def settingsForObject(ob): """Analysis tool to show all of the grants to a process """ result = [] while ob is not None: data = {} result.append((getattr(ob, '__name__', '(no name)'), data)) principalPermissions = IPrincipalPermissionMap(ob, None) if principalPermissions is not None: settings = principalPermissions.getPrincipalsAndPermissions() settings.sort() data['principalPermissions'] = [ {'principal': pr, 'permission': p, 'setting': s} for (p, pr, s) in settings] principalRoles = IPrincipalRoleMap(ob, None) if principalRoles is not None: settings = principalRoles.getPrincipalsAndRoles() data['principalRoles'] = [ {'principal': p, 'role': r, 'setting': s} for (r, p, s) in settings] rolePermissions = IRolePermissionMap(ob, None) if rolePermissions is not None: settings = rolePermissions.getRolesAndPermissions() data['rolePermissions'] = [ {'permission': p, 'role': r, 'setting': s} for (p, r, s) in settings] ob = getattr(ob, '__parent__', None) data = {} result.append(('global settings', data)) settings = principalPermissionManager.getPrincipalsAndPermissions() settings.sort() data['principalPermissions'] = [ {'principal': pr, 'permission': p, 'setting': s} for (p, pr, s) in settings] settings = principalRoleManager.getPrincipalsAndRoles() data['principalRoles'] = [ {'principal': p, 'role': r, 'setting': s} for (r, p, s) in settings] settings = rolePermissionManager.getRolesAndPermissions() data['rolePermissions'] = [ {'permission': p, 'role': r, 'setting': s} for (p, r, s) in settings] return result
def testManyPermissionsOnePrincipal(self): perm1 = definePermission('Perm One', 'title').id perm2 = definePermission('Perm Two', 'title').id prin1 = self._make_principal() manager.grantPermissionToPrincipal(perm1, prin1) manager.grantPermissionToPrincipal(perm2, prin1) perms = manager.getPermissionsForPrincipal(prin1) self.assertEqual(len(perms), 2) self.assertTrue((perm1, Allow) in perms) self.assertTrue((perm2, Allow) in perms) manager.denyPermissionToPrincipal(perm2, prin1) perms = manager.getPermissionsForPrincipal(prin1) self.assertEqual(len(perms), 2) self.assertTrue((perm1, Allow) in perms) self.assertTrue((perm2, Deny) in perms) perms = manager.getPrincipalsAndPermissions() self.assertTrue((perm1, prin1, Allow) in perms) self.assertTrue((perm2, prin1, Deny) in perms)