Attachment 'security_rules5.patch'
Download 1 * looking for arch@arch.thinkmo.de--2003-archives/moin--main--1.5--patch-376 to compare with
2 * comparing to arch@arch.thinkmo.de--2003-archives/moin--main--1.5--patch-376
3 M MoinMoin/multiconfig.py
4 M MoinMoin/security.py
5 A MoinMoin/securityrule.py
6
7 * modified files
8
9 --- orig/MoinMoin/multiconfig.py
10 +++ mod/MoinMoin/multiconfig.py
11 @@ -168,7 +168,8 @@
12 acl_rights_before = u""
13 acl_rights_after = u""
14 acl_rights_valid = ['read', 'write', 'delete', 'revert', 'admin']
15 -
16 + # import MoinMoin.securityrule as SecurityRule
17 + security_rules = [] #Test by: [{'rule' :SecurityRule.vaild_user, "is_non": 1, "write": 0}]
18 actions_excluded = [] # ['DeletePage', 'AttachFile', 'RenamePage']
19 allow_xslt = 0
20 attachments = None # {'dir': path, 'url': url-prefix}
21
22
23 --- orig/MoinMoin/security.py
24 +++ mod/MoinMoin/security.py
25 @@ -43,11 +43,28 @@
26 return self.write(editor.page_name)
27
28 def __getattr__(self, attr):
29 - """ if attr is one of the rights in acl_rights_valid, then return a
30 - checking function for it. Else raise an error.
31 - """
32 request = self.request
33 Page = self.Page
34 +
35 + # check right in security_rules
36 + for s in request.cfg.security_rules:
37 + # Make Sure the SecurityRules have 'rule' and attr
38 + # and the SecurityRules is a Dict.
39 + try:
40 + if s.has_key('rule') and s.has_key(attr):
41 + valid_security_rule = 1
42 + else:
43 + valid_security_rule = 0
44 + except AttributeError:
45 + valid_security_rule = 0
46 + if valid_security_rule:
47 + sr = s['rule']
48 + security_rule = sr(request.user, s)
49 + # Check dict again, Is it developer like ?
50 + if security_rule.check_dict(attr):
51 + return lambda pagename, **kw: getattr(security_rule, attr)(pagename, **kw)
52 +
53 + # If cann't check in security_rules, try it in moin_acl
54 if attr in request.cfg.acl_rights_valid:
55 return lambda pagename, Page=Page, request=request, attr=attr: Page(request, pagename).getACL(request).may(request, self.name, attr)
56 else:
57
58
59 --- orig/MoinMoin/securityrule.py
60 +++ mod/MoinMoin/securityrule.py
61 @@ -0,0 +1,56 @@
62 +# -*- coding: iso-8859-1 -*-
63 +"""
64 +@copyright: (c) Bastian Blank, Florian Festi, Thomas Waldmann
65 +@copyright: MoinMoin:FrankieChow
66 +@license: GNU GPL, see COPYING for details.
67 +"""
68 +
69 +class security_rules_obj:
70 + """ Template of SecurityRules Object
71 + """
72 +
73 + def __init__(self, user, dict):
74 + """ Calculate the permissons `user` has.
75 + """
76 + self.user = user
77 + self.name = user.name
78 + self.request = user._request
79 + self.dict = dict
80 +
81 + def cal_rule_result(self):
82 + """ Cal the dict('is_non') and set the rule_result.
83 + """
84 + if self.dict.has_key('is_non'):
85 + self.rule_result = self.dict['is_non'] * self.match_rule()
86 + else:
87 + self.rule_result = self.match_rule()
88 +
89 + def check_dict(self):
90 + """
91 + Developer can override it to check pass dict.
92 + """
93 + self.cal_rule_result()
94 + if getattr(self, attr, 0):
95 + return 1
96 +
97 + def true(self, pagename, **kw):
98 + return 1
99 + def false(self, pagename, **kw):
100 + return 0
101 +
102 + def __getattr__(self, attr):
103 + if not self.rule_result: raise AttributeError, attr
104 + if self.dict[attr]:
105 + return lambda pagename, **kw: self.true(pagename, **kw)
106 + else:
107 + return lambda pagename, **kw: self.false(pagename, **kw)
108 +
109 +class vaild_user(security_rules_obj):
110 + """
111 + Maybe Developer must need to write this module.
112 + """
113 + def match_rule(self):
114 + if self.user.valid:
115 + return 1
116 + else:
117 + return 0
118
Attached Files
To refer to attachments on a page, use attachment:filename, as shown below in the list of files. Do NOT use the URL of the [get] link, since this is subject to change and can break easily.You are not allowed to attach a file to this page.