« back to all changes in this revision
Viewing changes to lib/canonical/launchpad/security.py
- browse files at revision 13843.9.9
- compare with another revision
- compare with revision 6393.2.1
- download diff
- download tarball
- view history from revision 13843.9.9
- Committer: Brad Crittenden
- Date: 2011-09-07 12:59:27 UTC
- mto: This revision was merged to the branch mainline in revision 13900.
- Revision ID: bac@canonical.com-20110907125927-c374h3f8jgmsrtzn
Merged ForwardedAuthorization and DerivedAuthorization to become DelegatedAuthorization
added
removed
lib/canonical/launchpad/security.py
38
38
from lp.app.security import (
39
39
AnonymousAuthorization,
40
40
AuthorizationBase,
41
ForwardedAuthorization,
41
DelegatedAuthorization,
42
42
)
43
43
from lp.archivepublisher.interfaces.publisherconfig import IPublisherConfig
44
44
from lp.blueprints.interfaces.specification import (
1003
1003
archive.getComponentsForQueueAdmin(user.person)) or user.in_admin
1004
1004
1005
1005
1006
class EditDistroSeriesDifference(ForwardedAuthorization):
1006
class EditDistroSeriesDifference(DelegatedAuthorization):
1007
1007
"""Anyone with lp.View on the distribution can edit a DSD."""
1008
1008
permission = 'launchpad.Edit'
1009
1009
usedfor = IDistroSeriesDifferenceEdit
1929
1929
self.forwardCheckAuthenticated(user, self.obj.distribution))
1930
1930
1931
1931
1932
class AdminDistributionSourcePackageTranslations(ForwardedAuthorization):
1932
class AdminDistributionSourcePackageTranslations(DelegatedAuthorization):
1933
1933
"""DistributionSourcePackage objects link to a distribution."""
1934
1934
permission = 'launchpad.TranslationsAdmin'
1935
1935
usedfor = IDistributionSourcePackage
1982
1982
self.branches))
1983
1983
1984
1984
1985
class PreviewDiffView(ForwardedAuthorization):
1985
class PreviewDiffView(DelegatedAuthorization):
1986
1986
permission = 'launchpad.View'
1987
1987
usedfor = IPreviewDiff
1988
1988
1990
1990
super(PreviewDiffView, self).__init__(obj.branch_merge_proposal)
1991
1991
1992
1992
1993
class CodeReviewVoteReferenceEdit(ForwardedAuthorization):
1993
class CodeReviewVoteReferenceEdit(DelegatedAuthorization):
1994
1994
permission = 'launchpad.Edit'
1995
1995
usedfor = ICodeReviewVoteReference
1996
1996
2015
2015
user))
2016
2016
2017
2017
2018
class CodeReviewCommentView(ForwardedAuthorization):
2018
class CodeReviewCommentView(DelegatedAuthorization):
2019
2019
permission = 'launchpad.View'
2020
2020
usedfor = ICodeReviewComment
2021
2021
2024
2024
obj.branch_merge_proposal)
2025
2025
2026
2026
2027
class CodeReviewCommentDelete(ForwardedAuthorization):
2027
class CodeReviewCommentDelete(DelegatedAuthorization):
2028
2028
permission = 'launchpad.Edit'
2029
2029
usedfor = ICodeReviewCommentDeletion
2030
2030
2291
2291
return auth_edit.checkAuthenticated(user)
2292
2292
2293
2293
2294
class EditArchiveAuthToken(ForwardedAuthorization):
2294
class EditArchiveAuthToken(DelegatedAuthorization):
2295
2295
"""Restrict editing of archive tokens.
2296
2296
2297
2297
The user should have append privileges to the context archive, or be an
2309
2309
super(EditArchiveAuthToken, self).checkAuthenticated(user))
2310
2310
2311
2311
2312
class ViewPersonalArchiveSubscription(ForwardedAuthorization):
2312
class ViewPersonalArchiveSubscription(DelegatedAuthorization):
2313
2313
"""Restrict viewing of personal archive subscriptions (non-db class).
2314
2314
2315
2315
The user should be the subscriber, have append privilege to the archive
2330
2330
ViewPersonalArchiveSubscription, self).checkAuthenticated(user)
2331
2331
2332
2332
2333
class ViewArchiveSubscriber(ForwardedAuthorization):
2333
class ViewArchiveSubscriber(DelegatedAuthorization):
2334
2334
"""Restrict viewing of archive subscribers.
2335
2335
2336
2336
The user should be the subscriber, have append privilege to the
2349
2349
super(ViewArchiveSubscriber, self).checkAuthenticated(user))
2350
2350
2351
2351
2352
class EditArchiveSubscriber(ForwardedAuthorization):
2352
class EditArchiveSubscriber(DelegatedAuthorization):
2353
2353
"""Restrict editing of archive subscribers.
2354
2354
2355
2355
The user should have append privilege to the archive or be an admin.
2366
2366
super(EditArchiveSubscriber, self).checkAuthenticated(user))
2367
2367
2368
2368
2369
class DerivedAuthorization(AuthorizationBase):
2370
"""An Authorization that is based on permissions for other objects.
2371
2372
Implementations must define permission, usedfor and iter_objects.
2373
iter_objects should iterate through the objects to check permission on.
2374
2375
Failure on the permission check for any object causes an overall failure.
2376
"""
2377
2378
def iter_adapters(self):
2379
return (
2380
getAdapter(obj, IAuthorization, self.permission)
2381
for obj in self.iter_objects())
2382
2383
def checkAuthenticated(self, user):
2384
for adapter in self.iter_adapters():
2385
if not adapter.checkAuthenticated(user):
2386
return False
2387
return True
2388
2389
def checkUnauthenticated(self):
2390
for adapter in self.iter_adapters():
2391
if not adapter.checkUnauthenticated():
2392
return False
2393
return True
2394
2395
2396
class ViewSourcePackageRecipe(DerivedAuthorization):
2369
class ViewSourcePackageRecipe(DelegatedAuthorization):
2397
2370
2398
2371
permission = "launchpad.View"
2399
2372
usedfor = ISourcePackageRecipe
2402
2375
return self.obj.getReferencedBranches()
2403
2376
2404
2377
2405
class ViewSourcePackageRecipeBuild(DerivedAuthorization):
2378
class ViewSourcePackageRecipeBuild(DelegatedAuthorization):
2406
2379
2407
2380
permission = "launchpad.View"
2408
2381
usedfor = ISourcePackageRecipeBuild
2422
2395
super(ViewSourcePackagePublishingHistory, self).__init__(obj.archive)
2423
2396
2424
2397
2425
class EditPublishing(ForwardedAuthorization):
2398
class EditPublishing(DelegatedAuthorization):
2426
2399
"""Restrict editing of source and binary packages.."""
2427
2400
permission = "launchpad.Edit"
2428
2401
usedfor = IPublishingEdit
Loggerhead is a web-based interface for Breezy
Version: 2.0.1