1 Peak Security

Here's a brief example of how to use peak security.

1.1 Some sample code

Let's save this code as security_test.py

    1 from peak.api import *
    2 
    3 class Owner(security.Permission):
    4     pass
    5 
    6 class User(object):
    7     pass
    8 
    9 class Building(object):
   10 
   11     security.allow(
   12         burnBuilding = Owner
   13     )
   14 
   15     def burnBuilding(self):
   16             print "Burn baby burn"
   17 
   18 class buildingRules(security.RuleSet):
   19 
   20     rules = Items(
   21           checkCanBurn = [Owner.of(Building)]
   22     )
   23 
   24     def checkCanBurn(self, attempt):
   25         if attempt.user is attempt.subject.owner:
   26             return 1
   27         else:
   28             return security.Denial(
   29                  "You are not allowed to burn that building"
   30             )
   31 
   32 BuildingRules.declareRulesFor(security.IPermissionChecker)

1.2 How do we use this class

Let's save this code segment as security_test_runner.py

    1 from peak.api import *
    2 from security_test import *
    3 
    4 myHouse = Building()
    5 Joe     = User()
    6 myHouse.owner = Joe
    7 theInteraction = security.Interaction(user=Joe)
    8 
    9 allowed = theInteraction.allows(myHouse,"burnBuilding")
   10 if allowed:
   11     myHouse.burnBuilding()
   12 else:
   13     print allowed.message

1.3 Now let's run this sample code

$ python security_test_runner.py 
 
Burn baby burn

1.4 A brief explanation

... to be continued

A detailed explanation of the concepts can be found here:

http://www.eby-sarna.com/pipermail/peak/2003-December/000970.html

http://www.eby-sarna.com/pipermail/peak/2003-October/000842.html

EditText of this page (last modified 2003-12-07 14:03:13)
FindPage by browsing, title search , text search or an index
Or try one of these actions: AttachFile, DeletePage, LikePages, LocalSiteMap, SpellCheck