Mercurial > p > roundup > code
comparison roundup/security.py @ 8155:e9af08743759 permission-performance
Add check_factory
For Permission objects where we're given a filter function but no check
function, manufacture a check function.
| author | Ralf Schlatterbeck <rsc@runtux.com> |
|---|---|
| date | Mon, 11 Nov 2024 14:32:25 +0100 |
| parents | de58ff07890e |
| children | 302c797756e6 |
comparison
equal
deleted
inserted
replaced
| 8154:67a0fc4f9934 | 8155:e9af08743759 |
|---|---|
| 87 else: | 87 else: |
| 88 self.limit_perm_to_props_only = None | 88 self.limit_perm_to_props_only = None |
| 89 | 89 |
| 90 if check is None: | 90 if check is None: |
| 91 self.check_version = 0 | 91 self.check_version = 0 |
| 92 if filter is not None: | |
| 93 if klass is None: | |
| 94 s = "Definition of a filter function" \ | |
| 95 " needs a check function if no klass is given" | |
| 96 raise ValueError(s) | |
| 97 self.check = self.check_factory(klass, filter) | |
| 98 self.check_version = 1 | |
| 92 else: | 99 else: |
| 93 args = findargspec.findargspec(check) | 100 args = findargspec.findargspec(check) |
| 94 # args[2] is the keywords argument. Leave it as a subscript and | 101 # args[2] is the keywords argument. Leave it as a subscript and |
| 95 # do not use named tuple reference as names change in python 3. | 102 # do not use named tuple reference as names change in python 3. |
| 96 # If there is a **parameter defined in the function spec, the | 103 # If there is a **parameter defined in the function spec, the |
| 99 # function definition is function(db, userid, itemid) | 106 # function definition is function(db, userid, itemid) |
| 100 self.check_version = 1 | 107 self.check_version = 1 |
| 101 else: | 108 else: |
| 102 # function definition is function(db, userid, itemid, **other) | 109 # function definition is function(db, userid, itemid, **other) |
| 103 self.check_version = 2 | 110 self.check_version = 2 |
| 111 | |
| 112 def check_factory(self, klass, filter_function): | |
| 113 """ When a Permission defines a filter function but no check | |
| 114 function, we manufacture a check function here | |
| 115 """ | |
| 116 def check(db, userid, itemid): | |
| 117 cls = db.getclass(klass) | |
| 118 args = filter_function(db, userid, cls) | |
| 119 for a in args: | |
| 120 if cls.filter([itemid], **a): | |
| 121 return True | |
| 122 return check | |
| 104 | 123 |
| 105 def test(self, db, permission, classname, property, userid, itemid): | 124 def test(self, db, permission, classname, property, userid, itemid): |
| 106 ''' Test permissions 5 args: | 125 ''' Test permissions 5 args: |
| 107 permission - string like Edit, Register etc. Required, no wildcard. | 126 permission - string like Edit, Register etc. Required, no wildcard. |
| 108 classname - string like issue, msg etc. Can be None to match any | 127 classname - string like issue, msg etc. Can be None to match any |