Hi Brad, У уто, 06. 09 2011. у 08:32 -0400, Brad Crittenden пише: > Last week I fixed a bug[1] that was caused by one of the security adapters > delegating to another one by explicitly naming it. Unfortunately the named > one was not appropriate. The fix was to not hard-code the adapter but to use > getAdapter to let the machinery find the correct one. > > After fixing that single instance Francis asked that I look at all of the > places we do something similar in our various security.py files. There were > many. I opened [2] to track fixing them. > > It is a common pattern for one object to defer to a child object's security > adapter, e.g. the security rules for viewing a bug attachment are the same as > for the associated bug, so the security adapter for the bug attachment > forwards to the adapter for the bug. > > To remove the hard-coded names and facilitate this pattern of forwarding via > lookup I created a new base class called ForwardedAuthorization. > > Here is a diff of the change to use the new class. It shows forwarding to > the child 'archive' and using a different permission, 'launchpad.Append' > instead of the original 'launchpad.Edit'. The permission is optional and > should be omitted if it is the same as the original. > > 284 -class EditPublishing(AuthorizationBase): > 285 +class EditPublishing(ForwardedAuthorization): > 286 """Restrict editing of source and binary packages..""" > 287 permission = "launchpad.Edit" > 288 usedfor = IPublishingEdit > 289 > 290 - def checkAuthenticated(self, user): > 291 - return AppendArchive(self.obj.archive).checkAuthenticated(user) > 292 + def __init__(self, obj): > 293 + super(EditPublishing, self).__init__(obj.archive, > 'launchpad.Append') > 294 > > Please use this new class when you need to follow the forwarding pattern. My > branch should land today.
How does this relate to the forwardCheckAuthenticated Henning (I think) implemented a while back? Is it not the same thing, essentially? Cheers, Danilo _______________________________________________ Mailing list: https://launchpad.net/~launchpad-dev Post to : launchpad-dev@lists.launchpad.net Unsubscribe : https://launchpad.net/~launchpad-dev More help : https://help.launchpad.net/ListHelp
