Attachment 'security.py'

Download

   1 # -*- coding: iso-8859-1 -*-
   2 """
   3     MoinMoin - Wiki Security Interface
   4 
   5     This implements the basic interface for user permissions and
   6     system policy. If you want to define your own policy, inherit
   7     from the base class 'Permissions', so that when new permissions
   8     are defined, you get the defaults.
   9 
  10     Then assign your new class to "SecurityPolicy" in wikiconfig;
  11     and I mean the class, not an instance of it!
  12 
  13     @copyright: 2000-2004 by Jürgen Hermann <jh@web.de>
  14     @license: GNU GPL, see COPYING for details.
  15 """
  16 
  17 #############################################################################
  18 ### Basic Permissions Interface -- most features enabled by default
  19 #############################################################################
  20 
  21 
  22 class Permissions:
  23     """ Basic interface for user permissions and system policy.
  24 
  25         Note that you still need to allow some of the related actions, this
  26         just controls their behaviour, not their activation.
  27     """
  28 
  29     def __init__(self, user):
  30         """ Calculate the permissons `user` has.
  31         """
  32         from MoinMoin.Page import Page
  33         self.Page = Page
  34         self.name = user.name
  35         self.request = user._request
  36 
  37     def save(self, editor, newtext, rev, **kw):
  38         """ Check whether user may save a page.
  39 
  40             `editor` is the PageEditor instance, the other arguments are
  41             those of the `PageEditor.saveText` method.
  42         """
  43         return self.write(editor.page_name)
  44 
  45     def __getattr__(self, attr):
  46         request = self.request
  47         Page = self.Page
  48 
  49         # check right in security_rules
  50         for s in request.cfg.security_rules:
  51             # Make Sure the SecurityRules have 'rule' and attr
  52             # and the SecurityRules is a Dict.
  53             try:
  54                 if s.has_key('rule') and s.has_key(attr):
  55                    valid_security_rule = 1
  56                 else:
  57                    valid_security_rule = 0
  58             except AttributeError:
  59                 valid_security_rule = 0
  60             if valid_security_rule:
  61                 sr = s['rule']
  62                 security_rule = sr(request.user, s)
  63                 # Check dict again, Is it developer like ?
  64                 if security_rule.check_dict(attr):
  65                     return lambda pagename, **kw: getattr(security_rule, attr)(pagename, **kw)
  66 
  67         # If cann't check in security_rules, try it in moin_acl
  68         if attr in request.cfg.acl_rights_valid:
  69             return lambda pagename, Page=Page, request=request, attr=attr: Page(request, pagename).getACL(request).may(request, self.name, attr)
  70         else:
  71             raise AttributeError, attr
  72         
  73 
  74 # make an alias for the default policy
  75 Default = Permissions

Attached Files

To refer to attachments on a page, use attachment:filename, as shown below in the list of files. Do NOT use the URL of the [get] link, since this is subject to change and can break easily.
  • [get | view] (2006-01-18 08:53:17, 2.7 KB) [[attachment:security.py]]
  • [get | view] (2006-01-18 08:53:47, 1.5 KB) [[attachment:securityrule.py]]
  • [get | view] (2006-01-14 05:42:23, 79.3 KB) [[attachment:sr.png]]
  • [get | view] (2006-01-18 08:52:39, 28.8 KB) [[attachment:sr.svg]]
 All files | Selected Files: delete move to page copy to page

You are not allowed to attach a file to this page.