[Zope-Checkins] SVN: Zope/branches/2.9/ ObjectManager now has an hasObject method to test presence. This
Log message for revision 40536: ObjectManager now has an hasObject method to test presence. This brings it in line with BTreeFolder. Changed: U Zope/branches/2.9/doc/CHANGES.txt U Zope/branches/2.9/lib/python/OFS/ObjectManager.py U Zope/branches/2.9/lib/python/OFS/interfaces.py U Zope/branches/2.9/lib/python/OFS/tests/testObjectManager.py -=- Modified: Zope/branches/2.9/doc/CHANGES.txt === --- Zope/branches/2.9/doc/CHANGES.txt 2005-12-05 13:54:19 UTC (rev 40535) +++ Zope/branches/2.9/doc/CHANGES.txt 2005-12-05 15:07:46 UTC (rev 40536) @@ -26,6 +26,9 @@ Features added + - ObjectManager now has an hasObject method to test presence. This +brings it in line with BTreeFolder. + - Using FastCGI is officially deprecated - Improved logging of ConflictErrors. All conflict errors are Modified: Zope/branches/2.9/lib/python/OFS/ObjectManager.py === --- Zope/branches/2.9/lib/python/OFS/ObjectManager.py 2005-12-05 13:54:19 UTC (rev 40535) +++ Zope/branches/2.9/lib/python/OFS/ObjectManager.py 2005-12-05 15:07:46 UTC (rev 40536) @@ -273,6 +273,20 @@ raise AttributeError, id return default +def hasObject(self, id): +Indicate whether the folder has an item by ID. + +This doesn't try to be more intelligent than _getOb, and doesn't +consult _objects (for performance reasons). The common use case +is to check that an object does *not* exist. + +if (id in ('.', '..') or +id.startswith('_') or +id.startswith('aq_') or +id.endswith('__')): +return False +return getattr(aq_base(self), id, None) is not None + def _setObject(self, id, object, roles=None, user=None, set_owner=1, suppress_events=False): Set an object into this container. Modified: Zope/branches/2.9/lib/python/OFS/interfaces.py === --- Zope/branches/2.9/lib/python/OFS/interfaces.py 2005-12-05 13:54:19 UTC (rev 40535) +++ Zope/branches/2.9/lib/python/OFS/interfaces.py 2005-12-05 15:07:46 UTC (rev 40536) @@ -531,6 +531,10 @@ +def hasObject(id): +Indicate whether the folder has an item by ID. + + def objectIds(spec=None): List the IDs of the subobjects of the current object. Modified: Zope/branches/2.9/lib/python/OFS/tests/testObjectManager.py === --- Zope/branches/2.9/lib/python/OFS/tests/testObjectManager.py 2005-12-05 13:54:19 UTC (rev 40535) +++ Zope/branches/2.9/lib/python/OFS/tests/testObjectManager.py 2005-12-05 15:07:46 UTC (rev 40536) @@ -328,6 +328,22 @@ om2._setObject(ob.getId(), ob) self.assertRaises(DeleteFailed, om1._delObject, 'om2') +def test_hasObject(self): +om = self._makeOne() +self.failIf(om.hasObject('_properties')) +self.failIf(om.hasObject('_getOb')) +self.failIf(om.hasObject('__of__')) +self.failIf(om.hasObject('.')) +self.failIf(om.hasObject('..')) +self.failIf(om.hasObject('aq_base')) +om.zap__ = True +self.failIf(om.hasObject('zap__')) +self.failIf(om.hasObject('foo')) +si = SimpleItem('foo') +om._setObject('foo', si) +self.assert_(om.hasObject('foo')) +om._delObject('foo') +self.failIf(om.hasObject('foo')) def test_setObject_checkId_ok(self): om = self._makeOne() ___ Zope-Checkins maillist - Zope-Checkins@zope.org http://mail.zope.org/mailman/listinfo/zope-checkins
[Zope-Checkins] SVN: Zope/trunk/ Merged r40536 from 2.9 branch:
Log message for revision 40537: Merged r40536 from 2.9 branch: ObjectManager now has an hasObject method to test presence. This brings it in line with BTreeFolder. Changed: U Zope/trunk/doc/CHANGES.txt U Zope/trunk/lib/python/OFS/ObjectManager.py U Zope/trunk/lib/python/OFS/interfaces.py U Zope/trunk/lib/python/OFS/tests/testObjectManager.py -=- Modified: Zope/trunk/doc/CHANGES.txt === --- Zope/trunk/doc/CHANGES.txt 2005-12-05 15:07:46 UTC (rev 40536) +++ Zope/trunk/doc/CHANGES.txt 2005-12-05 15:12:52 UTC (rev 40537) @@ -26,6 +26,9 @@ Features added + - ObjectManager now has an hasObject method to test presence. This +brings it in line with BTreeFolder. + - Using FastCGI is offically deprecated. - Improved logging of ConflictErrors. All conflict errors are Modified: Zope/trunk/lib/python/OFS/ObjectManager.py === --- Zope/trunk/lib/python/OFS/ObjectManager.py 2005-12-05 15:07:46 UTC (rev 40536) +++ Zope/trunk/lib/python/OFS/ObjectManager.py 2005-12-05 15:12:52 UTC (rev 40537) @@ -272,6 +272,20 @@ raise AttributeError, id return default +def hasObject(self, id): +Indicate whether the folder has an item by ID. + +This doesn't try to be more intelligent than _getOb, and doesn't +consult _objects (for performance reasons). The common use case +is to check that an object does *not* exist. + +if (id in ('.', '..') or +id.startswith('_') or +id.startswith('aq_') or +id.endswith('__')): +return False +return getattr(aq_base(self), id, None) is not None + def _setObject(self, id, object, roles=None, user=None, set_owner=1, suppress_events=False): Set an object into this container. Modified: Zope/trunk/lib/python/OFS/interfaces.py === --- Zope/trunk/lib/python/OFS/interfaces.py 2005-12-05 15:07:46 UTC (rev 40536) +++ Zope/trunk/lib/python/OFS/interfaces.py 2005-12-05 15:12:52 UTC (rev 40537) @@ -531,6 +531,10 @@ +def hasObject(id): +Indicate whether the folder has an item by ID. + + def objectIds(spec=None): List the IDs of the subobjects of the current object. Modified: Zope/trunk/lib/python/OFS/tests/testObjectManager.py === --- Zope/trunk/lib/python/OFS/tests/testObjectManager.py2005-12-05 15:07:46 UTC (rev 40536) +++ Zope/trunk/lib/python/OFS/tests/testObjectManager.py2005-12-05 15:12:52 UTC (rev 40537) @@ -328,6 +328,22 @@ om2._setObject(ob.getId(), ob) self.assertRaises(DeleteFailed, om1._delObject, 'om2') +def test_hasObject(self): +om = self._makeOne() +self.failIf(om.hasObject('_properties')) +self.failIf(om.hasObject('_getOb')) +self.failIf(om.hasObject('__of__')) +self.failIf(om.hasObject('.')) +self.failIf(om.hasObject('..')) +self.failIf(om.hasObject('aq_base')) +om.zap__ = True +self.failIf(om.hasObject('zap__')) +self.failIf(om.hasObject('foo')) +si = SimpleItem('foo') +om._setObject('foo', si) +self.assert_(om.hasObject('foo')) +om._delObject('foo') +self.failIf(om.hasObject('foo')) def test_setObject_checkId_ok(self): om = self._makeOne() ___ Zope-Checkins maillist - Zope-Checkins@zope.org http://mail.zope.org/mailman/listinfo/zope-checkins
[Zope-Checkins] SVN: Zope/branches/Zope-2_8-branch/ Merged r40536 from 2.9 branch:
Log message for revision 40542: Merged r40536 from 2.9 branch: ObjectManager now has an hasObject method to test presence. This brings it in line with BTreeFolder. Changed: U Zope/branches/Zope-2_8-branch/doc/CHANGES.txt U Zope/branches/Zope-2_8-branch/lib/python/OFS/ObjectManager.py U Zope/branches/Zope-2_8-branch/lib/python/OFS/tests/testObjectManager.py -=- Modified: Zope/branches/Zope-2_8-branch/doc/CHANGES.txt === --- Zope/branches/Zope-2_8-branch/doc/CHANGES.txt 2005-12-05 15:15:05 UTC (rev 40541) +++ Zope/branches/Zope-2_8-branch/doc/CHANGES.txt 2005-12-05 15:23:20 UTC (rev 40542) @@ -58,6 +58,9 @@ Other + - ObjectManager now has an hasObject method to test presence. This +brings it in line with BTreeFolder. + - Made 'zopectl test' work for software homes which do not have an inplace build (it used to require that test.py be in $ZOPE_HOME/bin/; now it will use $ZOPE_HOME as a fallback). Modified: Zope/branches/Zope-2_8-branch/lib/python/OFS/ObjectManager.py === --- Zope/branches/Zope-2_8-branch/lib/python/OFS/ObjectManager.py 2005-12-05 15:15:05 UTC (rev 40541) +++ Zope/branches/Zope-2_8-branch/lib/python/OFS/ObjectManager.py 2005-12-05 15:23:20 UTC (rev 40542) @@ -261,6 +261,20 @@ raise AttributeError, id return default +def hasObject(self, id): +Indicate whether the folder has an item by ID. + +This doesn't try to be more intelligent than _getOb, and doesn't +consult _objects (for performance reasons). The common use case +is to check that an object does *not* exist. + +if (id in ('.', '..') or +id.startswith('_') or +id.startswith('aq_') or +id.endswith('__')): +return False +return getattr(aq_base(self), id, None) is not None + def _setObject(self, id, object, roles=None, user=None, set_owner=1): v=self._checkId(id) if v is not None: id=v Modified: Zope/branches/Zope-2_8-branch/lib/python/OFS/tests/testObjectManager.py === --- Zope/branches/Zope-2_8-branch/lib/python/OFS/tests/testObjectManager.py 2005-12-05 15:15:05 UTC (rev 40541) +++ Zope/branches/Zope-2_8-branch/lib/python/OFS/tests/testObjectManager.py 2005-12-05 15:23:20 UTC (rev 40542) @@ -303,6 +303,23 @@ om2._setObject(ob.getId(), ob) self.assertRaises(DeleteFailed, om1._delObject, 'om2') +def test_hasObject(self): +om = self._makeOne() +self.failIf(om.hasObject('_properties')) +self.failIf(om.hasObject('_getOb')) +self.failIf(om.hasObject('__of__')) +self.failIf(om.hasObject('.')) +self.failIf(om.hasObject('..')) +self.failIf(om.hasObject('aq_base')) +om.zap__ = True +self.failIf(om.hasObject('zap__')) +self.failIf(om.hasObject('foo')) +si = SimpleItem('foo') +om._setObject('foo', si) +self.assert_(om.hasObject('foo')) +om._delObject('foo') +self.failIf(om.hasObject('foo')) + def test_setObject_checkId_ok(self): om = self._makeOne() si = SimpleItem('1') ___ Zope-Checkins maillist - Zope-Checkins@zope.org http://mail.zope.org/mailman/listinfo/zope-checkins
[Zope-Checkins] SVN: Zope/branches/Zope-2_8-branch/ - reverted workaround in '_verifyObjectPaste'; 'checkPermission' now respects proxy roles
Log message for revision 40550: - reverted workaround in '_verifyObjectPaste'; 'checkPermission' now respects proxy roles Changed: U Zope/branches/Zope-2_8-branch/doc/CHANGES.txt U Zope/branches/Zope-2_8-branch/lib/python/OFS/CopySupport.py U Zope/branches/Zope-2_8-branch/lib/python/OFS/tests/testCopySupport.py -=- Modified: Zope/branches/Zope-2_8-branch/doc/CHANGES.txt === --- Zope/branches/Zope-2_8-branch/doc/CHANGES.txt 2005-12-05 17:13:57 UTC (rev 40549) +++ Zope/branches/Zope-2_8-branch/doc/CHANGES.txt 2005-12-05 18:26:15 UTC (rev 40550) @@ -26,6 +26,11 @@ Bugs Fixed + - CopySupport: Reverted workaround in '_verifyObjectPaste'. +'checkPermission' now respects proxy roles, so the warkaround +introduced to fix http://www.zope.org/Collectors/Zope/78 is no longer +needed. Meta types listed in all_meta_types need a 'permission' key. + - Collector #1774: Harmonize the implementation of AccessControl.ZopeSecurityPolicy.checkPermission with 'validate', checking ownership and proxy roles if an Modified: Zope/branches/Zope-2_8-branch/lib/python/OFS/CopySupport.py === --- Zope/branches/Zope-2_8-branch/lib/python/OFS/CopySupport.py 2005-12-05 17:13:57 UTC (rev 40549) +++ Zope/branches/Zope-2_8-branch/lib/python/OFS/CopySupport.py 2005-12-05 18:26:15 UTC (rev 40550) @@ -19,6 +19,7 @@ from cgi import escape from marshal import loads, dumps from urllib import quote, unquote +from warnings import warn from zlib import compress, decompress import Globals, Moniker, ExtensionClass @@ -352,7 +353,7 @@ if not hasattr(object, 'meta_type'): raise CopyError, MessageDialog( title = 'Not Supported', - message = ('The object EM%s/EM does not support this' \ + message = ('The object em%s/em does not support this' \ ' operation' % escape(absattr(object.id))), action = 'manage_main') @@ -372,36 +373,50 @@ mt_permission = d.get('permission') break -if method_name: -try: -method = self.restrictedTraverse(method_name) -# method_name is e.g. -# manage_addProduct/PageTemplates/manage_addPageTemplateForm. -# restrictedTraverse will raise Unauthorized if it -# can't obtain the factory method by name due to a -# security restriction. We depend on this side effect -# here! Note that we use restrictedTraverse as -# opposed to checkPermission to take into account the -# special security circumstances related to proxy -# roles. See collector #78. +if mt_permission is not None: +sm = getSecurityManager() -except Unauthorized: -if mt_permission: +if sm.checkPermission(mt_permission, self): +if validate_src: +# Ensure the user is allowed to access the object on the +# clipboard. +try: +parent = aq_parent(aq_inner(object)) +except: +parent = None + +if not sm.validate(None, parent, None, object): +raise Unauthorized(absattr(object.id)) + +if validate_src == 2: # moving +if not sm.checkPermission(DeleteObjects, parent): +raise Unauthorized('Delete not allowed.') +else: +raise CopyError, MessageDialog( +title = 'Insufficient Privileges', message = ('You do not possess the %s permission in the ' 'context of the container into which you are ' 'pasting, thus you are not able to perform ' - 'this operation.' % mt_permission) -else: + 'this operation.' % mt_permission), +action = 'manage_main') +elif method_name: +# BBB: fallback for missing or None permission +warn(The required 'permission' key is not set or None for meta + type '%s'. This fallback will be removed in Zope 2.9. + % object.meta_type, + DeprecationWarning) +try: +method = self.restrictedTraverse(method_name) +except Unauthorized: +raise CopyError, MessageDialog( +title = 'Insufficient Privileges', message = ('You do not possess the permission required ' 'to call %s in the
[Zope-Checkins] SVN: Zope/trunk/lib/python/OFS/ - reverted workaround in '_verifyObjectPaste'; 'checkPermission' now respects proxy roles
Log message for revision 40552: - reverted workaround in '_verifyObjectPaste'; 'checkPermission' now respects proxy roles Changed: U Zope/trunk/lib/python/OFS/CopySupport.py U Zope/trunk/lib/python/OFS/tests/testCopySupport.py -=- Modified: Zope/trunk/lib/python/OFS/CopySupport.py === --- Zope/trunk/lib/python/OFS/CopySupport.py2005-12-05 18:26:31 UTC (rev 40551) +++ Zope/trunk/lib/python/OFS/CopySupport.py2005-12-05 18:26:49 UTC (rev 40552) @@ -477,7 +477,7 @@ if not hasattr(object, 'meta_type'): raise CopyError, MessageDialog( title = 'Not Supported', - message = ('The object EM%s/EM does not support this' \ + message = ('The object em%s/em does not support this' \ ' operation' % escape(absattr(object.id))), action = 'manage_main') @@ -497,60 +497,38 @@ mt_permission = d.get('permission') break -if method_name: -try: -method = self.restrictedTraverse(method_name) -# method_name is e.g. -# manage_addProduct/PageTemplates/manage_addPageTemplateForm. -# restrictedTraverse will raise Unauthorized if it -# can't obtain the factory method by name due to a -# security restriction. We depend on this side effect -# here! Note that we use restrictedTraverse as -# opposed to checkPermission to take into account the -# special security circumstances related to proxy -# roles. See collector #78. +if mt_permission is not None: +sm = getSecurityManager() -except Unauthorized: -if mt_permission: +if sm.checkPermission(mt_permission, self): +if validate_src: +# Ensure the user is allowed to access the object on the +# clipboard. +try: +parent = aq_parent(aq_inner(object)) +except: +parent = None + +if not sm.validate(None, parent, None, object): +raise Unauthorized(absattr(object.id)) + +if validate_src == 2: # moving +if not sm.checkPermission(delete_objects, parent): +raise Unauthorized('Delete not allowed.') +else: +raise CopyError, MessageDialog( +title = 'Insufficient Privileges', message = ('You do not possess the %s permission in the ' 'context of the container into which you are ' 'pasting, thus you are not able to perform ' - 'this operation.' % mt_permission) -else: -message = ('You do not possess the permission required ' - 'to call %s in the context of the container ' - 'into which you are pasting, thus you are not ' - 'able to perform this operation.' % method_name) - -raise CopyError, MessageDialog( - title = 'Insufficient Privileges', - message = message, - action = 'manage_main') - -if validate_src: - -sm = getSecurityManager() - -# Ensure the user is allowed to access the object on the -# clipboard. -try: -parent = aq_parent(aq_inner(object)) -except: -parent = None - -if not sm.validate(None,parent,None,object): -raise Unauthorized, absattr(object.id) - -if validate_src == 2: # moving -if not sm.checkPermission(delete_objects, parent): -raise Unauthorized, 'Delete not allowed.' - -else: # /if method_name + 'this operation.' % mt_permission), +action = 'manage_main') +else: raise CopyError, MessageDialog( - title = 'Not Supported', - message = ('The object EM%s/EM does not support this ' - 'operation.' % escape(absattr(object.id))), - action = 'manage_main') +title = 'Not Supported', +message = ('The object em%s/em does not support this ' + 'operation.' % escape(absattr(object.id))), +action = 'manage_main') InitializeClass(CopyContainer) Modified: Zope/trunk/lib/python/OFS/tests/testCopySupport.py
[Zope-Checkins] SVN: Zope/tags/2.9.0b1/ Zope 2.9.0 beta 1
Log message for revision 40578: Zope 2.9.0 beta 1 Changed: A Zope/tags/2.9.0b1/ -=- Copied: Zope/tags/2.9.0b1 (from rev 40577, Zope/branches/2.9) ___ Zope-Checkins maillist - Zope-Checkins@zope.org http://mail.zope.org/mailman/listinfo/zope-checkins
[Zope-Checkins] SVN: Zope/branches/2.9/doc/CHANGES.txt typo
Log message for revision 40579: typo Changed: U Zope/branches/2.9/doc/CHANGES.txt -=- Modified: Zope/branches/2.9/doc/CHANGES.txt === --- Zope/branches/2.9/doc/CHANGES.txt 2005-12-06 06:43:47 UTC (rev 40578) +++ Zope/branches/2.9/doc/CHANGES.txt 2005-12-06 06:44:09 UTC (rev 40579) @@ -22,7 +22,7 @@ - Collector #1233: port ZOPE_CONFIG patch from Zope 2.7 to Zope 2.8 - Zope 2.9.1 beta 1 (2005/12/06) + Zope 2.9.0 beta 1 (2005/12/06) Features added ___ Zope-Checkins maillist - Zope-Checkins@zope.org http://mail.zope.org/mailman/listinfo/zope-checkins
[Zope-Checkins] SVN: Zope/tags/2.9.0b1/2.9/ Zope 2.9.0 b1
Log message for revision 40580: Zope 2.9.0 b1 Changed: A Zope/tags/2.9.0b1/2.9/ -=- Copied: Zope/tags/2.9.0b1/2.9 (from rev 40579, Zope/branches/2.9) ___ Zope-Checkins maillist - Zope-Checkins@zope.org http://mail.zope.org/mailman/listinfo/zope-checkins