Re: [Zope] changing permissions on classes/methods at runtime?

2012-03-07 Thread Sean Upton
On Wed, Mar 7, 2012 at 3:47 AM, Jürgen Herrmann
 wrote:
> now i had a use case where i need to mark some templates and methods
> as public because they use an internal authentication.

One of the challenges I see is that InitializeClass() removes the
original 'security' attribute of the class, so you end up having to
copy the security info to a module global before calling
InitializeClass() the first time.  Then, if you have that copy of the
class security information, you should be able to re-use it, modify
it, re-apply it to the class, then call InitializeClass (again).

Sean
___
Zope maillist  -  Zope@zope.org
https://mail.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists -
 https://mail.zope.org/mailman/listinfo/zope-announce
 https://mail.zope.org/mailman/listinfo/zope-dev )


Re: [Zope] changing permissions on classes/methods at runtime?

2012-03-07 Thread Jürgen Herrmann

Am 06.03.2012 09:02, schrieb Lennart Regebro:

On Mon, Mar 5, 2012 at 19:22, Sean Upton  wrote:

On Wed, Feb 29, 2012 at 7:12 AM, Jürgen Herrmann
 wrote:

hi all!

is it possible to change permissions and roles on classes/methods
at runtime? normally you'd attach security declarations inline in
your class definition code:


I don't off-hand know why just monkey-patching the security 
attribute
of your class and then calling InitializeClass() again would not 
work,

but the idea of changing these at runtime after initial zope startup
sounds a bit odd, possibly dangerous.  What is it that you are 
trying

to do?


When I needed this to be dynamic I simply did not have any security
declaration and instead tested the permissions the first thing I did
in the method. That worked fine. It is however probably ten years 
ago,

and I don't remember or have the code. But it was quite simple, I
think.

//Lennart


Since a long time i have a mechanism in place that scans class-specific
directories for page templates, dtml files, images, sql-methods etc.
and attaches these to the classes. up to now i did mark everything as
protected, with a fixed permission, worked fine for my purposes.

now i had a use case where i need to mark some templates and methods
as public because they use an internal authentication.

best regards, jürgen
--

XLhost.de ® - Webhosting von supersmall bis eXtra Large <<


XLhost.de GmbH
Jürgen Herrmann, Geschäftsführer
Boelckestrasse 21, 93051 Regensburg, Germany

Geschäftsführer: Jürgen Herrmann
Registriert unter: HRB9918
Umsatzsteuer-Identifikationsnummer: DE245931218

Fon:  +49 (0)800 XLHOSTDE [0800 95467833]
Fax:  +49 (0)800 95467830
Web:  http://www.XLhost.de
___
Zope maillist  -  Zope@zope.org
https://mail.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists -
https://mail.zope.org/mailman/listinfo/zope-announce
https://mail.zope.org/mailman/listinfo/zope-dev )


Re: [Zope] changing permissions on classes/methods at runtime?

2012-03-06 Thread Lennart Regebro
On Mon, Mar 5, 2012 at 19:22, Sean Upton  wrote:
> On Wed, Feb 29, 2012 at 7:12 AM, Jürgen Herrmann
>  wrote:
>> hi all!
>>
>> is it possible to change permissions and roles on classes/methods
>> at runtime? normally you'd attach security declarations inline in
>> your class definition code:
>
> I don't off-hand know why just monkey-patching the security attribute
> of your class and then calling InitializeClass() again would not work,
> but the idea of changing these at runtime after initial zope startup
> sounds a bit odd, possibly dangerous.  What is it that you are trying
> to do?

When I needed this to be dynamic I simply did not have any security
declaration and instead tested the permissions the first thing I did
in the method. That worked fine. It is however probably ten years ago,
and I don't remember or have the code. But it was quite simple, I
think.

//Lennart
___
Zope maillist  -  Zope@zope.org
https://mail.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists -
 https://mail.zope.org/mailman/listinfo/zope-announce
 https://mail.zope.org/mailman/listinfo/zope-dev )


Re: [Zope] changing permissions on classes/methods at runtime?

2012-03-05 Thread Sean Upton
On Wed, Feb 29, 2012 at 7:12 AM, Jürgen Herrmann
 wrote:
> hi all!
>
> is it possible to change permissions and roles on classes/methods
> at runtime? normally you'd attach security declarations inline in
> your class definition code:

I don't off-hand know why just monkey-patching the security attribute
of your class and then calling InitializeClass() again would not work,
but the idea of changing these at runtime after initial zope startup
sounds a bit odd, possibly dangerous.  What is it that you are trying
to do?

Sean
___
Zope maillist  -  Zope@zope.org
https://mail.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists -
 https://mail.zope.org/mailman/listinfo/zope-announce
 https://mail.zope.org/mailman/listinfo/zope-dev )


Re: [Zope] changing permissions on classes/methods at runtime?

2012-03-02 Thread Thierry Florac

Hi,


Le Wed, 29 Feb 2012 15:12:37 +0100,
  Jürgen Herrmann  a écrit:

> is it possible to change permissions and roles on classes/methods
> at runtime? normally you'd attach security declarations inline in
> your class definition code:
> 
> from AccessControl import ClassSecurityInfo
> from AccessControl.class_init import InitializeClass
> class Cls():
>security = ClassSecurityInfo()
>security.declarePrivate('foo')
>def foo(self):
>  pass
> InitializeClass(Cls)
> 
> 
> now what i tried at runtime is:
> 
> from mycode import Cls
> from AccessControl import ClassSecurityInfo
> security = ClassSecurityInfo()
> security.declarePublic('foo')
> security.apply(Cls)
> 
> but this does not what i want it to, in fact it doesn't seem
> to do anything yet - probably because i'm using the wrong way :)
> 
> any hints how to do this correctly would be greatly appreciated.
> 
> thank you very much in advance and best regards,

The way I handle this kind of problem is:
 - declare me method as protected, with a specific permission
 - grant this permission to roles or users (which can be "anybody")
   according to your context.

Best regards,
Thierry
-- 
  Chef de projets internet/intranet
  Office National des Forêts
  Direction des Systèmes d'Information
  2, Avenue de Saint Mandé
  75570 PARIS Cedex 12

  Tél. : 01 40 19 59 64
  Fax. : 01 40 19 59 85
  Mél. : thierry.flo...@onf.fr
  WWW  : http://www.onf.fr
___
Zope maillist  -  Zope@zope.org
https://mail.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists -
 https://mail.zope.org/mailman/listinfo/zope-announce
 https://mail.zope.org/mailman/listinfo/zope-dev )


[Zope] changing permissions on classes/methods at runtime?

2012-02-29 Thread Jürgen Herrmann

hi all!

is it possible to change permissions and roles on classes/methods
at runtime? normally you'd attach security declarations inline in
your class definition code:

from AccessControl import ClassSecurityInfo
from AccessControl.class_init import InitializeClass
class Cls():
  security = ClassSecurityInfo()
  security.declarePrivate('foo')
  def foo(self):
pass
InitializeClass(Cls)


now what i tried at runtime is:

from mycode import Cls
from AccessControl import ClassSecurityInfo
security = ClassSecurityInfo()
security.declarePublic('foo')
security.apply(Cls)

but this does not what i want it to, in fact it doesn't seem
to do anything yet - probably because i'm using the wrong way :)

any hints how to do this correctly would be greatly appreciated.

thank you very much in advance and best regards,
Jürgen Herrmann
--

XLhost.de ® - Webhosting von supersmall bis eXtra Large <<


XLhost.de GmbH
Jürgen Herrmann, Geschäftsführer
Boelckestrasse 21, 93051 Regensburg, Germany

Geschäftsführer: Jürgen Herrmann
Registriert unter: HRB9918
Umsatzsteuer-Identifikationsnummer: DE245931218

Fon:  +49 (0)800 XLHOSTDE [0800 95467833]
Fax:  +49 (0)800 95467830
Web:  http://www.XLhost.de
___
Zope maillist  -  Zope@zope.org
https://mail.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists -
https://mail.zope.org/mailman/listinfo/zope-announce
https://mail.zope.org/mailman/listinfo/zope-dev )