summaryrefslogtreecommitdiff
path: root/src/zope/security/simplepolicies.py
blob: 3cca0b949b678d9af8d4865f0e2efba90b1264dd (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61

##############################################################################
#
# Copyright (c) 2001, 2002 Zope Corporation and Contributors.
# All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
"""Simple 'ISecurityPolicy' implementations.

$Id$
"""
import zope.interface
from zope.security.checker import CheckerPublic
from zope.security.interfaces import IInteraction, ISecurityPolicy
from zope.security._definitions import system_user

class ParanoidSecurityPolicy(object):
    zope.interface.implements(IInteraction)
    zope.interface.classProvides(ISecurityPolicy)

    def __init__(self, *participations):
        self.participations = []
        for participation in participations:
            self.add(participation)

    def add(self, participation):
        if participation.interaction is not None:
            raise ValueError("%r already belongs to an interaction"
                             % participation)
        participation.interaction = self
        self.participations.append(participation)

    def remove(self, participation):
        if participation.interaction is not self:
            raise ValueError("%r does not belong to this interaction"
                             % participation)
        self.participations.remove(participation)
        participation.interaction = None

    def checkPermission(self, permission, object):
        if permission is CheckerPublic:
            return True

        users = [p.principal
                 for p in self.participations
                 if p.principal is not system_user]

        return not users

class PermissiveSecurityPolicy(ParanoidSecurityPolicy):
    """Allow all access."""
    zope.interface.classProvides(ISecurityPolicy)

    def checkPermission(self, permission, object):
        return True
View Lorry Controller Status