The PEAK Developers' Center   ShortIntroPeakSecurity UserPreferences
 
HelpContents Search Diffs Info Edit Subscribe XML Print View
 The PEAK Developers' Center   FrontPage   RecentChanges   TitleIndex   WordIndex   SiteNavigation   HelpContents 
The following 123 words could not be found in the dictionary of 50 words (including 50 LocalSpellingWords) and are highlighted below:
Building   Burn   Can   Context   December   Denial   For   Here   House   How   Joe   Let   Needed   None   Now   October   Owner   Peak   Permission   Rules   Security   Some   User   You   again   allowed   an   and   api   are   as   baby   be   binding   brief   building   burn   but   can   check   class   code   com   concepts   continued   date   def   describe   detailed   do   documentation   eby   else   example   examples   explanation   for   found   from   has   he   here   his   house   how   if   implementation   import   is   isinstance   it   let   message   metadata   method   more   multiple   my   needed   not   object   of   older   on   or   own   owner   ownership   page   pass   peak   perm   permission   pipermail   please   print   python   remove   return   run   runner   sample   sarna   save   security   see   segment   self   should   subject   test   that   the   they   this   to   try   up   use   user   we   when   with  

Clear message

1 Peak Security

Here's a brief example of how to use peak security. (A more detailed explanation with multiple examples can be found on the SecurityRules page.)

1.1 Some sample code

Let's save this code as security_test.py 

    1 from peak.api import *
    2 
    3 class Owner(security.Permission):
    4     pass
    5 
    6 class User(object):
    7     pass
    8 
    9 class Building(object):
   10 
   11     binding.metadata(
   12         burnBuilding = Owner   # permission needed for the method
   13     )
   14 
   15     def burnBuilding(self):
   16         print "Burn baby burn"
   17 
   18 
   19 class BuildingRules(security.Context):
   20 
   21     [security.hasPermission.when("perm==Owner and isinstance(subject,Building)")]
   22     def checkCanBurn(self, user, perm, subject):
   23         return user is subject.owner or security.Denial(
   24             "You are not allowed to burn that building"
   25         )

1.2 How do we use this class

Let's save this code segment as security_test_runner.py 

    1 from peak.api import *
    2 from security_test import *
    3 
    4 myHouse = Building()
    5 Joe     = User()
    6 myHouse.owner = Joe
    7 theContext = BuildingRules()
    8 
    9 permissionNeeded = theContext.permissionFor(myHouse,"burnBuilding")
   10 allowed = theContext.hasPermission(Joe, permissionNeeded, myHouse)
   11 
   12 print "Joe is an owner he should be allowed to burn his own house:"
   13 if allowed:
   14     myHouse.burnBuilding()
   15 else:
   16     print allowed.message
   17 
   18 print "Now we 'remove' ownership from Joe and try to burn it again"
   19 
   20 myHouse.owner = None
   21 allowed = theContext.hasPermission(Joe, permissionNeeded, myHouse )
   22 if allowed:
   23     myHouse.burnBuilding()
   24 else:
   25     print allowed.message

1.3 Now let's run this sample code

$ python security_test_runner.py 
Joe is an owner he should be allowed to burn his own house: 
Burn baby burn 
Now we 'remove' ownership from Joe and try to burn it again 
You are not allowed to burn that building

1.4 A brief explanation

... to be continued

A detailed explanation of the concepts can be found here (but they describe an older implementation of peak.security; please see SecurityRules for up-to-date documentation):

[WWW]http://www.eby-sarna.com/pipermail/peak/2003-December/000970.html

[WWW]http://www.eby-sarna.com/pipermail/peak/2003-October/000842.html

PythonPowered
EditText of this page (last modified 2005-01-07 12:29:11)
FindPage by browsing, title search , text search or an index
Or try one of these actions: AttachFile, DeletePage, LikePages, LocalSiteMap, SpellCheck