/usr/share/pyshared/zope/securitypolicy/interfaces.py is in python-zope.securitypolicy 3.7.0-0ubuntu4.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 | ##############################################################################
#
# Copyright (c) 2001, 2002 Zope Foundation and Contributors.
# All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
"""Security map to hold matrix-like relationships.
In all cases, 'setting' values are one of the defined constants
`Allow`, `Deny`, or `Unset`.
"""
from zope.interface import Interface
from zope.schema import TextLine, Text
# These are the "setting" values returned by several methods defined
# in these interfaces. The implementation may move to another
# location in the future, so this should be the preferred module to
# import these from.
from zope.securitypolicy.settings import Allow, Deny, Unset
class IRole(Interface):
"""A role object."""
id = TextLine(
title=u"Id",
description=u"Id as which this role will be known and used.",
readonly=True,
required=True)
title = TextLine(
title=u"Title",
description=u"Provides a title for the role.",
required=True)
description = Text(
title=u"Description",
description=u"Provides a description for the role.",
required=False)
class IPrincipalRoleMap(Interface):
"""Mappings between principals and roles."""
def getPrincipalsForRole(role_id):
"""Get the principals that have been granted a role.
Return the list of (principal id, setting) who have been assigned or
removed from a role.
If no principals have been assigned this role,
then the empty list is returned.
"""
def getRolesForPrincipal(principal_id):
"""Get the roles granted to a principal.
Return the list of (role id, setting) assigned or removed from
this principal.
If no roles have been assigned to
this principal, then the empty list is returned.
"""
def getSetting(role_id, principal_id, default=Unset):
"""Return the setting for this principal, role combination
"""
def getPrincipalsAndRoles():
"""Get all settings.
Return all the principal/role combinations along with the
setting for each combination as a sequence of tuples with the
role id, principal id, and setting, in that order.
"""
class IPrincipalRoleManager(IPrincipalRoleMap):
"""Management interface for mappings between principals and roles."""
def assignRoleToPrincipal(role_id, principal_id):
"""Assign the role to the principal."""
def removeRoleFromPrincipal(role_id, principal_id):
"""Remove a role from the principal."""
def unsetRoleForPrincipal(role_id, principal_id):
"""Unset the role for the principal."""
class IRolePermissionMap(Interface):
"""Mappings between roles and permissions."""
def getPermissionsForRole(role_id):
"""Get the premissions granted to a role.
Return a sequence of (permission id, setting) tuples for the given
role.
If no permissions have been granted to this
role, then the empty list is returned.
"""
def getRolesForPermission(permission_id):
"""Get the roles that have a permission.
Return a sequence of (role id, setting) tuples for the given
permission.
If no roles have been granted this permission, then the empty list is
returned.
"""
def getSetting(permission_id, role_id, default=Unset):
"""Return the setting for the given permission id and role id
If there is no setting, Unset is returned
"""
def getRolesAndPermissions():
"""Return a sequence of (permission_id, role_id, setting) here.
The settings are returned as a sequence of permission, role,
setting tuples.
If no principal/role assertions have been made here, then the empty
list is returned.
"""
class IRolePermissionManager(IRolePermissionMap):
"""Management interface for mappings between roles and permissions."""
def grantPermissionToRole(permission_id, role_id):
"""Bind the permission to the role.
"""
def denyPermissionToRole(permission_id, role_id):
"""Deny the permission to the role
"""
def unsetPermissionFromRole(permission_id, role_id):
"""Clear the setting of the permission to the role.
"""
class IPrincipalPermissionMap(Interface):
"""Mappings between principals and permissions."""
def getPrincipalsForPermission(permission_id):
"""Get the principas that have a permission.
Return the list of (principal_id, setting) tuples that describe
security assertions for this permission.
If no principals have been set for this permission, then the empty
list is returned.
"""
def getPermissionsForPrincipal(principal_id):
"""Get the permissions granted to a principal.
Return the list of (permission, setting) tuples that describe
security assertions for this principal.
If no permissions have been set for this principal, then the empty
list is returned.
"""
def getSetting(permission_id, principal_id, default=Unset):
"""Get the setting for a permission and principal.
Get the setting (Allow/Deny/Unset) for a given permission and
principal.
"""
def getPrincipalsAndPermissions():
"""Get all principal permission settings.
Get the principal security assertions here in the form
of a list of three tuple containing
(permission id, principal id, setting)
"""
class IPrincipalPermissionManager(IPrincipalPermissionMap):
"""Management interface for mappings between principals and permissions."""
def grantPermissionToPrincipal(permission_id, principal_id):
"""Assert that the permission is allowed for the principal.
"""
def denyPermissionToPrincipal(permission_id, principal_id):
"""Assert that the permission is denied to the principal.
"""
def unsetPermissionForPrincipal(permission_id, principal_id):
"""Remove the permission (either denied or allowed) from the
principal.
"""
class IGrantInfo(Interface):
"""Get grant info needed for checking access
"""
def principalPermissionGrant(principal, permission):
"""Return the principal-permission grant if any
The return value is one of Allow, Deny, or Unset
"""
def getRolesForPermission(permission):
"""Return the role grants for the permission
The role grants are an iterable of role, setting tuples, where
setting is either Allow or Deny.
"""
def getRolesForPrincipal(principal):
"""Return the role grants for the principal
The role grants are an iterable of role, setting tuples, where
setting is either Allow or Deny.
"""
class IGrantVocabulary(Interface):
"""Marker interface for register the RadioWidget."""
|