fix default permissions

CHANGELOG.rst

@@ -1,7 +1,11 @@
 1.1.0a113 (unreleased)
 ----------------------
 
-- Nothing changed yet.
+- Add new `guillotina.Public` permission and assign it to anoymous role
+  [vangheem]
+
+- Provide default permission as guillotina.AccessContent for services
+  [vangheem]
 
 
 1.1.0a112 (2017-06-28)

guillotina/__init__.py

@@ -36,9 +36,10 @@
         "guillotina.auth.validators.SaltedHashPasswordValidator",
         "guillotina.auth.validators.JWTValidator"
     ],
-    "default_permission": 'zope.Public',
+    "default_permission": 'guillotina.AccessContent',
     "available_addons": {},
     "api_definition": {},
+    "cors_"
     "cors": {
         "allow_origin": ["http://localhost:8080"],
         "allow_methods": ["GET", "POST", "DELETE", "HEAD", "PATCH", "OPTIONS"],

guillotina/configure/__init__.py

@@ -79,7 +79,7 @@ def load_service(_context, service):
     factory = resolve_dotted_name(service['klass'])
 
     permission = service_conf.get(
-        'permission', service_conf.get('default_permission', None))
+        'permission', app_settings.get('default_permission', None))
 
     protect_view(factory, permission)
 
@@ -88,7 +88,7 @@ def load_service(_context, service):
         app_settings.get('default_layer', IDefaultLayer))
     layer = service_conf.get('layer', default_layer)
     name = service_conf.get('name', '')
-    content = service_conf['context']
+    content = service_conf.get('context', Interface)
     logger.debug('Defining adapter for '  # noqa
                  '{0:s} {1:s} {2:s} to {3:s} name {4:s}'.format(
         content.__identifier__,
@@ -117,7 +117,7 @@ def load_service(_context, service):
         ct_api['endpoints'][name][method] = OrderedDict(service_conf)
     else:
         ct_api[method] = OrderedDict(service_conf)
-register_configuration_handler('service', load_service)
+register_configuration_handler('service', load_service)  # noqa
 
 
 def load_contenttype(_context, contenttype):
@@ -144,7 +144,7 @@ def load_contenttype(_context, contenttype):
         component=factory,
         name=conf['type_name'],
     )
-register_configuration_handler('contenttype', load_contenttype)
+register_configuration_handler('contenttype', load_contenttype)  # noqa
 
 
 def load_behavior(_context, behavior):
@@ -234,7 +234,7 @@ def load_behavior(_context, behavior):
         provides=schema,
         for_=(for_,)
     )
-register_configuration_handler('behavior', load_behavior)
+register_configuration_handler('behavior', load_behavior)  # noqa
 
 
 def load_addon(_context, addon):
@@ -244,7 +244,7 @@ def load_addon(_context, addon):
         'title': config['title'],
         'handler': addon['klass']
     }
-register_configuration_handler('addon', load_addon)
+register_configuration_handler('addon', load_addon)  # noqa
 
 
 def _component_conf(conf):
@@ -267,7 +267,7 @@ def load_adapter(_context, adapter):
         factory=(factory,),
         **conf
     )
-register_configuration_handler('adapter', load_adapter)
+register_configuration_handler('adapter', load_adapter)  # noqa
 
 
 def load_subscriber(_context, subscriber):
@@ -278,7 +278,7 @@ def load_subscriber(_context, subscriber):
         _context,
         **conf
     )
-register_configuration_handler('subscriber', load_subscriber)
+register_configuration_handler('subscriber', load_subscriber)  # noqa
 
 
 def load_utility(_context, _utility):
@@ -300,36 +300,36 @@ def load_utility(_context, _utility):
         _context,
         **conf
     )
-register_configuration_handler('utility', load_utility)
+register_configuration_handler('utility', load_utility)  # noqa
 
 
 def load_permission(_context, permission_conf):
     permission = Permission(**permission_conf['config'])
     component.utility(_context, IPermission, permission,
                       name=permission_conf['config']['id'])
-register_configuration_handler('permission', load_permission)
+register_configuration_handler('permission', load_permission)  # noqa
 
 
 def load_role(_context, role):
     defineRole_directive(_context, **role['config'])
-register_configuration_handler('role', load_role)
+register_configuration_handler('role', load_role)  # noqa
 
 
 def load_grant(_context, grant):
     grant_directive(_context, **grant['config'])
-register_configuration_handler('grant', load_grant)
+register_configuration_handler('grant', load_grant)  # noqa
 
 
 def load_grant_all(_context, grant_all):
     grantAll_directive(_context, **grant_all['config'])
-register_configuration_handler('grant_all', load_grant_all)
+register_configuration_handler('grant_all', load_grant_all)  # noqa
 
 
 def load_json_schema_definition(_context, json_schema):
     from guillotina import app_settings
     config = json_schema['config']
     app_settings['json_schema_definitions'][config['name']] = config['schema']
-register_configuration_handler('json_schema_definition', load_json_schema_definition)
+register_configuration_handler('json_schema_definition', load_json_schema_definition)  # noqa
 
 
 class _base_decorator(object):

guillotina/permissions.py

@@ -33,6 +33,7 @@
 configure.permission('guillotina.ManageCatalog', 'Manage catalog')
 
 configure.permission('guillotina.GetAPIDefinition', 'Get the API definition')
+configure.permission('guillotina.Public', 'Public access to content')
 
 
 configure.role("guillotina.Anonymous", "Everybody",
@@ -59,6 +60,17 @@
 configure.grant(
     permission="guillotina.AccessPreflight",
     role="guillotina.Anonymous")
+configure.grant(
+    permission="guillotina.Public",
+    role="guillotina.Anonymous")
+
+# Authenticated
+configure.grant(
+    permission="guillotina.AccessPreflight",
+    role="guillotina.Authenticated")
+configure.grant(
+    permission="guillotina.Public",
+    role="guillotina.Authenticated")
 
 # Reader
 configure.grant(

guillotina/traversal.py

@@ -43,7 +43,6 @@
 from guillotina.transactions import abort
 from guillotina.transactions import commit
 from guillotina.utils import apply_cors
-from guillotina.utils import get_authenticated_user_id
 from guillotina.utils import import_class
 from zope.interface import alsoProvides