initial

4426d6fc · Jim Fulton · bdc8f4b0 · 4426d6fc · 4426d6fc · 4426d6fc
Commit 4426d6fc authored Aug 08, 1997 by Jim Fulton
6 changed files
--- a/lib/python/AccessControl/ACL.py
+++ b/lib/python/AccessControl/ACL.py
+"""Access control objects"""
+
+__version__='$Revision: 1.1 $'[11:-2]
+
+
+from Persistence import Persistent
+from DocumentTemplate import HTML
+from Globals import MessageDialog
+from Acquisition import Acquirer
+from string import join, strip, split
+
+
+
+class SafeDtml(HTML):
+    """Lobotomized document template w/no editing"""
+
+    def __init__(self,name='',*args,**kw):
+        f=open('%s/lib/python/AccessControl/%s.dtml' % (SOFTWARE_HOME, name))
+        s=f.read()
+        f.close()
+        args=(self,s,)+args
+	apply(HTML.__init__,args,kw)
+
+    manage             =None
+    manage_editDocument=None
+    manage_editForm    =None
+    manage_edit        =None
+
+
+
+
+
+
+class ACL(Persistent, Acquirer):
+    """An object which stores and provides a user 
+       interface to access control information"""
+
+    def __init__(self, groups=[]):
+        self._data={}
+	for g in groups:
+            self._data[g]={}
+
+    id         ='AccessControl'
+    title      ='Access Control'
+    icon       ='AccessControl/AccessControl_icon.gif'
+
+    _groupsForm=SafeDtml('groupsForm')
+    _groupForm =SafeDtml('groupForm')
+    _memberForm=SafeDtml('memberForm')
+
+    manage=manage_main=_groupsForm
+
+    def debug(self):
+        """ """
+        return '<html><XMP>%s</XMP></html>' % `self`
+
+    def __len__(self): return len(self._data)
+
+    def has_key(self,k):
+        return self._data.has_key(k)
+
+    def keys(self):
+        return self._data.keys()
+
+    def values(self):
+        return self._data.values()
+
+    def items(self):
+        return self._data.items()
+
+    def __getitem__(self,k):
+        return self._data[k]
+
+    def __setitem__(self,k, v):
+        self._data[k]=v
+        self.__changed__(1)
+
+    def __delitem__(self,k):
+        del self._data[k]
+        self.__changed__(1)
+
+    def groupNames(self):
+        return self._data.keys()
+
+    def manage_addGroup(self,REQUEST,name=''):
+        """Add group"""
+	if not name:
+            return MessageDialog(title='Illegal value', 
+                   message='An illegal value was specified',
+                   action='%s/manage_main' % REQUEST['PARENT_URL'])
+
+        if self._data.has_key(name):
+            return MessageDialog(title='Illegal value',
+                   message='An item with the specified name already exists',
+                   action='%s/manage_main' % REQUEST['PARENT_URL'])
+
+        self._data[name]={}
+        self.__changed__(1)
+        return self._groupsForm(self,REQUEST)
+
+
+    def manage_groupForm(self,REQUEST,name=''):
+        """Edit group"""
+	if not (name):
+            return MessageDialog(title='Illegal value', 
+                   message='An illegal value was specified',
+                   action='%s/manage_main' % REQUEST['PARENT_URL'])
+
+        if not self._data.has_key(name):
+            return MessageDialog(title='Illegal value',
+                   message='The specified item does not exist',
+                   action='%s/manage_main' % REQUEST['PARENT_URL'])
+
+	return self._groupForm(self,REQUEST,groupName=name,
+                               memberNames=self._data[name].keys())
+
+    def manage_deleteGroup(self,REQUEST,names=[]):
+        """Delete group"""
+	if not names:
+            return MessageDialog(title='Illegal value', 
+                   message='An illegal value was specified',
+                   action='%s/manage_main' % REQUEST['PARENT_URL'])
+
+	if type(names)==type('s'): names=[names]
+
+        f=self._data.has_key
+	if 0 in map(f, names):
+            return MessageDialog(title='Illegal value',
+                   message='The specified item does not exist',
+                   action='%s/manage_main' % REQUEST['PARENT_URL'])
+
+	for n in names:
+            del self._data[n]
+        self.__changed__(1)
+        return self._groupsForm(self,REQUEST)
+
+
+    def manage_addMember(self,REQUEST,group='',name='',password='',confirm=''):
+        """Add a member"""
+	if not (group and name and password and confirm):
+            return MessageDialog(title='Illegal value', 
+                   message='An illegal value was specified',
+                   action='%s/manage_main' % REQUEST['PARENT_URL'])
+
+        if not self._data.has_key(group):
+            return MessageDialog(title='Illegal value',
+                   message='The specified item does not exist',
+                   action='%s/manage_main' % REQUEST['PARENT_URL'])
+
+	if self._data[group].has_key(name):
+            return MessageDialog(title='Illegal value', 
+                   message='An item with the specified name already exists',
+                   action='%s/manage_main' % REQUEST['PARENT_URL'])
+
+	if password != confirm:
+            return MessageDialog(title='Illegal value', 
+                   message='Password and confirmation do not match',
+                   action='%s/manage_main' % REQUEST['PARENT_URL'])
+
+        self._data[group][name]=password
+        self.__changed__(1)
+	return self._groupForm(self,REQUEST,groupName=group,
+                               memberNames=self._data[group].keys())
+
+
+    def manage_memberForm(self,REQUEST,group='',name=''):
+        """Edit member"""
+	if not (group and name):
+            return MessageDialog(title='Illegal value', 
+                   message='An illegal value was specified',
+                   action='%s/manage_main' % REQUEST['PARENT_URL'])
+
+        if not self._data.has_key(group):
+            return MessageDialog(title='Illegal value',
+                   message='The specified item does not exist',
+                   action='%s/manage_main' % REQUEST['PARENT_URL'])
+
+        if not self._data[group].has_key(name):
+            return MessageDialog(title='Illegal value',
+                   message='The specified item does not exist',
+                   action='%s/manage_main' % REQUEST['PARENT_URL'])
+
+	g,n,p=group,name,self._data[group][name]
+        return self._memberForm(self,REQUEST,groupName=g,memberName=n,
+                                memberPassword=p)
+
+
+    def manage_editMember(self,REQUEST,group='',name='',password='',
+                          confirm=''):
+        """Add a member"""
+	if not (group and name and password and confirm):
+            return MessageDialog(title='Illegal value', 
+                   message='An illegal value was specified',
+                   action='%s/manage_main' % REQUEST['PARENT_URL'])
+
+        if not self._data.has_key(group):
+            return MessageDialog(title='Illegal value',
+                   message='The specified item does not exist',
+                   action='%s/manage_main' % REQUEST['PARENT_URL'])
+
+	if not self._data[group].has_key(name):
+            return MessageDialog(title='Illegal value',
+                   message='The specified item does not exist',
+                   action='%s/manage_main' % REQUEST['PARENT_URL'])
+
+	if password != confirm:
+            return MessageDialog(title='Illegal value', 
+                   message='Password and confirmation do not match',
+                   action='%s/manage_main' % REQUEST['PARENT_URL'])
+
+        self._data[group][name]=password
+        self.__changed__(1)
+	return self._groupForm(self,REQUEST,groupName=group,
+                               memberNames=self._data[group].keys())
+
+
+    def manage_deleteMember(self,REQUEST,group='',names=[]):
+        """Delete members"""
+	if not (group and names):
+            return MessageDialog(title='Illegal value', 
+                   message='An illegal value was specified',
+                   action='%s/manage_main' % REQUEST['PARENT_URL'])
+
+        if not self._data.has_key(group):
+            return MessageDialog(title='Illegal value',
+                   message='The specified item does not exist',
+                   action='%s/manage_main' % REQUEST['PARENT_URL'])
+
+	if type(names)==type('s'): names=[names]
+        f=self._data[group].has_key
+
+	if 0 in map(f, names):
+            return MessageDialog(title='Illegal value',
+                   message='The specified item does not exist',
+                   action='%s/manage_main' % REQUEST['PARENT_URL'])
+
+	for n in names:
+            del self._data[group][n]
+        self.__changed__(1)
+	return self._groupForm(self,REQUEST,groupName=group,
+                               memberNames=self._data[group].keys())
+
+
+
+class RoleManager:
+    def roles_string(self):
+	try: return join(self.__roles__)
+	except: return ''
+
+    def parse_roles_string(self, roles):
+	"""Utility routine for parsing roles given as a string
+	"""
+	roles=map(strip,split(strip(roles)))
+	try: del self.__roles__
+	except: pass
+	if roles=='public':
+	    self.__roles__=None
+	elif roles: self.__roles__=roles
--- a/lib/python/AccessControl/Setup
+++ b/lib/python/AccessControl/Setup
-*shared*
+# install ACL.py
+# install groupForm.dtml
+# install groupsForm.dtml
+# install memberForm.dtml
+# install www www/%(package)s
--- a/lib/python/AccessControl/groupForm.dtml
+++ b/lib/python/AccessControl/groupForm.dtml
+<HTML>
+<HEAD>
+<TITLE>
+Access Control
+</TITLE>
+</HEAD>
+<BODY BGCOLOR="#FFFFFF" LINK="#000099" VLINK="#555555" ALINK="#77003B">
+<FONT SIZE="+2">
+Access Control
+</FONT>
+<BR>
+<P>
+<TABLE>
+<!--#if memberNames-->
+
+
+<TR>
+  <TD VALIGN="TOP">
+  The following members are defined for the group <B><!--#var groupName--></B>.
+  To edit a member, select a member from the list and click the
+  <I>Edit Member</I> button.
+  </TD>
+  <TD VALIGN="TOP">
+  <FORM ACTION="<!--#var PARENT_URL-->/manage_memberForm" METHOD="POST">
+  <SELECT NAME="name">
+  <!--#in memberNames-->
+  <OPTION VALUE="<!--#var sequence-item-->"> <!--#var sequence-item-->
+  <!--#/in memberNames-->
+  </SELECT>
+  <BR>
+  <INPUT TYPE="HIDDEN" NAME="group" VALUE="<!--#var groupName-->">
+  <INPUT TYPE="SUBMIT" VALUE="Edit Member">
+  </FORM>
+  </TD>
+</TR>
+<!--#else memberNames-->
+<TR>
+  <TD COLSPAN="2" VALIGN="TOP">
+  There are no members defined for the group <B><!--#var groupName--></B>.
+  </TD>
+</TR>
+<!--#/if memberNames-->
+<TR>
+  <TD COLSPAN="2" VALIGN="TOP">
+  <BR>
+  To add a new member to this group, enter the name, password and
+  confirmation of password for the new member and click the
+  <I>Add Member</I> button.
+  </TD>
+</TR>
+<TR>
+  <TD COLSPAN="2" VALIGN="TOP">
+  <FORM ACTION="<!--#var PARENT_URL-->/manage_addMember" METHOD="POST">
+  <TABLE>
+  <TR>
+  <TD VALIGN="TOP">Name</TD>
+  <TD VALIGN="TOP"><INPUT TYPE="TEXT" NAME="name" SIZE="20"></TD>
+  </TR>
+  <TR>
+  <TD VALIGN="TOP">Password</TD>
+  <TD VALIGN="TOP"><INPUT TYPE="PASSWORD" NAME="password" SIZE="20"></TD>
+  </TR>
+  <TR>
+  <TD VALIGN="TOP">(Confirm)</TD>
+  <TD VALIGN="TOP">
+  <INPUT TYPE="PASSWORD" NAME="confirm" SIZE="20"><BR>
+  <INPUT TYPE="HIDDEN" NAME="group" VALUE="<!--#var groupName-->">
+  <INPUT TYPE="SUBMIT" VALUE="Add Member">
+  </TD>
+  </TR>
+  </TABLE>
+  </FORM>
+  </TD>
+</TR>
+<!--#if memberNames-->
+<TR>
+  <TD VALIGN="TOP">
+  <BR>
+  To delete one or more members from this group, select the members
+  you wish to delete and click the <I>Delete Members</I> button.
+  </TD>
+  <TD VALIGN="TOP">
+  <BR>
+  <FORM ACTION="<!--#var PARENT_URL-->/manage_deleteMember" METHOD="POST">
+  <SELECT NAME="names:list" MULTIPLE SIZE="5" >
+  <!--#in memberNames-->
+  <OPTION VALUE="<!--#var sequence-item-->"> <!--#var sequence-item-->
+  <!--#/in memberNames-->
+  </SELECT>
+  <BR>
+  <INPUT TYPE="HIDDEN" NAME="group" VALUE="<!--#var groupName-->">
+  <INPUT TYPE="SUBMIT" VALUE="Delete Members">
+  </FORM>
+  </TD>
+</TR>
+<!--#/if memberNames-->
+</TABLE>
+</BODY>
+</HTML>
--- a/lib/python/AccessControl/groupsForm.dtml
+++ b/lib/python/AccessControl/groupsForm.dtml
+<HTML>
+<HEAD>
+<TITLE>
+Access Control
+</TITLE>
+</HEAD>
+<BODY BGCOLOR="#FFFFFF" LINK="#000099" VLINK="#555555" ALINK="#77003B">
+<FONT SIZE="+2">
+Access Control
+</FONT>
+<BR>
+<P>
+Access control allows you to restrict access to various operations on
+this object. For detailed information about using access control, see
+the product documentation or online help.
+<P>
+<TABLE>
+<!--#if groupNames-->
+<TR>
+  <TD VALIGN="TOP">
+  To view or edit the members of a group, select a
+  group and click the <I>Edit Group</I> button.
+  </TD>
+  <TD VALIGN="TOP">
+  <FORM ACTION="<!--#var PARENT_URL-->/manage_groupForm" METHOD="POST">
+  <SELECT NAME="name">
+
+  <!--#in groupNames-->
+  <OPTION VALUE="<!--#var sequence-item-->"> <!--#var sequence-item-->
+  <!--#/in groupNames-->
+  </SELECT>
+  <BR>
+  <INPUT TYPE="SUBMIT" VALUE="Edit Group">
+  </FORM>
+  </TD>
+</TR>
+<!--#else groupNames-->
+<TR>
+  <TD COLSPAN="2" VALIGN="TOP">
+  There are currently no access control groups defined.
+  </TD>
+</TR>
+<!--#/if groupNames-->
+<TR>
+  <TD VALIGN="TOP">
+  <BR>
+  To add a new group, enter a name for the new
+  group and click the <I>Add Group</I> button.
+  </TD>
+  <TD VALIGN="TOP">
+  <BR>
+  <FORM ACTION="<!--#var PARENT_URL-->/manage_addGroup" METHOD="POST">
+  <INPUT TYPE="TEXT" NAME="name" SIZE="30">
+  <BR>
+  <INPUT TYPE="SUBMIT" VALUE="Add Group">
+  </FORM>
+  </TD>
+</TR>
+<!--#if groupNames-->
+<TR>
+  <TD VALIGN="TOP">
+  <BR>
+  To delete one or more groups, select the groups you wish
+  to delete and click the <I>Delete Groups</I> button.
+  </TD>
+  <TD VALIGN="TOP">
+  <BR>
+  <FORM ACTION="<!--#var PARENT_URL-->/manage_deleteGroup" METHOD="POST">
+  <SELECT NAME="names:list" MULTIPLE SIZE="5">
+  <!--#in groupNames-->
+  <OPTION VALUE="<!--#var sequence-item-->"> <!--#var sequence-item-->
+  <!--#/in groupNames-->
+  </SELECT>
+  <BR>
+  <INPUT TYPE="SUBMIT" VALUE="Delete Groups">
+  </FORM>
+  </TD>
+</TR>
+<!--#/if groupNames-->
+</TABLE>
+</BODY>
+</HTML>
--- a/lib/python/AccessControl/memberForm.dtml
+++ b/lib/python/AccessControl/memberForm.dtml
+<HTML>
+<HEAD>
+<TITLE>
+Access Control
+</TITLE>
+</HEAD>
+<BODY BGCOLOR="#FFFFFF" LINK="#000099" VLINK="#555555" ALINK="#77003B">
+<FONT SIZE="+2">
+Access Control
+</FONT>
+<BR>
+<P>
+  <FORM ACTION="<!--#var PARENT_URL-->/manage_editMember" METHOD="POST">
+  <TABLE>
+  <TR>
+  <TD VALIGN="TOP">Name</TD>
+  <TD VALIGN="TOP"><!--#var memberName-->, in <B><!--#var groupName--></B></TD>
+  </TR>
+  <TR>
+  <TD VALIGN="TOP">Password</TD>
+  <TD VALIGN="TOP">
+  <INPUT TYPE="PASSWORD" NAME="password" VALUE="<!--#var memberPassword-->"
+   SIZE="20"></TD>
+  </TR>
+  <TR>
+  <TD VALIGN="TOP">(Confirm)</TD>
+  <TD VALIGN="TOP">
+  <INPUT TYPE="PASSWORD" NAME="confirm" VALUE="<!--#var memberPassword-->"
+   SIZE="20">
+  <INPUT TYPE="HIDDEN" NAME="name" VALUE="<!--#var memberName-->">
+  <INPUT TYPE="HIDDEN" NAME="group" VALUE="<!--#var groupName-->">
+  <BR>
+  <INPUT TYPE="SUBMIT" VALUE="Save Changes">
+  </TD>
+  </TR>
+  </TABLE>
+  </FORM>
+</BODY>
+</HTML>
--- a/lib/python/AccessControl/www/AccessControl_icon.gif
+++ b/lib/python/AccessControl/www/AccessControl_icon.gif