rouillard <rouilj@ieee.org>
parents: 5414
diff changeset
393 check=None, props_only=None):
905
502a5ae11cc5 Very close now. The cgi and mailgw now use the new security API.
Richard Jones <richard@users.sourceforge.net>
parents: 902
diff changeset
394 ''' Find the Permission matching the name and for the class, if the
502a5ae11cc5 Very close now. The cgi and mailgw now use the new security API.
Richard Jones <richard@users.sourceforge.net>
parents: 902
diff changeset
395 classname is specified.
502a5ae11cc5 Very close now. The cgi and mailgw now use the new security API.
Richard Jones <richard@users.sourceforge.net>
parents: 902
diff changeset
396
502a5ae11cc5 Very close now. The cgi and mailgw now use the new security API.
Richard Jones <richard@users.sourceforge.net>
parents: 902
diff changeset
397 Raise ValueError if there is no exact match.
502a5ae11cc5 Very close now. The cgi and mailgw now use the new security API.
Richard Jones <richard@users.sourceforge.net>
parents: 902
diff changeset
398 '''
5128
4058fc1ec746 replacing depricated has_key references by in to support python 3. Errors reported by python -3 roundup_server. Unit tests test_config test_security pass although test_config is a bit weak in coverage.
John Rouillard <rouilj@ieee.org>
parents: 5127
diff changeset
399 if permission not in self.permission:
6012
06e6bc21b67e flake8 changes whitepace and formatting
John Rouillard <rouilj@ieee.org>
parents: 5414
diff changeset
400 raise ValueError('No permission "%s" defined' % permission)
909
ef9c759c243e Fix to hasPermission, thanks Stefan Seefeld.
Richard Jones <richard@users.sourceforge.net>
parents: 908
diff changeset
401
2834
Richard Jones <richard@users.sourceforge.net>
parents: 2723
diff changeset
402 if classname:
Richard Jones <richard@users.sourceforge.net>
parents: 2723
diff changeset
403 try:
Richard Jones <richard@users.sourceforge.net>
parents: 2723
diff changeset
404 self.db.getclass(classname)
Richard Jones <richard@users.sourceforge.net>
parents: 2723
diff changeset
405 except KeyError:
6012
06e6bc21b67e flake8 changes whitepace and formatting
John Rouillard <rouilj@ieee.org>
parents: 5414
diff changeset
406 raise ValueError('No class "%s" defined' % classname)
2834
Richard Jones <richard@users.sourceforge.net>
parents: 2723
diff changeset
407
909
ef9c759c243e Fix to hasPermission, thanks Stefan Seefeld.
Richard Jones <richard@users.sourceforge.net>
parents: 908
diff changeset
408 # look through all the permissions of the given name
3117
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
409 tester = Permission(permission, klass=classname, properties=properties,
5196
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
410 check=check,
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
411 props_only=props_only)
908
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
412 for perm in self.permission[permission]:
3117
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
413 if perm == tester:
908
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
414 return perm
6012
06e6bc21b67e flake8 changes whitepace and formatting
John Rouillard <rouilj@ieee.org>
parents: 5414
diff changeset
415 raise ValueError('No permission "%s" defined for "%s"' % (permission,
06e6bc21b67e flake8 changes whitepace and formatting
John Rouillard <rouilj@ieee.org>
parents: 5414
diff changeset
416 classname))
905
502a5ae11cc5 Very close now. The cgi and mailgw now use the new security API.
Richard Jones <richard@users.sourceforge.net>
parents: 902
diff changeset
417
2649
1df7d4a41da4 Buncha stuff (sorry about the large checkin):
Richard Jones <richard@users.sourceforge.net>
parents: 2005
diff changeset
418 def hasPermission(self, permission, userid, classname=None,
8139
de58ff07890e Rename parameter of hasPermission
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8131
diff changeset
419 property=None, itemid=None,
de58ff07890e Rename parameter of hasPermission
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8131
diff changeset
420 skip_permissions_with_check=False):
3117
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
421 '''Look through all the Roles, and hence Permissions, and
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
422 see if "permission" exists given the constraints of
5196
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
423 classname, property, itemid, and props_only.
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
424
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
425 If classname is specified (and only classname) the
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
426 search will match:
3117
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
427
5196
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
428 if there is *any* Permission for that classname, and
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
429 that Permission was not created with props_only = True
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
430
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
431 *NOTE* the Permission will match even if there are
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
432 additional constraints like a check or properties and
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
433 props_only is False. This can be unexpected. Using
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
434 props_only = True or setting the default value to True can
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
435 help prevent surprises.
3117
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
436
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
437 If property is specified, the Permission matched must have
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
438 either no properties listed or the property must appear in
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
439 the list.
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
440
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
441 If itemid is specified, the Permission matched must have
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
442 either no check function defined or the check function,
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
443 when invoked, must return a True value.
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
444
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
445 Note that this functionality is actually implemented by the
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
446 Permission.test() method.
5196
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
447
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
448 '''
2983
9614a101b68f Stuff from the train ride this morning:
Richard Jones <richard@users.sourceforge.net>
parents: 2834
diff changeset
449 if itemid and classname is None:
5378
35ea9b1efc14 Python 3 preparation: "raise" syntax.
Joseph Myers <jsm@polyomino.org.uk>
parents: 5269
diff changeset
450 raise ValueError('classname must accompany itemid')
8119
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
451 # for each of the user's Roles, check the permissions
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
452 # Note that checks with a check method are typically a lot more
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
453 # expensive than the ones without. So we check the ones without
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
454 # a check method first
8121
2a4d0413bd20 When computing batch check class-permissions first
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8120
diff changeset
455 checklist = (False, True)
8139
de58ff07890e Rename parameter of hasPermission
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8131
diff changeset
456 if skip_permissions_with_check:
8121
2a4d0413bd20 When computing batch check class-permissions first
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8120
diff changeset
457 checklist = (False,)
2a4d0413bd20 When computing batch check class-permissions first
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8120
diff changeset
458 for has_check in checklist:
8119
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
459 for rolename in self.db.user.get_roles(userid):
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
460 if not rolename or (rolename not in self.role):
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
461 continue
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
462 r = self.role[rolename]
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
463 v = r.hasPermission(self.db, permission, userid, classname,
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
464 property, itemid, has_check)
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
465 if v:
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
466 return v
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
467 return False
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
468
8125
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
469 def is_filterable(self, permission, userid, classname):
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
470 """ Check if all permissions for the current user on the class
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
471 with a check method (and props_only False) also have a
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
472 filter method. We only consider permissions with props_only
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
473 set to False. Note that this will return True if there are
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
474 no permissions with a check method found, the performed
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
475 checks later will find no matching records.
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
476 """
8299
43899d99fc4d refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents: 8294
diff changeset
477 for perm in self.filter_iter(permission, userid, classname):
8125
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
478 if not perm.filter:
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
479 return False
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
480 return True
b358da7c89e5 Optimize filtering of search results
Ralf Schlatterbeck <rsc@runtux.com>
parents: 8121
diff changeset
481
8472
224ccb8b49ca refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents: 8299
diff changeset
482 def props_dict(self):
224ccb8b49ca refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents: 8299
diff changeset
483 return {name: getattr(self, name) for name in self.__slots__}
224ccb8b49ca refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents: 8299
diff changeset
484
4444
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
485 def roleHasSearchPermission(self, classname, property, *rolenames):
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
486 """ For each of the given roles, check the permissions.
4438
222efa59ee6c search permissions must allow transitive properties
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4437
diff changeset
487 Property can be a transitive property.
4437
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
488 """
4438
222efa59ee6c search permissions must allow transitive properties
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4437
diff changeset
489 # Note: break from inner loop means "found"
222efa59ee6c search permissions must allow transitive properties
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4437
diff changeset
490 # break from outer loop means "not found"
4444
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
491 cn = classname
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
492 prev = None
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
493 prop = None
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
494 Link = hyperdb.Link
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
495 Multilink = hyperdb.Multilink
4438
222efa59ee6c search permissions must allow transitive properties
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4437
diff changeset
496 for propname in property.split('.'):
4444
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
497 if prev:
4438
222efa59ee6c search permissions must allow transitive properties
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4437
diff changeset
498 try:
4444
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
499 cn = prop.classname
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
500 except AttributeError:
4438
222efa59ee6c search permissions must allow transitive properties
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4437
diff changeset
501 break
4444
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
502 prev = propname
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
503 try:
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
504 cls = self.db.getclass(cn)
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
505 prop = cls.getprops()[propname]
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
506 except KeyError:
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
507 break
8119
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
508 for rn in rolenames:
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
509 if self.role[rn].searchable(cn, propname):
4438
222efa59ee6c search permissions must allow transitive properties
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4437
diff changeset
510 break
222efa59ee6c search permissions must allow transitive properties
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4437
diff changeset
511 else:
222efa59ee6c search permissions must allow transitive properties
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4437
diff changeset
512 break
222efa59ee6c search permissions must allow transitive properties
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4437
diff changeset
513 else:
4444
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
514 # for Link and Multilink require search permission on label-
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
515 # and order-properties and on ID
8299
43899d99fc4d refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents: 8294
diff changeset
516 if isinstance(prop, (Link, Multilink)):
4444
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
517 try:
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
518 cls = self.db.getclass(prop.classname)
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
519 except KeyError:
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
520 return 0
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
521 props = dict.fromkeys(('id', cls.labelprop(), cls.orderprop()))
8299
43899d99fc4d refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents: 8294
diff changeset
522 for p in props:
8119
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
523 for rn in rolenames:
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
524 if self.role[rn].searchable(prop.classname, p):
4444
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
525 break
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
526 else:
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
527 return 0
4438
222efa59ee6c search permissions must allow transitive properties
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4437
diff changeset
528 return 1
4437
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
529 return 0
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
530
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
531 def hasSearchPermission(self, userid, classname, property):
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
532 '''Look through all the Roles, and hence Permissions, and
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
533 see if "permission" exists given the constraints of
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
534 classname and property.
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
535
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
536 A search permission is granted if we find a 'View' or
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
537 'Search' permission for the user which does *not* include
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
538 a check function. If such a permission is found, the user may
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
539 search for the given property in the given class.
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
540
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
541 Note that classname *and* property are mandatory arguments.
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
542
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
543 Contrary to hasPermission, the search will *not* match if
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
544 there are additional constraints (namely a search function)
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
545 on a Permission found.
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
546
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
547 Concerning property, the Permission matched must have
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
548 either no properties listed or the property must appear in
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
549 the list.
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
550 '''
4444
8137456a86f3 more fixes to search permissions:
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4443
diff changeset
551 roles = [r for r in self.db.user.get_roles(userid)
5128
4058fc1ec746 replacing depricated has_key references by in to support python 3. Errors reported by python -3 roundup_server. Unit tests test_config test_security pass although test_config is a bit weak in coverage.
John Rouillard <rouilj@ieee.org>
parents: 5127
diff changeset
552 if r and (r in self.role)]
6012
06e6bc21b67e flake8 changes whitepace and formatting
John Rouillard <rouilj@ieee.org>
parents: 5414
diff changeset
553 return self.roleHasSearchPermission(classname, property, *roles)
4437
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
554
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
555 def addPermission(self, **propspec):
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
556 ''' Create a new Permission with the properties defined in
3117
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
557 'propspec'. See the Permission class for the possible
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
558 keyword args.
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
559 '''
908
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
560 perm = Permission(**propspec)
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
561 self.permission.setdefault(perm.name, []).append(perm)
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
562 return perm
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
563
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
564 def addRole(self, **propspec):
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
565 ''' Create a new Role with the properties defined in 'propspec'
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
566 '''
908
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
567 role = Role(**propspec)
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
568 self.role[role.name] = role
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
569 return role
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
570
5196
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
571 def set_props_only_default(self, props_only=None):
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
572 if props_only is not None:
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
573 # NOTE: only valid values are True and False because these
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
574 # will be compared as part of tuple == tuple and
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
575 # (3,) == (True,) is False even though 3 is a True value
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
576 # in a boolean context. So use bool() to coerce value.
8472
224ccb8b49ca refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents: 8299
diff changeset
577 Permission.limit_perm_to_props_only_default = \
5196
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
578 bool(props_only)
e0732fd6a6c7 Implement props_only feature for permissions.
rouilj@uland
parents: 5186
diff changeset
579
5199
1f72b73d7770 Still trying to figure out why travis ci fails without a call to
John Rouillard <rouilj@ieee.org>
parents: 5196
diff changeset
580 def get_props_only_default(self):
8472
224ccb8b49ca refactor: change some classes to use __slots__
John Rouillard <rouilj@ieee.org>
parents: 8299
diff changeset
581 return Permission.limit_perm_to_props_only_default
5199
1f72b73d7770 Still trying to figure out why travis ci fails without a call to
John Rouillard <rouilj@ieee.org>
parents: 5196
diff changeset
582
3117
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
583 def addPermissionToRole(self, rolename, permission, classname=None,
6012
06e6bc21b67e flake8 changes whitepace and formatting
John Rouillard <rouilj@ieee.org>
parents: 5414
diff changeset
584 properties=None, check=None, props_only=None):
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
585 ''' Add the permission to the role's permission list.
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
586
908
a8d80ffe37cc Removed the unnecessary volatiledb and the related complications.
Richard Jones <richard@users.sourceforge.net>
parents: 905
diff changeset
587 'rolename' is the name of the role to add the permission to.
2991
b9a55628a78d more doc fixes
Richard Jones <richard@users.sourceforge.net>
parents: 2983
diff changeset
588
b9a55628a78d more doc fixes
Richard Jones <richard@users.sourceforge.net>
parents: 2983
diff changeset
589 'permission' is either a Permission *or* a permission name
3115
ece73371713c fix Permission.__repr__()
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2991
diff changeset
590 accompanied by 'classname' (thus in the second case a Permission
2991
b9a55628a78d more doc fixes
Richard Jones <richard@users.sourceforge.net>
parents: 2983
diff changeset
591 is obtained by passing 'permission' and 'classname' to
b9a55628a78d more doc fixes
Richard Jones <richard@users.sourceforge.net>
parents: 2983
diff changeset
592 self.getPermission)
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
593 '''
2991
b9a55628a78d more doc fixes
Richard Jones <richard@users.sourceforge.net>
parents: 2983
diff changeset
594 if not isinstance(permission, Permission):
3117
460eb0209a9e Permissions improvements.
Richard Jones <richard@users.sourceforge.net>
parents: 3115
diff changeset
595 permission = self.getPermission(permission, classname,
6012
06e6bc21b67e flake8 changes whitepace and formatting
John Rouillard <rouilj@ieee.org>
parents: 5414
diff changeset
596 properties, check, props_only)
1512
9b93d140b8e6 role names made case insensitive
Andrey Lebedev <kedder@users.sourceforge.net>
parents: 1218
diff changeset
597 role = self.role[rolename.lower()]
8119
c12377fb4144 Change permission representation
Ralf Schlatterbeck <rsc@runtux.com>
parents: 6012
diff changeset
598 role.addPermission(permission)
902
b0d3d3535998 Bugger it. Here's the current shape of the new security implementation.
Richard Jones <richard@users.sourceforge.net>
parents:
diff changeset
599
4437
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
600 # Convenience methods for removing non-allowed properties from a
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
601 # filterspec or sort/group list
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
602
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
603 def filterFilterspec(self, userid, classname, filterspec):
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
604 """ Return a filterspec that has all non-allowed properties removed.
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
605 """
8299
43899d99fc4d refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents: 8294
diff changeset
606 return {k: v for k, v in filterspec.items()
43899d99fc4d refactor(ruff): multiple changes to clear ruff issues
John Rouillard <rouilj@ieee.org>
parents: 8294
diff changeset
607 if self.hasSearchPermission(userid, classname, k)}
4437
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
608
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
609 def filterSortspec(self, userid, classname, sort):
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
610 """ Return a sort- or group-list that has all non-allowed properties
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
611 removed.
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
612 """
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
613 if isinstance(sort, tuple) and sort[0] in '+-':
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
614 sort = [sort]
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
615 return [(d, p) for d, p in sort
6012
06e6bc21b67e flake8 changes whitepace and formatting
John Rouillard <rouilj@ieee.org>
parents: 5414
diff changeset
616 if self.hasSearchPermission(userid, classname, p)]
4437
261c9f913ff7 - Add explicit "Search" permissions, see Security Fix below.
Ralf Schlatterbeck <schlatterbeck@users.sourceforge.net>
parents: 4306
diff changeset
617
2652
281beec48408 add note about new functionality to Permission class docstring;
Alexander Smishlajev <a1s@users.sourceforge.net>
parents: 2649
diff changeset
618 # vim: set filetype=python sts=4 sw=4 et si :
Roundup Issue Tracker: http://roundup-tracker.org/