/usr/share/pyshared/zope/security/management.py is in python-zope.security 3.8.3-2ubuntu1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 | ##############################################################################
#
# Copyright (c) 2001, 2002 Zope Foundation and Contributors.
# All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
"""Default 'ISecurityManagement' and 'IInteractionManagement' implementation
"""
import zope.interface
from zope.security import interfaces
from zope.security.checker import CheckerPublic
from zope.security._definitions import thread_local, system_user
from zope.security.simplepolicies import ParanoidSecurityPolicy
_defaultPolicy = ParanoidSecurityPolicy
zope.interface.moduleProvides(
interfaces.ISecurityManagement,
interfaces.IInteractionManagement)
def _clear():
global _defaultPolicy
_defaultPolicy = ParanoidSecurityPolicy
# XXX This code is used to support automated testing. However, it shouldn't be
# here and needs to be refactored. The empty addCleanUp-method is a temporary
# workaround to fix packages that depend on zope.security but don't have a
# need for zope.testing.
try:
from zope.testing.cleanup import addCleanUp
except ImportError:
def addCleanUp(arg):
pass
addCleanUp(_clear)
#
# ISecurityManagement implementation
#
def getSecurityPolicy():
"""Get the system default security policy."""
return _defaultPolicy
def setSecurityPolicy(aSecurityPolicy):
"""Set the system default security policy, and return the previous
value.
This method should only be called by system startup code.
It should never, for example, be called during a web request.
"""
global _defaultPolicy
last, _defaultPolicy = _defaultPolicy, aSecurityPolicy
return last
#
# IInteractionManagement implementation
#
def queryInteraction():
return getattr(thread_local, 'interaction', None)
def getInteraction():
"""Get the current interaction."""
try:
return thread_local.interaction
except AttributeError:
raise interfaces.NoInteraction
def newInteraction(*participations):
"""Start a new interaction."""
if queryInteraction() is not None:
raise AssertionError("newInteraction called"
" while another interaction is active.")
interaction = getSecurityPolicy()(*participations)
thread_local.interaction = interaction
def endInteraction():
"""End the current interaction."""
try:
thread_local.previous_interaction = thread_local.interaction
except AttributeError:
# if someone does a restore later, it should be restored to not having
# an interaction. If there was a previous interaction from a previous
# call to endInteraction, it should be removed.
try:
del thread_local.previous_interaction
except AttributeError:
pass
else:
del thread_local.interaction
def restoreInteraction():
try:
previous = thread_local.previous_interaction
except AttributeError:
try:
del thread_local.interaction
except AttributeError:
pass
else:
thread_local.interaction = previous
def checkPermission(permission, object, interaction=None):
"""Return whether security policy allows permission on object.
Arguments:
permission -- A permission name
object -- The object being accessed according to the permission
interaction -- An interaction, which provides access to information
such as authenticated principals. If it is None, the current
interaction is used.
checkPermission is guaranteed to return True if permission is
CheckerPublic or None.
"""
if permission is CheckerPublic or permission is None:
return True
if interaction is None:
try:
interaction = thread_local.interaction
except AttributeError:
raise interfaces.NoInteraction
return interaction.checkPermission(permission, object)
addCleanUp(endInteraction)
|