Attachment 'security_rules.patch'

Download

   1 * looking for arch@arch.thinkmo.de--2003-archives/moin--main--1.5--patch-376 to compare with
   2 * comparing to arch@arch.thinkmo.de--2003-archives/moin--main--1.5--patch-376
   3 M  MoinMoin/multiconfig.py
   4 M  MoinMoin/security.py
   5 A  MoinMoin/securityrule.py
   6 
   7 * modified files
   8 
   9 --- orig/MoinMoin/multiconfig.py
  10 +++ mod/MoinMoin/multiconfig.py
  11 @@ -10,6 +10,8 @@
  12  from MoinMoin import error
  13  import MoinMoin.auth as authmodule
  14  
  15 +import MoinMoin.securityrule as SecurityRule
  16 +
  17  _url_re_cache = None
  18  _farmconfig_mtime = None
  19  _config_cache = {}
  20 @@ -168,6 +170,9 @@
  21      acl_rights_before = u""
  22      acl_rights_after = u""
  23      acl_rights_valid = ['read', 'write', 'delete', 'revert', 'admin']
  24 +    security_rules = [SecurityRule.just_vaild_user_can_write, 
  25 +                      SecurityRule.check_acl] 
  26 +    security_rules_fifo = 0
  27      
  28      actions_excluded = [] # ['DeletePage', 'AttachFile', 'RenamePage']
  29      allow_xslt = 0
  30 
  31 
  32 --- orig/MoinMoin/security.py
  33 +++ mod/MoinMoin/security.py
  34 @@ -18,6 +18,7 @@
  35  ### Basic Permissions Interface -- most features enabled by default
  36  #############################################################################
  37  
  38 +#import MoinMoin.securityrule as SecurityRule
  39  
  40  class Permissions:
  41      """ Basic interface for user permissions and system policy.
  42 @@ -43,16 +44,19 @@
  43          return self.write(editor.page_name)
  44  
  45      def __getattr__(self, attr):
  46 -        """ if attr is one of the rights in acl_rights_valid, then return a
  47 -            checking function for it. Else raise an error.
  48 -        """
  49 +        rules = []
  50          request = self.request
  51 -        Page = self.Page
  52 -        if attr in request.cfg.acl_rights_valid:
  53 -            return lambda pagename, Page=Page, request=request, attr=attr: Page(request, pagename).getACL(request).may(request, self.name, attr)
  54 -        else:
  55 -            raise AttributeError, attr
  56 -        
  57 +        for sr in request.cfg.security_rules:
  58 +            security_rule = sr(request.user)
  59 +            attr_security_rule = getattr(security_rule, attr, 0)
  60 +            if attr_security_rule:
  61 +                rules.append(attr_security_rule)
  62 +                if getattr(security_rule, attr + '_non_continue', 0):
  63 +                    return lambda pagename, **kw: attr_security_rule(pagename, **kw)
  64 +        if len(rules) > 0:
  65 +            if request.cfg.security_rules_fifo:
  66 +                return lambda pagename, **kw: rules[0](pagename, **kw)
  67 +            else: return lambda pagename, **kw: rules[-1](pagename, **kw)
  68  
  69  # make an alias for the default policy
  70  Default = Permissions
  71 
  72 
  73 --- orig/MoinMoin/securityrule.py
  74 +++ mod/MoinMoin/securityrule.py
  75 @@ -0,0 +1,48 @@
  76 +# -*- coding: iso-8859-1 -*-
  77 +"""
  78 +@copyright: (c) Bastian Blank, Florian Festi, Thomas Waldmann
  79 +@copyright: MoinMoin:FrankieChow
  80 +@license: GNU GPL, see COPYING for details.
  81 +"""
  82 +
  83 +class security_rules_obj:
  84 +    """ Template of SecurityRules Object
  85 +    """
  86 +
  87 +    def __init__(self, user):
  88 +        """ Calculate the permissons `user` has.
  89 +        """
  90 +        self.user = user
  91 +        self.name = user.name
  92 +        self.request = user._request
  93 +    def true(self, pagename, **kw):
  94 +        return 1
  95 +    def false(self, pagename, **kw):
  96 +        return 0
  97 +
  98 +class check_acl(security_rules_obj):
  99 +    """ Basic interface for user permissions and system policy.
 100 +
 101 +        Note that you still need to allow some of the related actions, this
 102 +        just controls their behaviour, not their activation.
 103 +    """
 104 +
 105 +    def __getattr__(self, attr):
 106 +        """ if attr is one of the rights in acl_rights_valid, then return a
 107 +            checking function for it. Else raise an error.
 108 +        """
 109 +        from MoinMoin.Page import Page
 110 +        request = self.request
 111 +        if attr in request.cfg.acl_rights_valid:
 112 +            return lambda pagename, Page=Page, request=request, attr=attr: Page(request, pagename).getACL(request).may(request, self.name, attr)
 113 +        else:
 114 +            raise AttributeError, attr
 115 +
 116 +class just_vaild_user_can_write(security_rules_obj):
 117 +    def __getattr__(self, attr):
 118 +        if not self.user.valid:
 119 +            self.write_non_continue = 1
 120 +            if attr == 'write':
 121 +                return lambda pagename, **kw: self.false(pagename, **kw)
 122 +            else: raise AttributeError, attr
 123 +        else: raise AttributeError, attr
 124

Attached Files

To refer to attachments on a page, use attachment:filename, as shown below in the list of files. Do NOT use the URL of the [get] link, since this is subject to change and can break easily.
  • [get | view] (2006-01-13 01:52:56, 4.2 KB) [[attachment:security_rules.patch]]
  • [get | view] (2006-01-14 17:15:38, 3.6 KB) [[attachment:security_rules2.patch]]
  • [get | view] (2006-01-15 01:19:08, 3.8 KB) [[attachment:security_rules3.patch]]
  • [get | view] (2006-01-15 06:59:47, 3.9 KB) [[attachment:security_rules4.patch]]
  • [get | view] (2006-01-18 08:43:04, 3.8 KB) [[attachment:security_rules5.patch]]
 All files | Selected Files: delete move to page copy to page

You are not allowed to attach a file to this page.