Re: [Repoze-dev] Looking for advice on how to use repoze.what to protect a specific resource/entity.
On 2/16/10 8:46 AM, Tim Hoffman wrote:
> Hi Chris
>
> Yeah , after Tres repose, and thinking further on the abstractions I
> thinking along simliar lines, sort of collapsing the notion of a role
> and permission together.
Even in Zope, roles are effectively just collections of permissions. If it
helps to think of it this way, you could consider the permissions you assign to
owner a "role", e.g.:
OWNER_ROLE = ('read', 'edit', 'delete')
> Thanks for the input. I am pretty sure this is the path I will take.
Hope it works out!
>
> It seems to play nicer with what I am trying to achieve than
> repoze.what predicates which seem to not suit context evaluation.
>
> I will get my uml -> python generator to spit out routes and bfg views
> and think about how I want to annotate the model
> to support the acl declerations.
>
> Thanks everyone for the input.
>
> T
>
> On Tue, Feb 16, 2010 at 9:07 PM, Chris McDonough wrote:
>> You might choose to not have a special owner principal if you're already
>> generating the __acl__ via a property. Instead, you might just think of
>> "owner" as a set of permission names, and generate "the right" ACL.
>>
>> For instance, if you store a set of owner names as the "owners" attribute of
>> a model (when the model is created or modified):
>>
>>>>> model.owners
>>['tim', 'chris']
>>
>> And you have, somewhere in your code, something like the following:
>>
>>OWNER_PERMISSIONS = ('read', 'write', 'delete')
>>
>> Something like this can be done in your __acl__ property:
>>
>>acl = []
>>for owner in self.owners:
>>acl.append((Allow, owner, OWNER_PERMISSIONS))
>>... other mutations to the acl ...
>>return acl
>>
>> Then if you need to show the owners in the UI, use model.owners, and don't
>> try to imply any ownership info from the ACL itself.
>>
>>
>> On 2/15/10 6:52 PM, Tim Hoffman wrote:
>>>
>>> Hi
>>>
>>> I could at the very least evaluate the Owner special principal
>>> into the real owner, when I provide the __acl__ registration via the
>>> property accessor
>>>
>>> Most of the project is defined in a uml model and the code is being
>>> generated. So
>>> declaring the permissions where possible in the model means I need to use
>>> abstractions representing things like Owner in the model
>>>
>>> T
>>>
>>> On Tue, Feb 16, 2010 at 7:49 AM, Tim Hoffmanwrote:
HI Tres
The last thing I would love to be able to do would be to declare the
permissions
at the class level
as in
(Allow, Owner, "edit")
And have a Owner a special principal like Everyone,
that allows me to declare the permission. But only evaluates "owner"
when the permission is checked
Do you think that could work, I haven't worked out how I could
implement that though.
T
On Tue, Feb 16, 2010 at 7:24 AM, Tres Seaver
wrote:
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Tim Hoffman wrote:
>
>> I was hoping to declare the local role equivalent at the class level,
>> but following from what you said
>>
>> I have a class declaration for "site_manager" and persist
>> a user/owner declaration on the object at creation time ?
>>
>> Then when I retrieve the entity from the app engine datastore
>> have a __acl__ property accessor which
>> then merges the class declaration with the persisted addition
>> definition of ower.
>>
>> Does that sound like an appropriate approach?
>
> That sounds like it would work, yes.
>
>
> Tres.
> - --
> ===
> Tres Seaver +1 540-429-0999 tsea...@palladion.com
> Palladion Software "Excellence by Design"http://palladion.com
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.4.9 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iEYEARECAAYFAkt516wACgkQ+gerLs4ltQ4I6ACfaqLKXOodUYv8GroTYAPN3TwL
> izQAnA1Y6ojjgLB/LgpHpTFU08LoRI0h
> =ruoG
> -END PGP SIGNATURE-
>
>>> ___
>>> Repoze-dev mailing list
>>> Repoze-dev@lists.repoze.org
>>> http://lists.repoze.org/listinfo/repoze-dev
>>>
>>
>>
>> --
>> Chris McDonough
>> Agendaless Consulting, Fredericksburg VA
>> The repoze.bfg Web Application Framework Book: http://bfg.repoze.org/book
>>
>
--
Chris McDonough
Agendaless Consulting, Fredericksburg VA
The repoze.bfg Web Application Framework Book: http://bfg.repoze.org/book
___
Repoze-dev mailing list
Repoze-dev@lists.repoze.org
http://lists.repoze.org/listinfo/repoze-dev
Re: [Repoze-dev] Looking for advice on how to use repoze.what to protect a specific resource/entity.
Hi Chris
Yeah , after Tres repose, and thinking further on the abstractions I
thinking along simliar lines, sort of collapsing the notion of a role
and permission together.
Thanks for the input. I am pretty sure this is the path I will take.
It seems to play nicer with what I am trying to achieve than
repoze.what predicates which seem to not suit context evaluation.
I will get my uml -> python generator to spit out routes and bfg views
and think about how I want to annotate the model
to support the acl declerations.
Thanks everyone for the input.
T
On Tue, Feb 16, 2010 at 9:07 PM, Chris McDonough wrote:
> You might choose to not have a special owner principal if you're already
> generating the __acl__ via a property. Instead, you might just think of
> "owner" as a set of permission names, and generate "the right" ACL.
>
> For instance, if you store a set of owner names as the "owners" attribute of
> a model (when the model is created or modified):
>
> >>> model.owners
> ['tim', 'chris']
>
> And you have, somewhere in your code, something like the following:
>
> OWNER_PERMISSIONS = ('read', 'write', 'delete')
>
> Something like this can be done in your __acl__ property:
>
> acl = []
> for owner in self.owners:
> acl.append((Allow, owner, OWNER_PERMISSIONS))
> ... other mutations to the acl ...
> return acl
>
> Then if you need to show the owners in the UI, use model.owners, and don't
> try to imply any ownership info from the ACL itself.
>
>
> On 2/15/10 6:52 PM, Tim Hoffman wrote:
>>
>> Hi
>>
>> I could at the very least evaluate the Owner special principal
>> into the real owner, when I provide the __acl__ registration via the
>> property accessor
>>
>> Most of the project is defined in a uml model and the code is being
>> generated. So
>> declaring the permissions where possible in the model means I need to use
>> abstractions representing things like Owner in the model
>>
>> T
>>
>> On Tue, Feb 16, 2010 at 7:49 AM, Tim Hoffman wrote:
>>>
>>> HI Tres
>>>
>>> The last thing I would love to be able to do would be to declare the
>>> permissions
>>> at the class level
>>>
>>> as in
>>>
>>> (Allow, Owner, "edit")
>>>
>>> And have a Owner a special principal like Everyone,
>>> that allows me to declare the permission. But only evaluates "owner"
>>> when the permission is checked
>>>
>>> Do you think that could work, I haven't worked out how I could
>>> implement that though.
>>>
>>> T
>>>
>>> On Tue, Feb 16, 2010 at 7:24 AM, Tres Seaver
>>> wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Tim Hoffman wrote:
> I was hoping to declare the local role equivalent at the class level,
> but following from what you said
>
> I have a class declaration for "site_manager" and persist
> a user/owner declaration on the object at creation time ?
>
> Then when I retrieve the entity from the app engine datastore
> have a __acl__ property accessor which
> then merges the class declaration with the persisted addition
> definition of ower.
>
> Does that sound like an appropriate approach?
That sounds like it would work, yes.
Tres.
- --
===
Tres Seaver +1 540-429-0999 tsea...@palladion.com
Palladion Software "Excellence by Design" http://palladion.com
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkt516wACgkQ+gerLs4ltQ4I6ACfaqLKXOodUYv8GroTYAPN3TwL
izQAnA1Y6ojjgLB/LgpHpTFU08LoRI0h
=ruoG
-END PGP SIGNATURE-
>>>
>> ___
>> Repoze-dev mailing list
>> Repoze-dev@lists.repoze.org
>> http://lists.repoze.org/listinfo/repoze-dev
>>
>
>
> --
> Chris McDonough
> Agendaless Consulting, Fredericksburg VA
> The repoze.bfg Web Application Framework Book: http://bfg.repoze.org/book
>
___
Repoze-dev mailing list
Repoze-dev@lists.repoze.org
http://lists.repoze.org/listinfo/repoze-dev
Re: [Repoze-dev] Looking for advice on how to use repoze.what to protect a specific resource/entity.
You might choose to not have a special owner principal if you're already
generating the __acl__ via a property. Instead, you might just think of
"owner" as a set of permission names, and generate "the right" ACL.
For instance, if you store a set of owner names as the "owners" attribute of a
model (when the model is created or modified):
>>> model.owners
['tim', 'chris']
And you have, somewhere in your code, something like the following:
OWNER_PERMISSIONS = ('read', 'write', 'delete')
Something like this can be done in your __acl__ property:
acl = []
for owner in self.owners:
acl.append((Allow, owner, OWNER_PERMISSIONS))
... other mutations to the acl ...
return acl
Then if you need to show the owners in the UI, use model.owners, and don't try
to imply any ownership info from the ACL itself.
On 2/15/10 6:52 PM, Tim Hoffman wrote:
> Hi
>
> I could at the very least evaluate the Owner special principal
> into the real owner, when I provide the __acl__ registration via the
> property accessor
>
> Most of the project is defined in a uml model and the code is being
> generated. So
> declaring the permissions where possible in the model means I need to use
> abstractions representing things like Owner in the model
>
> T
>
> On Tue, Feb 16, 2010 at 7:49 AM, Tim Hoffman wrote:
>> HI Tres
>>
>> The last thing I would love to be able to do would be to declare the
>> permissions
>> at the class level
>>
>> as in
>>
>> (Allow, Owner, "edit")
>>
>> And have a Owner a special principal like Everyone,
>> that allows me to declare the permission. But only evaluates "owner"
>> when the permission is checked
>>
>> Do you think that could work, I haven't worked out how I could
>> implement that though.
>>
>> T
>>
>> On Tue, Feb 16, 2010 at 7:24 AM, Tres Seaver wrote:
>>> -BEGIN PGP SIGNED MESSAGE-
>>> Hash: SHA1
>>>
>>> Tim Hoffman wrote:
>>>
I was hoping to declare the local role equivalent at the class level,
but following from what you said
I have a class declaration for "site_manager" and persist
a user/owner declaration on the object at creation time ?
Then when I retrieve the entity from the app engine datastore
have a __acl__ property accessor which
then merges the class declaration with the persisted addition
definition of ower.
Does that sound like an appropriate approach?
>>>
>>> That sounds like it would work, yes.
>>>
>>>
>>> Tres.
>>> - --
>>> ===
>>> Tres Seaver +1 540-429-0999 tsea...@palladion.com
>>> Palladion Software "Excellence by Design"http://palladion.com
>>> -BEGIN PGP SIGNATURE-
>>> Version: GnuPG v1.4.9 (GNU/Linux)
>>> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>>>
>>> iEYEARECAAYFAkt516wACgkQ+gerLs4ltQ4I6ACfaqLKXOodUYv8GroTYAPN3TwL
>>> izQAnA1Y6ojjgLB/LgpHpTFU08LoRI0h
>>> =ruoG
>>> -END PGP SIGNATURE-
>>>
>>
> ___
> Repoze-dev mailing list
> Repoze-dev@lists.repoze.org
> http://lists.repoze.org/listinfo/repoze-dev
>
--
Chris McDonough
Agendaless Consulting, Fredericksburg VA
The repoze.bfg Web Application Framework Book: http://bfg.repoze.org/book
___
Repoze-dev mailing list
Repoze-dev@lists.repoze.org
http://lists.repoze.org/listinfo/repoze-dev
Re: [Repoze-dev] Looking for advice on how to use repoze.what to protect a specific resource/entity.
Hi It seems the big difference between zope2 and bfg acls is the lack of roles. bfg acls map permissions directly to principals, and doesn't appear to have the concept of a role. The local roles in zope is a extension of system wide roles where additional roles are defined for a principal based on the context. Owner in plone is a role assigned to a principal, and permissions are bound to roles. A user can get a specific role in a particular context, effectively decoupling the declaration of permissions from principals. T On Tue, Feb 16, 2010 at 7:52 AM, Tim Hoffman wrote: > Hi > > I could at the very least evaluate the Owner special principal > into the real owner, when I provide the __acl__ registration via the > property accessor > > Most of the project is defined in a uml model and the code is being > generated. So > declaring the permissions where possible in the model means I need to use > abstractions representing things like Owner in the model > > T > > On Tue, Feb 16, 2010 at 7:49 AM, Tim Hoffman wrote: >> HI Tres >> >> The last thing I would love to be able to do would be to declare the >> permissions >> at the class level >> >> as in >> >> (Allow, Owner, "edit") >> >> And have a Owner a special principal like Everyone, >> that allows me to declare the permission. But only evaluates "owner" >> when the permission is checked >> >> Do you think that could work, I haven't worked out how I could >> implement that though. >> >> T >> >> On Tue, Feb 16, 2010 at 7:24 AM, Tres Seaver wrote: >>> -BEGIN PGP SIGNED MESSAGE- >>> Hash: SHA1 >>> >>> Tim Hoffman wrote: >>> I was hoping to declare the local role equivalent at the class level, but following from what you said I have a class declaration for "site_manager" and persist a user/owner declaration on the object at creation time ? Then when I retrieve the entity from the app engine datastore have a __acl__ property accessor which then merges the class declaration with the persisted addition definition of ower. Does that sound like an appropriate approach? >>> >>> That sounds like it would work, yes. >>> >>> >>> Tres. >>> - -- >>> === >>> Tres Seaver +1 540-429-0999 tsea...@palladion.com >>> Palladion Software "Excellence by Design" http://palladion.com >>> -BEGIN PGP SIGNATURE- >>> Version: GnuPG v1.4.9 (GNU/Linux) >>> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org >>> >>> iEYEARECAAYFAkt516wACgkQ+gerLs4ltQ4I6ACfaqLKXOodUYv8GroTYAPN3TwL >>> izQAnA1Y6ojjgLB/LgpHpTFU08LoRI0h >>> =ruoG >>> -END PGP SIGNATURE- >>> >> > ___ Repoze-dev mailing list Repoze-dev@lists.repoze.org http://lists.repoze.org/listinfo/repoze-dev
Re: [Repoze-dev] Looking for advice on how to use repoze.what to protect a specific resource/entity.
Hi I could at the very least evaluate the Owner special principal into the real owner, when I provide the __acl__ registration via the property accessor Most of the project is defined in a uml model and the code is being generated. So declaring the permissions where possible in the model means I need to use abstractions representing things like Owner in the model T On Tue, Feb 16, 2010 at 7:49 AM, Tim Hoffman wrote: > HI Tres > > The last thing I would love to be able to do would be to declare the > permissions > at the class level > > as in > > (Allow, Owner, "edit") > > And have a Owner a special principal like Everyone, > that allows me to declare the permission. But only evaluates "owner" > when the permission is checked > > Do you think that could work, I haven't worked out how I could > implement that though. > > T > > On Tue, Feb 16, 2010 at 7:24 AM, Tres Seaver wrote: >> -BEGIN PGP SIGNED MESSAGE- >> Hash: SHA1 >> >> Tim Hoffman wrote: >> >>> I was hoping to declare the local role equivalent at the class level, >>> but following from what you said >>> >>> I have a class declaration for "site_manager" and persist >>> a user/owner declaration on the object at creation time ? >>> >>> Then when I retrieve the entity from the app engine datastore >>> have a __acl__ property accessor which >>> then merges the class declaration with the persisted addition >>> definition of ower. >>> >>> Does that sound like an appropriate approach? >> >> That sounds like it would work, yes. >> >> >> Tres. >> - -- >> === >> Tres Seaver +1 540-429-0999 tsea...@palladion.com >> Palladion Software "Excellence by Design" http://palladion.com >> -BEGIN PGP SIGNATURE- >> Version: GnuPG v1.4.9 (GNU/Linux) >> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org >> >> iEYEARECAAYFAkt516wACgkQ+gerLs4ltQ4I6ACfaqLKXOodUYv8GroTYAPN3TwL >> izQAnA1Y6ojjgLB/LgpHpTFU08LoRI0h >> =ruoG >> -END PGP SIGNATURE- >> > ___ Repoze-dev mailing list Repoze-dev@lists.repoze.org http://lists.repoze.org/listinfo/repoze-dev
Re: [Repoze-dev] Looking for advice on how to use repoze.what to protect a specific resource/entity.
HI Tres The last thing I would love to be able to do would be to declare the permissions at the class level as in (Allow, Owner, "edit") And have a Owner a special principal like Everyone, that allows me to declare the permission. But only evaluates "owner" when the permission is checked Do you think that could work, I haven't worked out how I could implement that though. T On Tue, Feb 16, 2010 at 7:24 AM, Tres Seaver wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > Tim Hoffman wrote: > >> I was hoping to declare the local role equivalent at the class level, >> but following from what you said >> >> I have a class declaration for "site_manager" and persist >> a user/owner declaration on the object at creation time ? >> >> Then when I retrieve the entity from the app engine datastore >> have a __acl__ property accessor which >> then merges the class declaration with the persisted addition >> definition of ower. >> >> Does that sound like an appropriate approach? > > That sounds like it would work, yes. > > > Tres. > - -- > === > Tres Seaver +1 540-429-0999 tsea...@palladion.com > Palladion Software "Excellence by Design" http://palladion.com > -BEGIN PGP SIGNATURE- > Version: GnuPG v1.4.9 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iEYEARECAAYFAkt516wACgkQ+gerLs4ltQ4I6ACfaqLKXOodUYv8GroTYAPN3TwL > izQAnA1Y6ojjgLB/LgpHpTFU08LoRI0h > =ruoG > -END PGP SIGNATURE- > ___ Repoze-dev mailing list Repoze-dev@lists.repoze.org http://lists.repoze.org/listinfo/repoze-dev
Re: [Repoze-dev] Looking for advice on how to use repoze.what to protect a specific resource/entity.
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Tim Hoffman wrote: > I was hoping to declare the local role equivalent at the class level, > but following from what you said > > I have a class declaration for "site_manager" and persist > a user/owner declaration on the object at creation time ? > > Then when I retrieve the entity from the app engine datastore > have a __acl__ property accessor which > then merges the class declaration with the persisted addition > definition of ower. > > Does that sound like an appropriate approach? That sounds like it would work, yes. Tres. - -- === Tres Seaver +1 540-429-0999 tsea...@palladion.com Palladion Software "Excellence by Design"http://palladion.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkt516wACgkQ+gerLs4ltQ4I6ACfaqLKXOodUYv8GroTYAPN3TwL izQAnA1Y6ojjgLB/LgpHpTFU08LoRI0h =ruoG -END PGP SIGNATURE- ___ Repoze-dev mailing list Repoze-dev@lists.repoze.org http://lists.repoze.org/listinfo/repoze-dev
Re: [Repoze-dev] Looking for advice on how to use repoze.what to protect a specific resource/entity.
Hello, Tim.
On 15/02/10 22:06, Tim Hoffman wrote:
> Hi Gustavo
>
> Yeah I have thought about writing custom Predicates.
>
> The main problem I saw with it was it appears I would have to pass in
> the object to be checked at
> predicate instantiation time, rather than at evaluation time.
>
> evaluate only takes environ and credentials.
> Which means I would have to somehow stuff the entity into the wsgi
> environ or I would be retrieving the object
> a second time inside the evaluate predicate, when I already have it.
> And that would seem expensive (I am running on App Engine).
>
> So using your example from the docs.
>
> It would look something like.
>
>
> from repoze.what.predicates import Predicate
>
> class is_author(Predicate):
>message = 'Only %(author)s can manage post %(post_id)s'
>
>def __init__(self,context,**kwargs):
>super(is_author,self).__init__(kwargs)
>self.context = context
>
>def evaluate(self, environ, credentials):
>
>if self.context.author != credentials.get('repoze.what.userid'):
>self.unmet(post_id=post_id, author=post.author_userid)
>
I use the wsgiorg.routing_args variable
(environ['wsgiorg.routing_args']) to store the objects for the resource
in the URL, like this:
class BasePostPredicate(Predicate):
def _get_blog_post(self, environ):
if "post" not in environ['wsgiorg.routing_args'][1]:
post_id = environ['wsgiorg.routing_args'][1]['post_id']
environ['wsgiorg.routing_args'][1]['post'] =
gimme_the_post(post_id)
return environ['wsgiorg.routing_args'][1]['post']
class IsAuthor(BasePostPredicate):
def evaluate(self, environ, credentials):
post = self._get_blog_post(environ)
if post.author != credentials.get('repoze.what.userid'):
self.unmet('Only %(author)s can manage post %(post_id)s',
author=post.author, post_id=post.id)
class IsEditor(BasePostPredicate):
def evaluate(self, environ, credentials):
post = self._get_blog_post(environ)
if credentials.get('repoze.what.userid') not in post.editors:
self.unmet('Only editors can manage post %(post_id)s',
post_id=post.id)
BasePostPredicate looks ugly because of the environ dict. Starting with
v1.1, we're going to use the pythonic WebOb request objects and thus it
will look like this:
class BasePostPredicate(Predicate):
def _get_blog_post(self, request):
if "post" not in request.urlvars:
request.urlvars['post'] =
gimme_the_post(request.urlvars['post_id'])
return request.urlvars['post']
> And then
>
> # Can the user edit the post? (must be site manager or owner)
>
> from repoze.what.predicates import Any, has_permission
> p = Any(has_permission('site_manager'),is_author(context))
>
Right. But with the predicate above, you wouldn't pass the context:
p = Any(has_permission('site_manager'),IsAuthor())
HTH,
- Gustavo.
>
> On Tue, Feb 16, 2010 at 5:41 AM, Gustavo Narea > wrote:
> > Hello, Tim.
> >
> > The groups/permissions functionality is just something basic and
> > optional, to help people get started, although for some smaller projects
> > it may be good enough. For finer-grained control, you may want to check
> > this:
> >
> http://what.repoze.org/docs/1.0/Manual/Predicates/Writing.html#creating-a-predicate-checker-more-sensitive-to-the-request
> >
> > I've never really wanted to offer a similar functionality
> > out-of-the-box. I've given some thought to this, and never came up with
> > non-intrusive way of addressing this kind of situations. But I'm always
> > open to hear alternatives.
> >
> > I hope this is what you were looking for.
> >
> > - Gustavo.
> >
> >
> > On 15/02/10 15:19, Tim Hoffman wrote:
> >> Hi
> >>
> >> I am trying to work out how I could protect a specific resource/entity
> >> using repoze.what.
> >>
> >> For instance I have a specific "Record", owned by a specific
> "User", and
> >> only a user with the "Owner" permission can "Edit" the record.
> >>
> >> I can't work out how you would assign "Owner" permission to the
> user only when
> >> accessing "Record". i.e the user in question would not be owner of
> >> any other record.
> >>
> >> It seems the group source and permission source act on a global basis
> >> and aren't context aware. And predicates check_authorization() calls
> >> only take a environ
> >> and therefore you can only protect things like URL's not entities.
> >>
> >> Am I trying to do something not possible/intended for repoze.what.
> >>
> >> I suppose I am looking for functionality similiar to zope2
> >> permissions/roles etc...
> >>
> >> T
> >> ___
> >> Repoze-dev mailing list
> >> Repoze-dev@lists.repoze.org
> >> http://lists.repoze.org/listinfo/repoze-dev
> >>
> >
> >
> > --
> > Gustavo Narea .
> >
> >
>
--
Gustavo Narea .
___
Re: [Repoze-dev] Looking for advice on how to use repoze.what to protect a specific resource/entity.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Tim Hoffman wrote:
> Hi Chris.
>
> I have been rereading the ACL's for repoze.bfg and am having trouble
> getting my head bits of it.
>
> I could easily use repoze.bfg for this project, though I really don't
> need all of bfg in this instance,so was
> seeing if I could get by with just bobo and repoze.what (oh and I was
> hoping to leverage of the openid
> and various other authent plugins for repoze.who).
>
> But ignoring authentication for the moment.
>
> Can you give me hint on the approach I would take becuase in my example
> If I wanted an ACL on the persistent model as per my original it would
> be declared something like the following.
>
> (I am ignoring creation for the moment.) The goal is only the owner of
> a particular entity
> or a user with the site_manager role can edit it. And I won't know
> someone is owner until I have the
> object. I assuming you would have a sort of transient group "owner"
> and someone would only be
> in it if they are the owner ?
>
> The I could declare the owner permssion etc,.. as follows
>
> from repoze.bfg.security import Allow
>
> __acl__ = [
> (Allow, Everyone, 'view'),
> (Allow, 'group:owner', 'edit'),
> (Allow, 'group:site_managers', 'edit'),
> ]
Why would the group be called 'owner'? Group memberships are "global",
not local. Most likely you wouldn't use a group for the owner[ bits at
all, but just have the ACL name the user's with what in Zope you would
call the "owner[ local role". E.g.:
from repoze.bfg.security import Allow
__acl__ = [
(Allow, Everyone, 'view'),
(Allow, 'phred', 'edit'),
(Allow, 'group:site_managers', 'edit'),
]
If more than one user can be the owner ("have the owner local role", in
Z2-speak), then just add an ACE for each blessed user.
Tres.
- --
===
Tres Seaver +1 540-429-0999 tsea...@palladion.com
Palladion Software "Excellence by Design"http://palladion.com
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkt5zJAACgkQ+gerLs4ltQ6qHACgkpl4kqBNTq4TNxZVGj+rBDWH
aKAAnAmKuVzkfiZi5s6U10nnNZ6WMLUw
=7BtS
-END PGP SIGNATURE-
___
Repoze-dev mailing list
Repoze-dev@lists.repoze.org
http://lists.repoze.org/listinfo/repoze-dev
Re: [Repoze-dev] Looking for advice on how to use repoze.what to protect a specific resource/entity.
Hi Chris. I have been rereading the ACL's for repoze.bfg and am having trouble getting my head bits of it. I could easily use repoze.bfg for this project, though I really don't need all of bfg in this instance,so was seeing if I could get by with just bobo and repoze.what (oh and I was hoping to leverage of the openid and various other authent plugins for repoze.who). But ignoring authentication for the moment. Can you give me hint on the approach I would take becuase in my example If I wanted an ACL on the persistent model as per my original it would be declared something like the following. (I am ignoring creation for the moment.) The goal is only the owner of a particular entity or a user with the site_manager role can edit it. And I won't know someone is owner until I have the object. I assuming you would have a sort of transient group "owner" and someone would only be in it if they are the owner ? The I could declare the owner permssion etc,.. as follows from repoze.bfg.security import Allow __acl__ = [ (Allow, Everyone, 'view'), (Allow, 'group:owner', 'edit'), (Allow, 'group:site_managers', 'edit'), ] The bit I can't work out is how I would determine of the user is "Owner" of the content. Would that be through a custom AuthorizationPolicy or a Authentication Policy. Or am I thinking about this the wrong way around ? In zope2 a principal would have a number of potential roles dependant on the context. So I am trying to get that style of behaviour. T On Tue, Feb 16, 2010 at 1:27 AM, Chris McDonough wrote: > > I don't know if things have changed, but the last time I talked to Gustavo, > this was an intrinsic limitation in repoze.what v1. It doesn't handle > context-sensitive authorization. > > - C > > > On 2/15/10 10:19 AM, Tim Hoffman wrote: >> >> Hi >> >> I am trying to work out how I could protect a specific resource/entity >> using repoze.what. >> >> For instance I have a specific "Record", owned by a specific "User", and >> only a user with the "Owner" permission can "Edit" the record. >> >> I can't work out how you would assign "Owner" permission to the user only >> when >> accessing "Record". i.e the user in question would not be owner of >> any other record. >> >> It seems the group source and permission source act on a global basis >> and aren't context aware. And predicates check_authorization() calls >> only take a environ >> and therefore you can only protect things like URL's not entities. >> >> Am I trying to do something not possible/intended for repoze.what. >> >> I suppose I am looking for functionality similiar to zope2 >> permissions/roles etc... >> >> T >> ___ >> Repoze-dev mailing list >> Repoze-dev@lists.repoze.org >> http://lists.repoze.org/listinfo/repoze-dev >> > > > -- > Chris McDonough > Agendaless Consulting, Fredericksburg VA > The repoze.bfg Web Application Framework Book: http://bfg.repoze.org/book ___ Repoze-dev mailing list Repoze-dev@lists.repoze.org http://lists.repoze.org/listinfo/repoze-dev
Re: [Repoze-dev] Looking for advice on how to use repoze.what to protect a specific resource/entity.
Hi Gustavo
Yeah I have thought about writing custom Predicates.
The main problem I saw with it was it appears I would have to pass in the
object to be checked at
predicate instantiation time, rather than at evaluation time.
evaluate only takes environ and credentials.
Which means I would have to somehow stuff the entity into the wsgi environ
or I would be retrieving the object
a second time inside the evaluate predicate, when I already have it. And
that would seem expensive (I am running on App Engine).
So using your example from the docs.
It would look something like.
from repoze.what.predicates import Predicate
class is_author(Predicate):
message = 'Only %(author)s can manage post %(post_id)s'
def __init__(self,context,**kwargs):
super(is_author,self).__init__(kwargs)
self.context = context
def evaluate(self, environ, credentials):
if self.context.author != credentials.get('repoze.what.userid'):
self.unmet(post_id=post_id, author=post.author_userid)
And then
# Can the user edit the post? (must be site manager or owner)
from repoze.what.predicates import Any, has_permission
p = Any(has_permission('site_manager'),is_author(context))
T
On Tue, Feb 16, 2010 at 5:41 AM, Gustavo Narea wrote:
> Hello, Tim.
>
> The groups/permissions functionality is just something basic and
> optional, to help people get started, although for some smaller projects
> it may be good enough. For finer-grained control, you may want to check
> this:
>
http://what.repoze.org/docs/1.0/Manual/Predicates/Writing.html#creating-a-predicate-checker-more-sensitive-to-the-request
>
> I've never really wanted to offer a similar functionality
> out-of-the-box. I've given some thought to this, and never came up with
> non-intrusive way of addressing this kind of situations. But I'm always
> open to hear alternatives.
>
> I hope this is what you were looking for.
>
> - Gustavo.
>
>
> On 15/02/10 15:19, Tim Hoffman wrote:
>> Hi
>>
>> I am trying to work out how I could protect a specific resource/entity
>> using repoze.what.
>>
>> For instance I have a specific "Record", owned by a specific "User", and
>> only a user with the "Owner" permission can "Edit" the record.
>>
>> I can't work out how you would assign "Owner" permission to the user only
when
>> accessing "Record". i.e the user in question would not be owner of
>> any other record.
>>
>> It seems the group source and permission source act on a global basis
>> and aren't context aware. And predicates check_authorization() calls
>> only take a environ
>> and therefore you can only protect things like URL's not entities.
>>
>> Am I trying to do something not possible/intended for repoze.what.
>>
>> I suppose I am looking for functionality similiar to zope2
>> permissions/roles etc...
>>
>> T
>> ___
>> Repoze-dev mailing list
>> Repoze-dev@lists.repoze.org
>> http://lists.repoze.org/listinfo/repoze-dev
>>
>
>
> --
> Gustavo Narea .
>
>
___
Repoze-dev mailing list
Repoze-dev@lists.repoze.org
http://lists.repoze.org/listinfo/repoze-dev
Re: [Repoze-dev] Looking for advice on how to use repoze.what to protect a specific resource/entity.
Hello, Tim. The groups/permissions functionality is just something basic and optional, to help people get started, although for some smaller projects it may be good enough. For finer-grained control, you may want to check this: http://what.repoze.org/docs/1.0/Manual/Predicates/Writing.html#creating-a-predicate-checker-more-sensitive-to-the-request I've never really wanted to offer a similar functionality out-of-the-box. I've given some thought to this, and never came up with non-intrusive way of addressing this kind of situations. But I'm always open to hear alternatives. I hope this is what you were looking for. - Gustavo. On 15/02/10 15:19, Tim Hoffman wrote: > Hi > > I am trying to work out how I could protect a specific resource/entity > using repoze.what. > > For instance I have a specific "Record", owned by a specific "User", and > only a user with the "Owner" permission can "Edit" the record. > > I can't work out how you would assign "Owner" permission to the user only when > accessing "Record". i.e the user in question would not be owner of > any other record. > > It seems the group source and permission source act on a global basis > and aren't context aware. And predicates check_authorization() calls > only take a environ > and therefore you can only protect things like URL's not entities. > > Am I trying to do something not possible/intended for repoze.what. > > I suppose I am looking for functionality similiar to zope2 > permissions/roles etc... > > T > ___ > Repoze-dev mailing list > Repoze-dev@lists.repoze.org > http://lists.repoze.org/listinfo/repoze-dev > -- Gustavo Narea . ___ Repoze-dev mailing list Repoze-dev@lists.repoze.org http://lists.repoze.org/listinfo/repoze-dev
Re: [Repoze-dev] Looking for advice on how to use repoze.what to protect a specific resource/entity.
I don't know if things have changed, but the last time I talked to Gustavo, this was an intrinsic limitation in repoze.what v1. It doesn't handle context-sensitive authorization. - C On 2/15/10 10:19 AM, Tim Hoffman wrote: > Hi > > I am trying to work out how I could protect a specific resource/entity > using repoze.what. > > For instance I have a specific "Record", owned by a specific "User", and > only a user with the "Owner" permission can "Edit" the record. > > I can't work out how you would assign "Owner" permission to the user only when > accessing "Record". i.e the user in question would not be owner of > any other record. > > It seems the group source and permission source act on a global basis > and aren't context aware. And predicates check_authorization() calls > only take a environ > and therefore you can only protect things like URL's not entities. > > Am I trying to do something not possible/intended for repoze.what. > > I suppose I am looking for functionality similiar to zope2 > permissions/roles etc... > > T > ___ > Repoze-dev mailing list > Repoze-dev@lists.repoze.org > http://lists.repoze.org/listinfo/repoze-dev > -- Chris McDonough Agendaless Consulting, Fredericksburg VA The repoze.bfg Web Application Framework Book: http://bfg.repoze.org/book ___ Repoze-dev mailing list Repoze-dev@lists.repoze.org http://lists.repoze.org/listinfo/repoze-dev
