From e2b0eb6d1a355614834bb833182cc9a01bca061e Mon Sep 17 00:00:00 2001 From: Chris McDonough Date: Wed, 20 Aug 2008 13:22:56 +0000 Subject: Make seurity policies pickleable again. --- repoze/bfg/security.py | 29 +++++++++++++++-------------- 1 file changed, 15 insertions(+), 14 deletions(-) diff --git a/repoze/bfg/security.py b/repoze/bfg/security.py index d15d89e96..6535f2608 100644 --- a/repoze/bfg/security.py +++ b/repoze/bfg/security.py @@ -136,6 +136,12 @@ def debug_logger(logger): return logger return logger +def get_remoteuser(request): + user_id = request.environ.get('REMOTE_USER') + if user_id: + return [user_id] + return [] + def RemoteUserACLSecurityPolicy(logger=None): """ A security policy which: @@ -155,12 +161,15 @@ def RemoteUserACLSecurityPolicy(logger=None): """ logger = debug_logger(logger) - def get_principals(request): - user_id = request.environ.get('REMOTE_USER') - if user_id: - return [user_id] + return ACLSecurityPolicy(logger, get_remoteuser) + +def get_who_principals(request): + identity = request.environ.get('repoze.who.identity') + if not identity: return [] - return ACLSecurityPolicy(logger, get_principals) + principals = [identity['repoze.who.userid']] + principals.extend(identity.get('groups', [])) + return principals def RepozeWhoIdentityACLSecurityPolicy(logger=None): """ A security policy which: @@ -183,15 +192,7 @@ def RepozeWhoIdentityACLSecurityPolicy(logger=None): """ logger = debug_logger(logger) - def get_principals(request): - identity = request.environ.get('repoze.who.identity') - if not identity: - return [] - principals = [identity['repoze.who.userid']] - principals.extend(identity.get('groups', [])) - return principals - - return ACLSecurityPolicy(logger, get_principals) + return ACLSecurityPolicy(logger, get_who_principals) class PermitsResult: def __init__(self, ace, acl, permission, principals, context): -- cgit v1.2.3