/
metaconfigure.py
120 lines (105 loc) · 4.32 KB
/
metaconfigure.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
##############################################################################
#
# Copyright (c) 2001, 2002 Zope Foundation and Contributors.
# All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
"""XMLRPC configuration code
$Id$
"""
from zope.interface import Interface
from zope.configuration.exceptions import ConfigurationError
from zope.security.checker import CheckerPublic, Checker
from zope.security.checker import defineChecker, getCheckerForInstancesOf
from zope.publisher.interfaces.xmlrpc import IXMLRPCRequest
from zope.component.interface import provideInterface
from zope.component.zcml import handler
from zope.app.publisher.xmlrpc import MethodPublisher
def view(_context, for_=None, interface=None, methods=None,
class_=None, permission=None, name=None):
interface = interface or []
methods = methods or []
# If there were special permission settings provided, then use them
if permission == 'zope.Public':
permission = CheckerPublic
require = {}
for attr_name in methods:
require[attr_name] = permission
if interface:
for iface in interface:
for field_name in iface:
require[field_name] = permission
_context.action(
discriminator = None,
callable = provideInterface,
args = ('', for_)
)
# Make sure that the class inherits MethodPublisher, so that the views
# have a location
if class_ is None:
class_ = original_class = MethodPublisher
else:
original_class = class_
class_ = type(class_.__name__, (class_, MethodPublisher), {})
if name:
# Register a single view
if permission:
checker = Checker(require)
def proxyView(context, request, class_=class_, checker=checker):
view = class_(context, request)
# We need this in case the resource gets unwrapped and
# needs to be rewrapped
view.__Security_checker__ = checker
return view
class_ = proxyView
class_.factory = original_class
else:
# No permission was defined, so we defer to the checker
# of the original class
def proxyView(context, request, class_=class_):
view = class_(context, request)
view.__Security_checker__ = getCheckerForInstancesOf(original_class)
return view
class_ = proxyView
class_.factory = original_class
# Register the new view.
_context.action(
discriminator = ('view', for_, name, IXMLRPCRequest),
callable = handler,
args = ('registerAdapter',
class_, (for_, IXMLRPCRequest), Interface, name,
_context.info)
)
else:
if permission:
checker = Checker({'__call__': permission})
else:
raise ConfigurationError(
"XML/RPC view has neither a name nor a permission. "
"You have to specify at least one of the two.")
for name in require:
# create a new callable class with a security checker;
cdict = {'__Security_checker__': checker,
'__call__': getattr(class_, name)}
new_class = type(class_.__name__, (class_,), cdict)
_context.action(
discriminator = ('view', for_, name, IXMLRPCRequest),
callable = handler,
args = ('registerAdapter',
new_class, (for_, IXMLRPCRequest), Interface, name,
_context.info)
)
# Register the used interfaces with the site manager
if for_ is not None:
_context.action(
discriminator = None,
callable = provideInterface,
args = ('', for_)
)