"""
Multiple calls of grok.require in one class are not allowed.
>>> grok.grok(__name__)
Traceback (most recent call last):
...
GrokError: grok.require was called multiple times in <class 'grok.tests.security.multiple_require.MultipleView'>. It may only be set once for a class.
"""
import grok
import zope.interface
grok.define_permission('permission.1')
grok.define_permission('permission.2')
class MultipleView(grok.View):
grok.context(zope.interface.Interface)
grok.require('permission.1')
grok.require('permission.2')
def render(self):
pass
from zope.app.apidoc.utilities import getFunctionSignature
from zope.app.apidoc.utilities import getPythonPath, getPermissionIds
from zope.app.apidoc.utilities import isReferencable
import grok.interfaces
from grok.interfaces import IApplication
from martian.scan import is_package, ModuleInfo
from martian import InstanceGrokker, ModuleGrokker
from grok.admin.objectinfo import ZopeObjectInfo
# This is the name under which the docgrok object-browser can be
# reached.
DOCGROK_ITEM_NAMESPACE = 'docgrok-obj'
grok.context(IRootFolder)
grok.define_permission('grok.ManageApplications')
def find_filepath(dotted_path):
"""Find the filepath for a dotted name.
If a dotted name denotes a filename we try to find its path
by concatenating it with the system paths and looking for an
existing file. Every dot in the filename thereby can be part
of the filename or of its path. Therefore we check the
several possible dirname/filename combinations possible.
Returns None if no suitable filepath can be found.
This functions does *not* look for Python elements like classes,
interfaces and the files where they were defined. Use `resolve()`
"""
Using the @grok.require decorator in a view class is not allowed.
>>> grok.grok(__name__)
Traceback (most recent call last):
GrokError: The @grok.require decorator is used for method 'render' in view <class 'grok.tests.security.view_decorator.BogusView'>. It may only be used for XML-RPC methods.
"""
import grok
import zope.interface
grok.define_permission('bogus.perm')
class BogusView(grok.View):
grok.context(zope.interface.Interface)
@grok.require('bogus.perm')
def render(self):
pass
from zope.app.component import hooks
from zope.app.authentication.session import SessionCredentialsPlugin
from zope.securitypolicy.interfaces import IPrincipalRoleManager
from zope.annotation.interfaces import IAttributeAnnotatable
from z3c.authentication.simple import member
from z3c.authentication.simple import group
from z3c.authentication.cookie.plugin import CookieCredentialsPlugin
import grok
from tfws.website import interfaces
from tfws.website import roles
from tfws.website import permissions
grok.define_permission(permissions.VIEW)
grok.define_permission(permissions.MANAGEUSERS)
grok.define_permission(permissions.MANAGESITE)
grok.define_permission(permissions.MANAGECONTENT)
def setup_site_auth(auth):
# setup credentials plugin
cred = CookieCredentialsPlugin()
zope.event.notify(zope.lifecycleevent.ObjectCreatedEvent(cred))
cred.loginpagename = 'login'
# form is generated with z3c.form so we need long request names
cred.loginfield = 'form.widgets.login'
cred.passwordfield = 'form.widgets.password'
cred.autologinfield = 'form.widgets.autologin'
"""
We can define a few permissions with grok.define_permission:
>>> import grok
>>> grok.grok('grok.ftests.security.grant')
and then take a look at them in Zope 3's grant view:
>>> from zope.testbrowser.testing import Browser
>>> browser = Browser()
>>> browser.handleErrors = False
>>> browser.addHeader('Authorization', 'Basic mgr:mgrpw')
>>> browser.open("http://localhost/@@grant.html")
>>> browser.getControl(name='field.principal.MA__.searchstring').value = 'manager'
>>> browser.getControl('Search').click()
>>> browser.getControl('Apply').click()
>>> 'grok.ascii-permission' in browser.contents
True
"""
import grok
grok.define_permission('grok.ascii-permission')
# TODO Technically, it's absolutely possible to give permissions
# non-ASCII names. However the way Zope 3's grant view uses widgets to
# display form controls for each permission is not unicode-safe.
#grok.define_permission(u'grok.ünicöde-permission')
>>> browser.open("http://localhost/@@cavepainting")
>>> print browser.contents
What a beautiful painting.
A view protected with 'zope.Public' is always accessible:
>>> browser = Browser()
>>> browser.open("http://localhost/@@publicnudity")
>>> print browser.contents
Everybody can see this.
"""
import grok
import zope.interface
grok.define_permission('grok.ViewPainting')
class CavePainting(grok.View):
grok.context(zope.interface.Interface)
grok.require('grok.ViewPainting')
def render(self):
return 'What a beautiful painting.'
class PublicNudity(grok.View):
grok.context(zope.interface.Interface)
grok.require('zope.Public')