/usr/share/pyshared/zope/security/decorator.py is in python-zope.security 3.8.3-2ubuntu1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 | ##############################################################################
#
# Copyright (c) 2003 Zope Foundation and Contributors.
# All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
"""Decorator support
Decorators are proxies that are mostly transparent but that may provide
additional features.
"""
__docformat__ = "reStructuredText"
from zope.interface.declarations import ObjectSpecification
from zope.proxy import getProxiedObject, ProxyBase
from zope.proxy.decorator import SpecificationDecoratorBase
from zope.security.checker import selectChecker, CombinedChecker
from zope.security.proxy import Proxy
from zope.security.proxy import getChecker
class DecoratedSecurityCheckerDescriptor(object):
"""Descriptor for a Decorator that provides a decorated security checker.
To illustrate, we'll create a class that will be proxied:
>>> class Foo(object):
... a = 'a'
and a class to proxy it that uses a decorated security checker:
>>> class Wrapper(ProxyBase):
... b = 'b'
... __Security_checker__ = DecoratedSecurityCheckerDescriptor()
Next we'll create and register a checker for `Foo`:
>>> from zope.security.checker import NamesChecker, defineChecker
>>> fooChecker = NamesChecker(['a'])
>>> defineChecker(Foo, fooChecker)
along with a checker for `Wrapper`:
>>> wrapperChecker = NamesChecker(['b'])
>>> defineChecker(Wrapper, wrapperChecker)
Using `selectChecker()`, we can confirm that a `Foo` object uses
`fooChecker`:
>>> foo = Foo()
>>> selectChecker(foo) is fooChecker
True
>>> fooChecker.check(foo, 'a')
>>> fooChecker.check(foo, 'b') # doctest: +ELLIPSIS
Traceback (most recent call last):
ForbiddenAttribute: ('b', <zope.security.decorator.Foo object ...>)
and that a `Wrapper` object uses `wrappeChecker`:
>>> wrapper = Wrapper(foo)
>>> selectChecker(wrapper) is wrapperChecker
True
>>> wrapperChecker.check(wrapper, 'b')
>>> wrapperChecker.check(wrapper, 'a') # doctest: +ELLIPSIS
Traceback (most recent call last):
ForbiddenAttribute: ('a', <zope.security.decorator.Foo object ...>)
(Note that the object description says `Foo` because the object is a
proxy and generally looks and acts like the object it's proxying.)
When we access wrapper's ``__Security_checker__`` attribute, we invoke
the decorated security checker descriptor. The decorator's job is to make
sure checkers from both objects are used when available. In this case,
because both objects have checkers, we get a combined checker:
>>> checker = wrapper.__Security_checker__
>>> type(checker)
<class 'zope.security.checker.CombinedChecker'>
>>> checker.check(wrapper, 'a')
>>> checker.check(wrapper, 'b')
The decorator checker will work even with security proxied objects. To
illustrate, we'll proxify `foo`:
>>> from zope.security.proxy import ProxyFactory
>>> secure_foo = ProxyFactory(foo)
>>> secure_foo.a
'a'
>>> secure_foo.b # doctest: +ELLIPSIS
Traceback (most recent call last):
ForbiddenAttribute: ('b', <zope.security.decorator.Foo object ...>)
when we wrap the secured `foo`:
>>> wrapper = Wrapper(secure_foo)
we still get a combined checker:
>>> checker = wrapper.__Security_checker__
>>> type(checker)
<class 'zope.security.checker.CombinedChecker'>
>>> checker.check(wrapper, 'a')
>>> checker.check(wrapper, 'b')
The decorator checker has three other scenarios:
- the wrapper has a checker but the proxied object doesn't
- the proxied object has a checker but the wrapper doesn't
- neither the wrapper nor the proxied object have checkers
When the wrapper has a checker but the proxied object doesn't:
>>> from zope.security.checker import NoProxy, _checkers
>>> del _checkers[Foo]
>>> defineChecker(Foo, NoProxy)
>>> selectChecker(foo) is None
True
>>> selectChecker(wrapper) is wrapperChecker
True
the decorator uses only the wrapper checker:
>>> wrapper = Wrapper(foo)
>>> wrapper.__Security_checker__ is wrapperChecker
True
When the proxied object has a checker but the wrapper doesn't:
>>> del _checkers[Wrapper]
>>> defineChecker(Wrapper, NoProxy)
>>> selectChecker(wrapper) is None
True
>>> del _checkers[Foo]
>>> defineChecker(Foo, fooChecker)
>>> selectChecker(foo) is fooChecker
True
the decorator uses only the proxied object checker:
>>> wrapper.__Security_checker__ is fooChecker
True
Finally, if neither the wrapper not the proxied have checkers:
>>> del _checkers[Foo]
>>> defineChecker(Foo, NoProxy)
>>> selectChecker(foo) is None
True
>>> selectChecker(wrapper) is None
True
the decorator doesn't have a checker:
>>> wrapper.__Security_checker__
Traceback (most recent call last):
...
AttributeError: 'Foo' has no attribute '__Security_checker__'
__Security_checker__ cannot be None, otherwise Checker.proxy blows
up:
>>> checker.proxy(wrapper) is wrapper
True
"""
def __get__(self, inst, cls=None):
if inst is None:
return self
else:
proxied_object = getProxiedObject(inst)
if type(proxied_object) is Proxy:
checker = getChecker(proxied_object)
else:
checker = getattr(proxied_object, '__Security_checker__', None)
if checker is None:
checker = selectChecker(proxied_object)
wrapper_checker = selectChecker(inst)
if wrapper_checker is None and checker is None:
raise AttributeError("%r has no attribute %r" %
(proxied_object.__class__.__name__,
'__Security_checker__'))
elif wrapper_checker is None:
return checker
elif checker is None:
return wrapper_checker
else:
return CombinedChecker(wrapper_checker, checker)
def __set__(self, inst, value):
raise TypeError("Can't set __Security_checker__ on a decorated object")
class SecurityCheckerDecoratorBase(ProxyBase):
"""Base class for a proxy that provides additional security declarations."""
__Security_checker__ = DecoratedSecurityCheckerDescriptor()
class DecoratorBase(SpecificationDecoratorBase, SecurityCheckerDecoratorBase):
"""Base class for a proxy that provides both additional interfaces and
security declarations."""
# zope.location was made independent of security. To work together with
# security, we re-inject the DecoratedSecurityCheckerDescriptor onto the
# location proxy from here.
# This is the only sane place we found for doing it: it kicks in as soon
# as someone starts using security proxies.
import zope.location.location
zope.location.location.LocationProxy.__Security_checker__ = (
DecoratedSecurityCheckerDescriptor())
|