Attachment 'security_rules2.patch'
Download 1 * looking for arch@arch.thinkmo.de--2003-archives/moin--main--1.5--patch-376 to compare with
2 * comparing to arch@arch.thinkmo.de--2003-archives/moin--main--1.5--patch-376
3 M MoinMoin/multiconfig.py
4 M MoinMoin/security.py
5
6 * modified files
7
8 --- orig/MoinMoin/multiconfig.py
9 +++ mod/MoinMoin/multiconfig.py
10 @@ -10,6 +10,8 @@
11 from MoinMoin import error
12 import MoinMoin.auth as authmodule
13
14 +import MoinMoin.securityrule as SecurityRule
15 +
16 _url_re_cache = None
17 _farmconfig_mtime = None
18 _config_cache = {}
19 @@ -168,6 +170,7 @@
20 acl_rights_before = u""
21 acl_rights_after = u""
22 acl_rights_valid = ['read', 'write', 'delete', 'revert', 'admin']
23 + security_rules = [{'rule' :SecurityRule.vaild_user, "is_non": 1, "write": "Deny"}]
24
25 actions_excluded = [] # ['DeletePage', 'AttachFile', 'RenamePage']
26 allow_xslt = 0
27
28
29 --- orig/MoinMoin/security.py
30 +++ mod/MoinMoin/security.py
31 @@ -43,16 +43,23 @@
32 return self.write(editor.page_name)
33
34 def __getattr__(self, attr):
35 - """ if attr is one of the rights in acl_rights_valid, then return a
36 - checking function for it. Else raise an error.
37 - """
38 request = self.request
39 Page = self.Page
40 +
41 + # check right in security_rules
42 + for s in request.cfg.security_rules:
43 + sr = s['rule']
44 + security_rule = sr(request.user, s)
45 + attr_security_rule = getattr(security_rule, attr, 0)
46 + if attr_security_rule:
47 + return lambda pagename, **kw: attr_security_rule(pagename, **kw)
48 +
49 + # If cann't check in security_rules, try it in moin_acl
50 if attr in request.cfg.acl_rights_valid:
51 return lambda pagename, Page=Page, request=request, attr=attr: Page(request, pagename).getACL(request).may(request, self.name, attr)
52 else:
53 raise AttributeError, attr
54 -
55 +
56
57 # make an alias for the default policy
58 Default = Permissions
59
60
61 --- orig/MoinMoin/securityrule.py
62 +++ mod/MoinMoin/securityrule.py
63 @@ -0,0 +1,50 @@
64 +# -*- coding: iso-8859-1 -*-
65 +"""
66 +@copyright: (c) Bastian Blank, Florian Festi, Thomas Waldmann
67 +@copyright: MoinMoin:FrankieChow
68 +@license: GNU GPL, see COPYING for details.
69 +"""
70 +
71 +class security_rules_obj:
72 + """ Template of SecurityRules Object
73 + """
74 +
75 + def __init__(self, user, dict):
76 + """ Calculate the permissons `user` has.
77 + """
78 + self.user = user
79 + self.name = user.name
80 + self.request = user._request
81 + self.dict = dict
82 + is_non = self.dict['is_non']
83 + # FixMe: What about this logic relationship ?
84 + if is_non and self.check_rule():
85 + self.rule_result = 1
86 + elif is_non and not self.check_rule():
87 + self.rule_result = 0
88 + elif not is_non and self.check_rule():
89 + self.rule_result = 0
90 + elif not is_non and not self.check_rule():
91 + self.rule_result = 1
92 +
93 + def true(self, pagename, **kw):
94 + return 1
95 + def false(self, pagename, **kw):
96 + return 0
97 +
98 + def __getattr__(self, attr):
99 + if not self.rule_result: raise AttributeError, attr
100 + if self.dict.has_key(attr):
101 + if self.dict[attr] == 'Accept':
102 + return lambda pagename, **kw: self.true(pagename, **kw)
103 + elif self.dict[attr] == 'Deny':
104 + return lambda pagename, **kw: self.false(pagename, **kw)
105 + else: raise AttributeError, attr
106 + else: raise AttributeError, attr
107 +
108 +class vaild_user(security_rules_obj):
109 + def check_rule(self):
110 + if self.user.valid:
111 + return 1
112 + else:
113 + return 0
114
Attached Files
To refer to attachments on a page, use attachment:filename, as shown below in the list of files. Do NOT use the URL of the [get] link, since this is subject to change and can break easily.You are not allowed to attach a file to this page.