/usr/share/pyshared/lazr/restful/security.py is in python-lazr.restful 0.9.29-0ubuntu2.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 | # Copyright 2008 Canonical Ltd. All rights reserved.
"""Utilities for dealing with zope security."""
__metaclass__ = type
__all__ = [
'protect_schema',
]
from zope.interface.interfaces import IMethod
from zope.schema.interfaces import IField
from zope.security.checker import defineChecker, CheckerPublic, Checker
def protect_schema(type_, schema, read_permission=CheckerPublic,
write_permission=None):
"""Define security checker based on a schema.
This will define a checker for the type, based on the names available in
the schema. All attributes will be protected.
It also grants set access to attributes and non-readonly fields of
the schema if the write_permission parameter is used.
:param type_: The class for which the checker will be defined.
:param schema: The schema to use to find the names to protect.
:param read_permission: The permission used to protect access to the
attributes. Default to public access.
:param write_permission: If this is not None, set access to the writable
attributes of the schema will be added to the checker.
"""
read_permissions = {}
write_permissions = {}
for name in schema.names(True):
read_permissions[name] = read_permission
if write_permission is not None:
attribute = schema.get(name)
# We don't want to set methods or readonly fields.
if IMethod.providedBy(attribute):
continue
if IField.providedBy(attribute) and attribute.readonly:
continue
write_permissions[name] = write_permission
defineChecker(type_, Checker(read_permissions, write_permissions))
|