diff options
| author | Chris McDonough <chrism@agendaless.com> | 2008-09-28 02:17:36 +0000 |
|---|---|---|
| committer | Chris McDonough <chrism@agendaless.com> | 2008-09-28 02:17:36 +0000 |
| commit | cbdc36976c18a0812f921ee3b7b92ed2dd823ed0 (patch) | |
| tree | c428c9b0e4357ecf3b5903359594dc6f2bf27a8b /repoze/bfg/security.py | |
| parent | cd6899ed4d0eba4b114d04058470528c9a167d6e (diff) | |
| download | pyramid-cbdc36976c18a0812f921ee3b7b92ed2dd823ed0.tar.gz pyramid-cbdc36976c18a0812f921ee3b7b92ed2dd823ed0.tar.bz2 pyramid-cbdc36976c18a0812f921ee3b7b92ed2dd823ed0.zip | |
Features
- A ``repoze.bfg.location`` API module was added.
Backwards incompatibilities
- Applications must now use the ``repoze.bfg.interfaces.ILocation``
interface rather than ``zope.location.interfaces.ILocation`` to
represent that a model object is "location-aware". We've removed
a dependency on ``zope.location`` for cleanliness purposes: as
new versions of zope libraries are released which have improved
dependency information, getting rid of our dependence on
``zope.location`` will prevent a newly installed repoze.bfg
application from requiring the ``zope.security``, egg, which not
truly used at all in a "stock" repoze.bfg setup. These
dependencies are still required by the stack at this time; this
is purely a futureproofing move.
The security and model documentation for previous versions of
``repoze.bfg`` recommended using the
``zope.location.interfaces.ILocation`` interface to represent
that a model object is "location-aware". This documentation has
been changed to reflect that this interface should now be
imported from ``repoze.bfg.interfaces.ILocation`` instead.
Diffstat (limited to 'repoze/bfg/security.py')
| -rw-r--r-- | repoze/bfg/security.py | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/repoze/bfg/security.py b/repoze/bfg/security.py index 6c1f262f1..49f47bc89 100644 --- a/repoze/bfg/security.py +++ b/repoze/bfg/security.py @@ -5,7 +5,7 @@ import sys from zope.interface import implements from zope.component import queryUtility -from zope.location.location import LocationIterator +from repoze.bfg.location import lineage from repoze.bfg.interfaces import ISecurityPolicy from repoze.bfg.interfaces import IViewPermission @@ -109,7 +109,7 @@ class ACLSecurityPolicy(object): """ Return ``Allowed`` if the policy permits access, ``Denied`` if not.""" principals = self.effective_principals(request) - for location in LocationIterator(context): + for location in lineage(context): authorizer = self.authorizer_factory(location, self.logger) try: return authorizer.permits(permission, *principals) @@ -134,7 +134,7 @@ class ACLSecurityPolicy(object): return effective_principals def principals_allowed_by_permission(self, context, permission): - for location in LocationIterator(context): + for location in lineage(context): acl = getattr(location, '__acl__', None) if acl is not None: allowed = {} |