Attachment 'security_rules4.patch'
Download 1 * looking for arch@arch.thinkmo.de--2003-archives/moin--main--1.5--patch-376 to compare with
2 * comparing to arch@arch.thinkmo.de--2003-archives/moin--main--1.5--patch-376
3 M MoinMoin/multiconfig.py
4 M MoinMoin/security.py
5 A MoinMoin/securityrule.py
6
7 * modified files
8
9 --- orig/MoinMoin/multiconfig.py
10 +++ mod/MoinMoin/multiconfig.py
11 @@ -9,6 +9,7 @@
12 import re, os, sys
13 from MoinMoin import error
14 import MoinMoin.auth as authmodule
15 +import MoinMoin.securityrule as SecurityRule
16
17 _url_re_cache = None
18 _farmconfig_mtime = None
19 @@ -168,7 +169,7 @@
20 acl_rights_before = u""
21 acl_rights_after = u""
22 acl_rights_valid = ['read', 'write', 'delete', 'revert', 'admin']
23 -
24 + security_rules = [] #Test by: [{'rule' :SecurityRule.vaild_user, "is_non": 1, "write": 0}]
25 actions_excluded = [] # ['DeletePage', 'AttachFile', 'RenamePage']
26 allow_xslt = 0
27 attachments = None # {'dir': path, 'url': url-prefix}
28
29
30 --- orig/MoinMoin/security.py
31 +++ mod/MoinMoin/security.py
32 @@ -43,11 +43,28 @@
33 return self.write(editor.page_name)
34
35 def __getattr__(self, attr):
36 - """ if attr is one of the rights in acl_rights_valid, then return a
37 - checking function for it. Else raise an error.
38 - """
39 request = self.request
40 Page = self.Page
41 +
42 + # check right in security_rules
43 + for s in request.cfg.security_rules:
44 + # Make Sure the SecurityRules have 'rule' and attr
45 + # and the SecurityRules is a Dict.
46 + try:
47 + if s.has_key('rule') and s.has_key(attr):
48 + valid_security_rule = 1
49 + else:
50 + valid_security_rule = 0
51 + except AttributeError:
52 + valid_security_rule = 0
53 + if valid_security_rule:
54 + sr = s['rule']
55 + security_rule = sr(request.user, s)
56 + # Check dict again, Is it developer like ?
57 + if security_rule.check_dict():
58 + return lambda pagename, **kw: getattr(security_rule, attr)(pagename, **kw)
59 +
60 + # If cann't check in security_rules, try it in moin_acl
61 if attr in request.cfg.acl_rights_valid:
62 return lambda pagename, Page=Page, request=request, attr=attr: Page(request, pagename).getACL(request).may(request, self.name, attr)
63 else:
64
65
66 --- orig/MoinMoin/securityrule.py
67 +++ mod/MoinMoin/securityrule.py
68 @@ -0,0 +1,55 @@
69 +# -*- coding: iso-8859-1 -*-
70 +"""
71 +@copyright: (c) Bastian Blank, Florian Festi, Thomas Waldmann
72 +@copyright: MoinMoin:FrankieChow
73 +@license: GNU GPL, see COPYING for details.
74 +"""
75 +
76 +class security_rules_obj:
77 + """ Template of SecurityRules Object
78 + """
79 +
80 + def __init__(self, user, dict):
81 + """ Calculate the permissons `user` has.
82 + """
83 + self.user = user
84 + self.name = user.name
85 + self.request = user._request
86 + self.dict = dict
87 +
88 + def cal_rule_result(self):
89 + """ Cal the dict('is_non') and set the rule_result.
90 + """
91 + if self.dict.has_key('is_non'):
92 + self.rule_result = self.dict['is_non'] * self.match_rule()
93 + else:
94 + self.rule_result = self.match_rule()
95 +
96 + def check_dict(self):
97 + """
98 + Developer can override it to check pass dict.
99 + """
100 + self.cal_rule_result()
101 + return 1
102 +
103 + def true(self, pagename, **kw):
104 + return 1
105 + def false(self, pagename, **kw):
106 + return 0
107 +
108 + def __getattr__(self, attr):
109 + if not self.rule_result: raise AttributeError, attr
110 + if self.dict[attr]:
111 + return lambda pagename, **kw: self.true(pagename, **kw)
112 + else:
113 + return lambda pagename, **kw: self.false(pagename, **kw)
114 +
115 +class vaild_user(security_rules_obj):
116 + """
117 + Maybe Developer must need to write this module.
118 + """
119 + def match_rule(self):
120 + if self.user.valid:
121 + return 1
122 + else:
123 + return 0
124
Attached Files
To refer to attachments on a page, use attachment:filename, as shown below in the list of files. Do NOT use the URL of the [get] link, since this is subject to change and can break easily.You are not allowed to attach a file to this page.