Skip to content

Latest commit

 

History

History
204 lines (143 loc) · 4.98 KB

decorator.rst

File metadata and controls

204 lines (143 loc) · 4.98 KB

zope.security.decorator

zope.security.decorator

API Examples

zope.security.decorator

from zope.component.testing import setUp setUp()

To illustrate, we'll create a class that will be proxied:

>>> class Foo(object): ... a = 'a'

and a class to proxy it that uses a decorated security checker:

>>> from zope.security.decorator import DecoratedSecurityCheckerDescriptor >>> from zope.proxy import ProxyBase >>> class Wrapper(ProxyBase): ... b = 'b' ... __Security_checker__ = DecoratedSecurityCheckerDescriptor()

Next we'll create and register a checker for Foo:

>>> from zope.security.checker import NamesChecker, defineChecker >>> fooChecker = NamesChecker(['a']) >>> defineChecker(Foo, fooChecker)

along with a checker for Wrapper:

>>> wrapperChecker = NamesChecker(['b']) >>> defineChecker(Wrapper, wrapperChecker)

Using zope.security.checker.selectChecker, we can confirm that

a Foo object uses fooChecker:

>>> from zope.security.checker import selectChecker >>> from zope.security.interfaces import ForbiddenAttribute >>> foo = Foo() >>> selectChecker(foo) is fooChecker True >>> fooChecker.check(foo, 'a') >>> try: ... fooChecker.check(foo, 'b') # doctest: +ELLIPSIS ... except ForbiddenAttribute as e: ... e ForbiddenAttribute('b', <...Foo object ...>)

and that a Wrapper object uses wrappeChecker:

>>> wrapper = Wrapper(foo) >>> selectChecker(wrapper) is wrapperChecker True >>> wrapperChecker.check(wrapper, 'b') >>> try: ... wrapperChecker.check(wrapper, 'a') # doctest: +ELLIPSIS ... except ForbiddenAttribute as e: ... e ForbiddenAttribute('a', <...Foo object ...>)

(Note that the object description says Foo because the object is a proxy and generally looks and acts like the object it's proxying.)

When we access wrapper's __Security_checker__ attribute, we invoke the decorated security checker descriptor. The decorator's job is to make sure checkers from both objects are used when available. In this case, because both objects have checkers, we get a combined checker:

>>> from zope.security.checker import CombinedChecker >>> checker = wrapper.__Security_checker__ >>> type(checker) <class 'zope.security.checker.CombinedChecker'> >>> checker.check(wrapper, 'a') >>> checker.check(wrapper, 'b')

The decorator checker will work even with security proxied objects. To illustrate, we'll proxify foo:

>>> from zope.security.proxy import ProxyFactory >>> secure_foo = ProxyFactory(foo) >>> secure_foo.a 'a' >>> try: ... secure_foo.b # doctest: +ELLIPSIS ... except ForbiddenAttribute as e: ... e ForbiddenAttribute('b', <...Foo object ...>)

when we wrap the secured foo:

>>> wrapper = Wrapper(secure_foo)

we still get a combined checker:

>>> checker = wrapper.__Security_checker__ >>> type(checker) <class 'zope.security.checker.CombinedChecker'> >>> checker.check(wrapper, 'a') >>> checker.check(wrapper, 'b')

The decorator checker has three other scenarios:

  • the wrapper has a checker but the proxied object doesn't
  • the proxied object has a checker but the wrapper doesn't
  • neither the wrapper nor the proxied object have checkers

When the wrapper has a checker but the proxied object doesn't:

>>> from zope.security.checker import NoProxy, _checkers >>> del _checkers[Foo] >>> defineChecker(Foo, NoProxy) >>> selectChecker(foo) is None True >>> selectChecker(wrapper) is wrapperChecker True

the decorator uses only the wrapper checker:

>>> wrapper = Wrapper(foo) >>> wrapper.__Security_checker__ is wrapperChecker True

When the proxied object has a checker but the wrapper doesn't:

>>> del _checkers[Wrapper] >>> defineChecker(Wrapper, NoProxy) >>> selectChecker(wrapper) is None True >>> del _checkers[Foo] >>> defineChecker(Foo, fooChecker) >>> selectChecker(foo) is fooChecker True

the decorator uses only the proxied object checker:

>>> wrapper.__Security_checker__ is fooChecker True

Finally, if neither the wrapper not the proxied have checkers:

>>> del _checkers[Foo] >>> defineChecker(Foo, NoProxy) >>> selectChecker(foo) is None True >>> selectChecker(wrapper) is None True

the decorator doesn't have a checker:

>>> wrapper.__Security_checker__ Traceback (most recent call last): ... AttributeError: 'Foo' has no attribute '__Security_checker__'

__Security_checker__ cannot be None, otherwise Checker.proxy blows up:

>>> checker.proxy(wrapper) is wrapper True

from zope.component.testing import tearDown tearDown()