[PEAK] peak.security weirdness
Simon Belak
simon.belak at hruska.si
Wed Jan 18 09:00:27 EST 2006
... probably helps if I actually attach the files ;)
s.
Simon Belak wrote:
> Hi,
>
> I'm having some problems with dispatching of hasPermission(). Rules
> unambiguous for a "normal" GF trigger AmbiguousMethod when applied to
> hasPermission(). What is going on?
>
> Attached is an example and error traceback.
>
> Thanks,
> Simon
> _______________________________________________
> PEAK mailing list
> PEAK at eby-sarna.com
> http://www.eby-sarna.com/mailman/listinfo/peak
>
-------------- next part --------------
from dispatch import generic, strategy
from peak.api import security
class SecurityContext(security.Context):
pass
security_context = SecurityContext()
def hasPermission_adaptor(func):
def hasPermission(self, user, perm, subject):
return func()
return hasPermission
class Bar:
""" Poor-man's hasPermission(). """
@generic()
def foo(self, user, perm, subject): pass
@foo.when(strategy.default)
def __denyByDefault(self,user,perm,subject):
return security.Denial("Access denied.")
@foo.when("perm==security.Nobody")
def __nobodyGetsNobody(self,user,perm,subject):
return security.Denial("Access forbidden")
@foo.when("perm==security.Anybody")
def __anybodyGetsAnybody(self,user,perm,subject):
return True
foo = Bar.foo.im_func
class SecurityGroupMeta(security.PermissionType):
def __init__ (cls, name, bases, attr):
super(SecurityGroupMeta, cls).__init__(name, bases, attr)
if "require" in attr:
foo.when(
"getattr(perm, '__name__', '') == '%s'" % name)(
hasPermission_adaptor(attr["require"]))
security.hasPermission.when(
"getattr(perm, '__name__', '') == '%s'" % name)(
hasPermission_adaptor(attr["require"]))
class SecurityGroup(security.Permission):
__metaclass__ = SecurityGroupMeta
class GroupA(SecurityGroup):
def require():
return True
class GroupB(SecurityGroup):
def require():
return security.Denial("Access denied.")
user = object()
subject = object()
print foo(security.Context(), user, GroupA, subject)
print foo(security.Context(),user, GroupB, subject)
print security_context.hasPermission(user, GroupA, subject)
print security_context.hasPermission(user, GroupB, subject)
-------------- next part --------------
True
Access denied.
Traceback (most recent call last):
File "C:\Documents and Settings\Simon\My Documents\hruska\vsemogoce\dispatch\weird_security.py", line 69, in ?
print security_context.hasPermission(user, GroupA, subject)
File "<string>", line 5, in hasPermission
File "_speedups.pyx", line 362, in _speedups.BaseDispatcher.__getitem__
File "c:\python24\lib\site-packages\RuleDispatch-0.5a0.dev_r2100-py2.4-win32.egg\dispatch\interfaces.py", line 15, in __call__
raise self.__class__(*self.args+(args,kw))
dispatch.interfaces.AmbiguousMethod: ([(Signature((0, <class 'dispatch.strategy.Node'>)=Context), <function __denyByDefault at 0x00B58970>), (Signature((6, <class 'dispatch.strategy.node_type'>)=Inequality("..",(('GroupA', 'GroupA'),))), <function hasPermission at 0x00C0B9B0>)], (<__main__.SecurityContext instance at 0x00B2AE40>, <object object at 0x009EC450>, <class '__main__.GroupA'>, <object object at 0x009EC458>), {})
More information about the PEAK
mailing list