def check_permission(self, action, username, resource, perm):
self.call_count += 1
decision = None
if 'ACTION_2' in perm(resource):
decision = None
elif action == 'ACTION_1':
decision = username == 'user1'
self.decisions.append(('policy1', action, decision))
return decision
def check_permission(self, action, username, resource, perm):
perm_map = self._perm_maps.get(action)
if not perm_map or not resource or resource.realm != 'attachment':
return
legacy_action = perm_map.get(resource.parent.realm)
if legacy_action:
decision = legacy_action in perm(resource.parent)
if not decision:
self.env.log.debug('LegacyAttachmentPolicy denied %s '
'access to %s. User needs %s' %
(username, resource, legacy_action))
return decision
else:
for d in self.delegates:
decision = d.check_attachment_permission(action, username,
resource, perm)
if decision is not None:
return decision