The PEAK Developers' Center   ShortIntroPeakSecurity UserPreferences
 
HelpContents Search Diffs Info Edit Subscribe XML Print View

1 Peak Security

Here's a brief example of how to use peak security. (A more detailed explanation with multiple examples can be found on the SecurityRules page.)

1.1 Some sample code

Let's save this code as security_test.py

    1 from peak.api import *
    2 
    3 class Owner(security.Permission):
    4     pass
    5 
    6 class User(object):
    7     pass
    8 
    9 class Building(object):
   10 
   11     binding.metadata(
   12         burnBuilding = Owner   # permission needed for the method
   13     )
   14 
   15     def burnBuilding(self):
   16         print "Burn baby burn"
   17 
   18 
   19 class BuildingRules(security.Context):
   20 
   21     [security.hasPermission.when("perm==Owner and isinstance(subject,Building)")]
   22     def checkCanBurn(self, user, perm, subject):
   23         return user is subject.owner or security.Denial(
   24             "You are not allowed to burn that building"
   25         )

1.2 How do we use this class

Let's save this code segment as security_test_runner.py

    1 from peak.api import *
    2 from security_test import *
    3 
    4 myHouse = Building()
    5 Joe     = User()
    6 myHouse.owner = Joe
    7 theContext = BuildingRules()
    8 
    9 permissionNeeded = theContext.permissionFor(myHouse,"burnBuilding")
   10 allowed = theContext.hasPermission(Joe, permissionNeeded, myHouse)
   11 
   12 print "Joe is an owner he should be allowed to burn his own house:"
   13 if allowed:
   14     myHouse.burnBuilding()
   15 else:
   16     print allowed.message
   17 
   18 print "Now we 'remove' ownership from Joe and try to burn it again"
   19 
   20 myHouse.owner = None
   21 allowed = theContext.hasPermission(Joe, permissionNeeded, myHouse )
   22 if allowed:
   23     myHouse.burnBuilding()
   24 else:
   25     print allowed.message

1.3 Now let's run this sample code

$ python security_test_runner.py 
Joe is an owner he should be allowed to burn his own house: 
Burn baby burn 
Now we 'remove' ownership from Joe and try to burn it again 
You are not allowed to burn that building 

1.4 A brief explanation

... to be continued

A detailed explanation of the concepts can be found here (but they describe an older implementation of peak.security; please see SecurityRules for up-to-date documentation):

[WWW]http://www.eby-sarna.com/pipermail/peak/2003-December/000970.html

[WWW]http://www.eby-sarna.com/pipermail/peak/2003-October/000842.html


PythonPowered
EditText of this page (last modified 2005-01-07 12:29:11)
FindPage by browsing, title search , text search or an index
Or try one of these actions: AttachFile, DeletePage, LikePages, LocalSiteMap, SpellCheck