Beispiel #1
0
        def __init__(cls, name, bases, dict_):
            cls._pecan = dict(
                secured=Protected,
                check_permissions=cls.check_permissions,
                unlocked=[]
            )

            for name, value in getmembers(cls):
                if ismethod(value):
                    if iscontroller(value) and value._pecan.get(
                        'secured'
                    ) is None:
                        value._pecan['secured'] = Protected
                        value._pecan['check_permissions'] = \
                            cls.check_permissions
                elif hasattr(value, '__class__'):
                    if name.startswith('__') and name.endswith('__'):
                        continue
                    if isinstance(value, _UnlockedAttribute):
                        # mark it as unlocked and remove wrapper
                        cls._pecan['unlocked'].append(value.obj)
                        setattr(cls, name, value.obj)
                    elif isinstance(value, _SecuredAttribute):
                        # The user has specified a different check_permissions
                        # than the class level version.  As far as the class
                        # is concerned, this method is unlocked because
                        # it is using a check_permissions function embedded in
                        # the _SecuredAttribute wrapper
                        cls._pecan['unlocked'].append(value)
Beispiel #2
0
        def __init__(cls, name, bases, dict_):
            cls._pecan = dict(
                secured=Protected,
                check_permissions=cls.check_permissions,
                unlocked=[]
            )

            for name, value in getmembers(cls)[:]:
                if ismethod(value):
                    if iscontroller(value) and value._pecan.get(
                        'secured'
                    ) is None:
                        # Wrap the function so that the security context is
                        # local to this class definition.  This works around
                        # the fact that unbound method attributes are shared
                        # across classes with the same bases.
                        wrapped = _make_wrapper(value)
                        wrapped._pecan['secured'] = Protected
                        wrapped._pecan['check_permissions'] = \
                            cls.check_permissions
                        setattr(cls, name, wrapped)
                elif hasattr(value, '__class__'):
                    if name.startswith('__') and name.endswith('__'):
                        continue
                    if isinstance(value, _UnlockedAttribute):
                        # mark it as unlocked and remove wrapper
                        cls._pecan['unlocked'].append(value.obj)
                        setattr(cls, name, value.obj)
                    elif isinstance(value, _SecuredAttribute):
                        # The user has specified a different check_permissions
                        # than the class level version.  As far as the class
                        # is concerned, this method is unlocked because
                        # it is using a check_permissions function embedded in
                        # the _SecuredAttribute wrapper
                        cls._pecan['unlocked'].append(value)
Beispiel #3
0
 def _find_controller(self, *args):
     '''
     Returns the appropriate controller for routing a custom action.
     '''
     for name in args:
         obj = getattr(self, name, None)
         if obj and iscontroller(obj):
             return obj
     return None
Beispiel #4
0
def walk_controller(root_class, controller, hooks):
    if not isinstance(controller, (int, dict)):
        for name, value in getmembers(controller):
            if name == 'controller': continue
            if name.startswith('__') and name.endswith('__'): continue
            
            if iscontroller(value):
                for hook in hooks:
                    value._pecan.setdefault('hooks', []).append(hook)
            elif hasattr(value, '__class__'):
                if name.startswith('__') and name.endswith('__'): continue
                walk_controller(root_class, value, hooks)
Beispiel #5
0
def find_object(obj, remainder, notfound_handlers):
    prev_obj = None
    while True:
        if obj is None: raise exc.HTTPNotFound
        if iscontroller(obj): return obj, remainder

        # are we traversing to another controller
        cross_boundary(prev_obj, obj)
        
        if remainder and remainder[0] == '':
            index = getattr(obj, 'index', None)
            if iscontroller(index): return index, remainder[1:]
        elif not remainder:
            # the URL has hit an index method without a trailing slash
            index = getattr(obj, 'index', None)
            if iscontroller(index): 
                raise NonCanonicalPath(index, remainder[1:])
        default = getattr(obj, '_default', None)
        if iscontroller(default):
            notfound_handlers.append(('_default', default, remainder))

        lookup = getattr(obj, '_lookup', None)
        if iscontroller(lookup):
            notfound_handlers.append(('_lookup', lookup, remainder))
        
        route = getattr(obj, '_route', None)
        if iscontroller(route):
            next, next_remainder = route(remainder)
            cross_boundary(route, next)
            return next, next_remainder
        
        if not remainder: raise exc.HTTPNotFound
        next, remainder = remainder[0], remainder[1:]
        prev_obj = obj
        obj = getattr(obj, next, None)
Beispiel #6
0
def find_object(obj, remainder, notfound_handlers):
    '''
    'Walks' the url path in search of an action for which a controller is
    implemented and returns that controller object along with what's left
    of the remainder.
    '''
    prev_obj = None
    while True:
        if obj is None:
            raise exc.HTTPNotFound
        if iscontroller(obj):
            return obj, remainder

        # are we traversing to another controller
        cross_boundary(prev_obj, obj)

        if remainder and remainder[0] == '':
            index = getattr(obj, 'index', None)
            if iscontroller(index):
                return index, remainder[1:]
        elif not remainder:
            # the URL has hit an index method without a trailing slash
            index = getattr(obj, 'index', None)
            if iscontroller(index):
                raise NonCanonicalPath(index, remainder[1:])
        default = getattr(obj, '_default', None)
        if iscontroller(default):
            notfound_handlers.append(('_default', default, remainder))

        lookup = getattr(obj, '_lookup', None)
        if iscontroller(lookup):
            notfound_handlers.append(('_lookup', lookup, remainder))

        route = getattr(obj, '_route', None)
        if iscontroller(route):
            next, next_remainder = route(remainder)
            cross_boundary(route, next)
            return next, next_remainder

        if not remainder:
            raise exc.HTTPNotFound
        next, remainder = remainder[0], remainder[1:]
        prev_obj = obj
        obj = getattr(obj, next, None)
Beispiel #7
0
 def _find_controller(self, *args):
     for name in args:
         obj = getattr(self, name, None)
         if obj and iscontroller(obj):
             return obj
     return None