def ProxyFactory(object, checker=None):
"""Factory function that creates a proxy for an object
The proxy checker is looked up if not provided.
"""
if type(object) is Proxy:
if checker is None or checker is getChecker(object):
return object
else:
# We have a proxy, but someone asked us to change its checker.
# Let's raise an exception.
#
# Other reasonable actions would be to either keep the existing
# proxy, or to create a new one with the given checker.
# The latter might be a security hole though, if untrusted code
# can call ProxyFactory.
raise TypeError("Tried to use ProxyFactory to change a Proxy's"
" checker.")
if checker is None:
checker = getattr(object, '__Security_checker__', None)
if checker is None:
checker = selectChecker(object)
if checker is None:
return object
return Proxy(object, checker)
def canWrite(obj, name):
"""Check whether the interaction may write an attribute named name on obj.
Convenience method. Rather than using checkPermission in high level code,
use canWrite and canAccess to avoid binding code to permissions.
"""
obj = ProxyFactory(obj)
checker = getChecker(obj)
try:
checker.check_setattr(obj, name)
except Unauthorized:
return False
except ForbiddenAttribute:
# we are going to be a bit DWIM-y here: see
# http://www.zope.org/Collectors/Zope3-dev/506
# generally, if the check is ForbiddenAttribute we want it to be
# raised: it probably indicates a programming or configuration error.
# However, we special case a write ForbiddenAttribute when one can
# actually read the attribute: this represents a reasonable
# configuration of a readonly attribute, and returning False (meaning
# "no, you can't write it") is arguably more useful than raising the
# exception.
try:
checker.check_getattr(obj, name)
# we'll let *this* ForbiddenAttribute fall through, if any. It
# means that both read and write are forbidden.
except Unauthorized:
pass
return False
# all other exceptions, other than Unauthorized and ForbiddenAttribute,
# should be passed through uncaught, as they indicate programmer error
return True
def canWrite(obj, name):
"""Check whether the interaction may write an attribute named name on obj.
Convenience method. Rather than using checkPermission in high level code,
use canWrite and canAccess to avoid binding code to permissions.
"""
obj = ProxyFactory(obj)
checker = getChecker(obj)
try:
checker.check_setattr(obj, name)
except Unauthorized:
return False
except ForbiddenAttribute:
# we are going to be a bit DWIM-y here: see
# http://www.zope.org/Collectors/Zope3-dev/506
# generally, if the check is ForbiddenAttribute we want it to be
# raised: it probably indicates a programming or configuration error.
# However, we special case a write ForbiddenAttribute when one can
# actually read the attribute: this represents a reasonable
# configuration of a readonly attribute, and returning False (meaning
# "no, you can't write it") is arguably more useful than raising the
# exception.
try:
checker.check_getattr(obj, name)
# we'll let *this* ForbiddenAttribute fall through, if any. It
# means that both read and write are forbidden.
except Unauthorized:
pass
return False
# all other exceptions, other than Unauthorized and ForbiddenAttribute,
# should be passed through uncaught, as they indicate programmer error
return True
def ProxyFactory(object, checker=None):
"""Factory function that creates a proxy for an object
The proxy checker is looked up if not provided.
"""
if type(object) is Proxy:
if checker is None or checker is getChecker(object):
return object
else:
# We have a proxy, but someone asked us to change its checker.
# Let's raise an exception.
#
# Other reasonable actions would be to either keep the existing
# proxy, or to create a new one with the given checker.
# The latter might be a security hole though, if untrusted code
# can call ProxyFactory.
raise TypeError("Tried to use ProxyFactory to change a Proxy's"
" checker.")
if checker is None:
checker = getattr(object, '__Security_checker__', None)
if checker is None:
checker = selectChecker(object)
if checker is None:
return object
return Proxy(object, checker)
def getTestProxyItems(proxy):
"""Try to get checker names and permissions for testing
If this succeeds, a sorted sequence of items is returned,
otherwise, None is returned.
"""
checker = getChecker(proxy)
items = checker.get_permissions.items()
items.sort()
return items
def getTestProxyItems(proxy):
"""Try to get checker names and permissions for testing
If this succeeds, a sorted sequence of items is returned,
otherwise, None is returned.
"""
checker = getChecker(proxy)
items = checker.get_permissions.items()
items.sort()
return items
def canAccess(obj, name):
"""Check whether the interaction may access an attribute named name on obj.
Convenience method. Rather than using checkPermission in high level code,
use canWrite and canAccess to avoid binding code to permissions.
"""
# access attributes and methods, including, in the current checker
# implementation, special names like __getitem__
obj = ProxyFactory(obj)
checker = getChecker(obj)
try:
checker.check_getattr(obj, name)
except Unauthorized:
return False
# if it is Forbidden (or anything else), let it be raised: it probably
# indicates a programming or configuration error
return True
def canAccess(obj, name):
"""Check whether the interaction may access an attribute named name on obj.
Convenience method. Rather than using checkPermission in high level code,
use canWrite and canAccess to avoid binding code to permissions.
"""
# access attributes and methods, including, in the current checker
# implementation, special names like __getitem__
obj = ProxyFactory(obj)
checker = getChecker(obj)
try:
checker.check_getattr(obj, name)
except Unauthorized:
return False
# if it is Forbidden (or anything else), let it be raised: it probably
# indicates a programming or configuration error
return True
def getTestProxyItems(proxy):
"""Return a sorted sequence of checker names and permissions for testing
"""
checker = getChecker(proxy)
return sorted(checker.get_permissions.items())
def getTestProxyItems(proxy):
"""Return a sorted sequence of checker names and permissions for testing
"""
checker = getChecker(proxy)
return sorted(checker.get_permissions.items())
