Add security.

author: Chris McDonough <chrism@agendaless.com> 2008-07-16 10:32:08 +0000
committer: Chris McDonough <chrism@agendaless.com> 2008-07-16 10:32:08 +0000
commit: 2466f6eaa2246598dc6cb3c962364773eb4cc64a (patch)
tree: 80954892ad8e12cffb534f3ae92cd321d4d870f5 /repoze/bfg/sampleapp
parent: 23aa82c4963dc75737d7dc8a84d7639775c3b282 (diff)
download: pyramid-2466f6eaa2246598dc6cb3c962364773eb4cc64a.tar.gz
pyramid-2466f6eaa2246598dc6cb3c962364773eb4cc64a.tar.bz2
pyramid-2466f6eaa2246598dc6cb3c962364773eb4cc64a.zip
4 files changed, 29 insertions, 22 deletions
diff --git a/repoze/bfg/sampleapp/configure.zcml b/repoze/bfg/sampleapp/configure.zcml
index 374a93090..bd1b46d6a 100644
--- a/repoze/bfg/sampleapp/configure.zcml
+++ b/repoze/bfg/sampleapp/configure.zcml
@@ -4,18 +4,23 @@
 
   <include package="repoze.bfg" />
 
+  <utility
+    provides="repoze.bfg.interfaces.ISecurityPolicy"
+    factory="repoze.bfg.security.RemoteUserACLSecurityPolicy"
+    />
+
   <!-- the default view for a Blog -->
   <bfg:view
       for=".models.IBlog"
       factory=".views.blog_default_view"
-      permission="repoze.view"
+      permission="view"
       />
 
   <!-- the default view for a BlogEntry -->
   <bfg:view
       for=".models.IBlogEntry"
       factory=".views.blog_entry_default_view"
-      permission="repoze.view"
+      permission="view"
       />
 
   <!-- the add view for a BlogEntry -->
@@ -23,7 +28,7 @@
       for=".models.IBlog"
       factory=".views.blog_entry_add_view"
       name="add_entry.html"
-      permission="repoze.view"
+      permission="add"
       />
 
   <!-- the contents view for any mapping (shows dict members) -->
@@ -31,7 +36,7 @@
       for=".models.IMapping"
       factory=".views.contents_view"
       name="contents.html"
-      permission="repoze.view"
+      permission="manage"
       />
 
 </configure>
diff --git a/repoze/bfg/sampleapp/models.py b/repoze/bfg/sampleapp/models.py
index 975d79142..d07110e83 100644
--- a/repoze/bfg/sampleapp/models.py
+++ b/repoze/bfg/sampleapp/models.py
@@ -1,5 +1,10 @@
 from zope.interface import Interface
 from zope.interface import implements
+from zope.location.interfaces import ILocation
+from zope.location.location import Location
+
+from repoze.bfg.security import Everyone
+from repoze.bfg.security import Allow
 
 import datetime
 
@@ -9,20 +14,26 @@ class IMapping(Interface):
 class IBlog(Interface):
     pass
 
-class Blog(dict):
-    implements(IBlog, IMapping)
-    def __init__(self, name):
-        self.__name__ = name
-        dict.__init__(self)
+class Blog(dict, Location):
+    __acl__ = [ (Allow, Everyone, 'view'), (Allow, 'group:editors', 'add'),
+                (Allow, 'group:managers', 'manage') ]
+    implements(IBlog, IMapping, ILocation)
 
 class IBlogEntry(Interface):
     pass
 
 class BlogEntry(object):
     implements(IBlogEntry)
-    def __init__(self, name, title, body, author):
-        self.__name__ = name
+    def __init__(self, title, body, author):
         self.title = title
         self.body =  body
         self.author = author
         self.created = datetime.datetime.now()
+
+blog = Blog()
+blog['sample'] = BlogEntry('Sample Blog Entry',
+                           '<p>This is a sample blog entry</p>',
+                           'chrism')
+def get_root(environ):
+    return blog
+
diff --git a/repoze/bfg/sampleapp/run.py b/repoze/bfg/sampleapp/run.py
index c6fbeed78..6c36c430e 100644
--- a/repoze/bfg/sampleapp/run.py
+++ b/repoze/bfg/sampleapp/run.py
@@ -1,17 +1,8 @@
 from repoze.bfg import make_app
 from repoze.bfg import sampleapp
-
-from repoze.bfg.sampleapp.models import Blog
-from repoze.bfg.sampleapp.models import BlogEntry
+from repoze.bfg.sampleapp.models import get_root
 
 def main():
-    blog = Blog('Sample blog')
-    blog['sample'] = BlogEntry('sample', 'Sample Blog Entry',
-                               '<p>This is a sample blog entry</p>',
-                               'chrism')
-    def get_root(environ):
-        return blog
-
     app = make_app(get_root, sampleapp)
     from paste import httpserver
     httpserver.serve(app, host='0.0.0.0', port='5432')
diff --git a/repoze/bfg/sampleapp/views.py b/repoze/bfg/sampleapp/views.py
index 41ab69061..ce591dec2 100644
--- a/repoze/bfg/sampleapp/views.py
+++ b/repoze/bfg/sampleapp/views.py
@@ -63,8 +63,8 @@ def blog_entry_add_view(context, request):
             author = form['author']
             body = form['body']
             title = form['title']
+            new_entry = BlogEntry(title, body, author)
             name = str(time.time())
-            new_entry = BlogEntry(name, title, body, author)
             context[name] = new_entry
             return HTTPFound(location='/')
author	Chris McDonough <chrism@agendaless.com>	2008-07-16 10:32:08 +0000
committer	Chris McDonough <chrism@agendaless.com>	2008-07-16 10:32:08 +0000
commit	2466f6eaa2246598dc6cb3c962364773eb4cc64a (patch)
tree	80954892ad8e12cffb534f3ae92cd321d4d870f5 /repoze/bfg/sampleapp
parent	23aa82c4963dc75737d7dc8a84d7639775c3b282 (diff)
download	pyramid-2466f6eaa2246598dc6cb3c962364773eb4cc64a.tar.gz pyramid-2466f6eaa2246598dc6cb3c962364773eb4cc64a.tar.bz2 pyramid-2466f6eaa2246598dc6cb3c962364773eb4cc64a.zip