ShortIntroPeakSecurity |
UserPreferences |
The PEAK Developers' Center | FrontPage | RecentChanges | TitleIndex | WordIndex | SiteNavigation | HelpContents |
Here's a brief example of how to use peak security.
Let's save this code as security_test.py
1 2 from peak.api import * 3 4 class Owner(security.Permission): 5 pass 6 7 class User(object): 8 pass 9 10 class Building(object): 11 12 security.allow( 13 burnBuilding = Owner 14 ) 15 16 def burnBuilding(self): 17 print "Burn baby burn" 18 19 class buildingRules(security.RuleSet): 20 21 rules = Items( 22 checkCanBurn = [Owner.of(Building)] 23 ) 24 25 def checkCanBurn(self, attempt): 26 if attempt.user is attempt.subject.owner: 27 return 1 28 else: 29 return security.Denial( 30 "You are not allowed to burn that building" 31 ) 32 33 BuildingRules.declareRulesFor(security.IPermissionChecker)
Let's save this code segment as security_test_runner.py
1 2 from peak.api import * 3 from security_test import * 4 5 myHouse = Building() 6 Joe = User() 7 myHouse.owner = Joe 8 theInteraction = security.Interaction(user=Joe) 9 10 allowed = theInteraction.allows(myHouse,"burnBuilding") 11 if allowed: 12 myHouse.burnBuilding() 13 else: 14 print allowed.message
$ python security_test_runner.py Burn baby burn
... to be continued
A detailed explanation of the concepts can be found here:
http://www.eby-sarna.com/pipermail/peak/2003-December/000970.html