zope.security.zcml
Most users will not directly need to access the contents of this module; they will probably just configure via ZCML.
API Reference
Let’s look at an example:
>>> from zope.security.zcml import Permission
>>> class FauxContext(object):
... permission_mapping = {'zope.ManageCode':'zope.private'}
... _actions = []
... def action(self, **kws):
... self._actions.append(kws)
>>> context = FauxContext()
>>> field = Permission().bind(context)
Let’s test the fromUnicode method:
>>> field.fromUnicode(u'zope.foo')
'zope.foo'
>>> field.fromUnicode(u'zope.ManageCode')
'zope.private'
Now let’s see whether validation works alright
>>> field._validate('zope.ManageCode')
>>> context._actions[0]['args']
(None, 'zope.foo')
>>> from zope.schema.interfaces import InvalidId
>>> try:
... field._validate('3 foo')
... except InvalidId as e:
... e
InvalidId('3 foo')
zope.Public is always valid
>>> field._validate('zope.Public')
Configuring security via ZCML
zope.security
provides a ZCML file that configures some
utilities and a couple of standard permissions:
>>> from zope.component import getGlobalSiteManager
>>> from zope.configuration.xmlconfig import XMLConfig
>>> from zope.component.testing import setUp
>>> import zope.security
>>> setUp() # clear global component registry
>>> XMLConfig('permissions.zcml', zope.security)()
>>> len(list(getGlobalSiteManager().registeredUtilities()))
7
Clear the current state:
>>> from zope.component.testing import setUp, tearDown
>>> tearDown()
>>> setUp()
>>> XMLConfig('configure.zcml', zope.security)()
>>> len(list(getGlobalSiteManager().registeredUtilities()))
10