Skip to content

Z
Zope
Commit fc6771f5 authored by Tres Seaver's avatar Tres Seaver
Browse files
Options

Moved Products.Sessions APIs from ``SessionInterfaces`` to ``interfaces``. 

- Left behind the old module / names for backwared compatibility.
parent ef70f7cd
Hide whitespace changes
Inline Side-by-side
Showing with 261 additions and 254 deletions
doc/CHANGES.rst
View file @ fc6771f5
......@@ -11,6 +11,9 @@ Trunk (unreleased)
Restructuring
+++++++++++++
- Moved Products.Sessions APIs from ``SessionInterfaces`` to ``interfaces``,
leaving behind the old module / names for backwared compatibility.
- Moved ``cmf.*`` permissions into Products.CMFCore.
- Moved general OFS related ZCML directives from Products.Five into the OFS
......
src/Products/Sessions/BrowserIdManager.py
View file @ fc6771f5
......@@ -10,8 +10,6 @@
# FOR A PARTICULAR PURPOSE
#
############################################################################
__version__='$Revision: 1.20 $'[11:-2]
import binascii
from cgi import escape
import logging
......@@ -28,11 +26,9 @@ from AccessControl.Owned import Owned
from AccessControl.Role import RoleManager
from AccessControl.SecurityInfo import ClassSecurityInfo
from Acquisition import Implicit
from Acquisition import aq_base
from Acquisition import aq_parent
from Acquisition import aq_inner
from App.class_init import InitializeClass
from App.Dialogs import MessageDialog
from App.Management import Tabs
from App.special_dtml import DTMLFile
from Persistence import Persistent
......@@ -43,11 +39,11 @@ from ZPublisher.BeforeTraverse import unregisterBeforeTraverse
from ZPublisher.BeforeTraverse import queryBeforeTraverse
from zope.interface import implements
from Products.Sessions.SessionInterfaces import IBrowserIdManager
from Products.Sessions.interfaces import IBrowserIdManager
from Products.Sessions.interfaces import BrowserIdManagerErr
from Products.Sessions.SessionPermissions import ACCESS_CONTENTS_PERM
from Products.Sessions.SessionPermissions import CHANGE_IDMGR_PERM
from Products.Sessions.SessionPermissions import MGMT_SCREEN_PERM
from Products.Sessions.common import DEBUG
b64_trans = string.maketrans('+/', '-.')
b64_untrans = string.maketrans('-.', '+/')
......@@ -82,9 +78,6 @@ def constructBrowserIdManager(
if REQUEST is not None:
return self.manage_main(self, REQUEST, update_menu=1)
class BrowserIdManagerErr(ValueError): # BBB
pass
class BrowserIdManager(Item, Persistent, Implicit, RoleManager, Owned, Tabs):
""" browser id management class
"""
......
src/Products/Sessions/SessionDataManager.py
View file @ fc6771f5
......@@ -10,18 +10,14 @@
# FOR A PARTICULAR PURPOSE
#
############################################################################
from logging import getLogger
import re
import sys
import time
from AccessControl.Owned import Owned
from AccessControl.Role import RoleManager
from AccessControl.SecurityInfo import ClassSecurityInfo
from Acquisition import Implicit
from Acquisition import Explicit
from Acquisition import aq_base
from App.class_init import InitializeClass
from App.special_dtml import DTMLFile
from App.Management import Tabs
......@@ -32,22 +28,19 @@ from ZPublisher.BeforeTraverse import unregisterBeforeTraverse
from ZODB.POSException import ConflictError
from zope.interface import implements
from Products.Sessions.SessionInterfaces import ISessionDataManager
from Products.Sessions.interfaces import ISessionDataManager
from Products.Sessions.interfaces import SessionDataManagerErr
from Products.Sessions.SessionPermissions import ACCESS_CONTENTS_PERM
from Products.Sessions.SessionPermissions import ACCESS_SESSIONDATA_PERM
from Products.Sessions.SessionPermissions import ARBITRARY_SESSIONDATA_PERM
from Products.Sessions.SessionPermissions import CHANGE_DATAMGR_PERM
from Products.Sessions.SessionPermissions import MGMT_SCREEN_PERM
from Products.Sessions.common import DEBUG
from Products.Sessions.BrowserIdManager import isAWellFormedBrowserId
from Products.Sessions.BrowserIdManager import getNewBrowserId
from Products.Sessions.BrowserIdManager import BROWSERID_MANAGER_NAME
bad_path_chars_in=re.compile('[^a-zA-Z0-9-_~\,\. \/]').search
LOG = getLogger('SessionDataManager')
class SessionDataManagerErr(Exception): pass
constructSessionDataManagerForm = DTMLFile('dtml/addDataManager',
globals())
......@@ -124,7 +117,7 @@ class SessionDataManager(Item, Implicit, Persistent, RoleManager, Owned, Tabs):
""" """
mgr = getattr(self, BROWSERID_MANAGER_NAME, None)
if mgr is None:
raise SessionDataManagerErr,(
raise SessionDataManagerErr(
'No browser id manager named %s could be found.' %
BROWSERID_MANAGER_NAME
)
......@@ -167,7 +160,7 @@ class SessionDataManager(Item, Implicit, Persistent, RoleManager, Owned, Tabs):
self.obpath = None # undefined state
elif type(path) is type(''):
if bad_path_chars_in(path):
raise SessionDataManagerErr, (
raise SessionDataManagerErr(
'Container path contains characters invalid in a Zope '
'object path'
)
......@@ -175,7 +168,7 @@ class SessionDataManager(Item, Implicit, Persistent, RoleManager, Owned, Tabs):
elif type(path) in (type([]), type(())):
self.obpath = list(path) # sequence
else:
raise SessionDataManagerErr, ('Bad path value %s' % path)
raise SessionDataManagerErr('Bad path value %s' % path)
security.declareProtected(MGMT_SCREEN_PERM, 'getContainerPath')
def getContainerPath(self):
......@@ -236,7 +229,7 @@ class SessionDataManager(Item, Implicit, Persistent, RoleManager, Owned, Tabs):
except ConflictError:
raise
except:
raise SessionDataManagerErr, (
raise SessionDataManagerErr(
"External session data container '%s' not found." %
'/'.join(self.obpath)
)
......@@ -270,6 +263,8 @@ class SessionDataManager(Item, Implicit, Persistent, RoleManager, Owned, Tabs):
self._hasTraversalHook = 1
self._requestSessionName = requestSessionName
InitializeClass(SessionDataManager)
class SessionDataManagerTraverser(Persistent):
def __init__(self, requestSessionName, sessionDataManagerName):
self._requestSessionName = requestSessionName
......@@ -303,6 +298,3 @@ class SessionDataManagerTraverser(Persistent):
# set the getSessionData method in the "lazy" namespace
if self._requestSessionName is not None:
request.set_lazy(self._requestSessionName, getSessionData)
InitializeClass(SessionDataManager)
src/Products/Sessions/SessionInterfaces.py
View file @ fc6771f5
......@@ -10,224 +10,13 @@
# FOR A PARTICULAR PURPOSE
#
############################################################################
""" Session APIs
o See Also
- "Transient Object API":../../Transience/Help/TransienceInterfaces.py
"""
from zope.interface import Interface
class IBrowserIdManager(Interface):
""" Zope Browser Id Manager interface.
A Zope Browser Id Manager is responsible for assigning ids to site
visitors, and for servicing requests from Session Data Managers
related to the browser id.
"""
def hasBrowserId():
""" Return true if there is a browser id for the current request.
o Permission required: Access contents information
o Does *not* raise an error if the request contains a broken
browser id.
"""
def getBrowserId(create=1):
""" Return a browser id for the current request.
o If create is false, return None if there is no browser id associated
with the current request.
o If create is true, return a newly-created browser id if
there is no browser id associated with the current request.
o This method is useful in conjunction with 'getBrowserIdName' if you
wish to embed the browser-id-name/browser-id combination as a hidden
value in a POST-based form.
o The browser id is opaque, has no business meaning, and its length,
type, and composition are subject to change.
o Permission required: Access contents information
o Raises BrowserIdManagerErr if an ill-formed browser id
is found in REQUEST.
"""
def getBrowserIdName():
"""
Returns a string with the name of the cookie/form variable which is
used by the current browser id manager as the name to look up when
attempting to obtain the browser id value. For example, '_ZopeId'.
Permission required: Access contents information
"""
def isBrowserIdNew():
"""
Returns true if browser id is 'new'. A browser id is 'new'
when it is first created and the client has therefore not sent it
back to the server in any request.
Permission required: Access contents information
Raises: BrowserIdManagerErr. If there is no current browser id.
"""
def isBrowserIdFromCookie():
""" Return true if browser id comes from a cookie.
o Permission required: Access contents information
o Raise BrowserIdManagerErr if there is no current browser id.
"""
def isBrowserIdFromForm():
""" Return true if browser id comes from a form variable.
o Variable may come from either the query string or a post.
o Permission required: Access contents information
o Raise BrowserIdManagerErr if there is no current browser id.
"""
def isBrowserIdFromUrl():
""" Return true if browser id comes from a cookie.
o Permission required: Access contents information
o Raise BrowserIdManagerErr if there is no current browser id.
"""
def flushBrowserIdCookie():
""" Deletes the browser id cookie from the client browser.
o Permission required: Access contents information
o Raise BrowserIdManagerErr if the 'cookies' namespace isn't
a browser id namespace.
"""
def setBrowserIdCookieByForce(bid):
""" Sets the browser id cookie to browser id 'bid' by force.
o Useful when you need to 'chain' browser id cookies across domains
for the same user (perhaps temporarily using query strings).
o Permission required: Access contents information
o Raise BrowserIdManagerErr if the 'cookies' namespace isn't
a browser id namespace.
"""
def getHiddenFormField():
""" Return a string usable as a hidden form field for the browser id.
o String is of the form::
<input type="hidden" name="_ZopeId" value="H7HJGYUFGFyHKH*" />
o name and the value represent the current browser id
name and current browser id.
"""
def encodeUrl(url, style='querystring'):
""" Encode a given URL with the current browser id.
o Two forms of URL-encoding are supported: 'querystring' and 'inline'.
o 'querystring' is the default.
o If the 'querystring' form is used, the browser id name/value pair
are postfixed onto the URL as a query string.
o If the 'inline' form is used, the browser id name/value pair
are prefixed onto the URL as the first two path segment elements.
o For example:
- The call encodeUrl('http://foo.com/amethod', style='querystring')
might return 'http://foo.com/amethod?_ZopeId=as9dfu0adfu0ad'.
- The call encodeUrl('http://foo.com/amethod, style='inline')
might return 'http://foo.com/_ZopeId/as9dfu0adfu0ad/amethod'.
o Permission required: Access contents information
o Raise BrowserIdManagerErr if there is no current browser id.
"""
# BBB location for APIs now defined in Products.Sessions.interfaces
from Products.Sessions.interfaces import IBrowserIdManager
BrowserIdManagerInterface = IBrowserIdManager # BBB
class ISessionDataManager(Interface):
""" Zope Session Data Manager interface.
A Zope Session Data Manager is responsible for maintaining Session
Data Objects, and for servicing requests from application code
related to Session Data Objects. It also communicates with a Browser
Id Manager to provide information about browser ids.
"""
def getBrowserIdManager():
""" Return the nearest acquirable browser id manager.
o Raise SessionDataManagerErr if no browser id manager can be found.
o Permission required: Access session data
"""
def getSessionData(create=1):
""" Return a Session Data Object for the current browser id.
o If there is no current browser id, and create is true,
return a new Session Data Object.
o If there is no current browser id and create is false, returns None.
o Permission required: Access session data
"""
def hasSessionData():
""" Does a Session Data Object exist for the current browser id?
o Do not create a Session Data Object if one does not exist.
o Permission required: Access session data
"""
def getSessionDataByKey(key):
""" Return a Session Data Object associated with 'key'.
o If there is no Session Data Object associated with 'key',
return None.
o Permission required: Access arbitrary user session data
"""
SessionDataManagerInterface = ISessionDataManager # BBB
class SessionDataManagerErr(ValueError):
""" Error raised during some session data manager operations
o See ISesseionDataManager.
o This exception may be caught in PythonScripts. A successful
import of the exception for PythonScript use would need to be::
from Products.Sessions import SessionDataManagerErr
"""
class BrowserIdManagerErr(ValueError):
""" Error raised during some browser id manager operations
o See IBrowserIdManager methods.
o This exception may be caught in PythonScripts. A successful
import of the exception for PythonScript use would need to be::
from Products.Sessions.interfaces import ISessionDataManager
SessionDataManagerInterface = ISessionDataManager
from Products.Sessions import BrowserIdManagerErr
"""
from Products.Sessions.interfaces import SessionDataManagerErr
from Products.Sessions.interfaces import BrowserIdManagerErr
src/Products/Sessions/__init__.py
View file @ fc6771f5
......@@ -10,19 +10,15 @@
# FOR A PARTICULAR PURPOSE
#
##############################################################################
""" Session managemnt product initialization
"""
Session initialization routines
$Id$
"""
import ZODB # this is for testrunner to be happy
import BrowserIdManager
import SessionDataManager
from BrowserIdManager import BrowserIdManagerErr
from SessionDataManager import SessionDataManagerErr
from Products.Sessions.interfaces import BrowserIdManagerErr #BBB
from Products.Sessions.interfaces import SessionDataManagerErr #BBB
def initialize(context):
import BrowserIdManager
import SessionDataManager
context.registerClass(
BrowserIdManager.BrowserIdManager,
icon="www/idmgr.gif",
......@@ -41,6 +37,7 @@ def initialize(context):
context.registerHelp()
context.registerHelpTitle("Zope Help")
# do module security declarations so folks can use some of the
# module-level stuff in PythonScripts
#
......@@ -51,8 +48,13 @@ def initialize(context):
security = ModuleSecurityInfo('Products')
security.declarePublic('Sessions')
security.declarePublic('Transience')
security = ModuleSecurityInfo('Products.Sessions.interfaces')
security.declareObjectPublic()
security.setDefaultAccess('allow')
security = ModuleSecurityInfo('Products.Transience')
security.declarePublic('MaxTransientObjectsExceeded')
#BBB for names which should be imported from Products.Sessions.interfaces
security = ModuleSecurityInfo('Products.Sessions')
security.declarePublic('BrowserIdManagerErr')
security.declarePublic('SessionDataManagerErr')
security = ModuleSecurityInfo('Products.Transience')
security.declarePublic('MaxTransientObjectsExceeded')
src/Products/Sessions/interfaces.py 0 → 100644
View file @ fc6771f5
############################################################################
#
# Copyright (c) 2002 Zope Corporation and Contributors. All Rights Reserved.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE
#
############################################################################
""" Session APIs
o See Also
- "Transient Object API":../../Transience/Help/TransienceInterfaces.py
"""
from zope.interface import Interface
class IBrowserIdManager(Interface):
""" Zope Browser Id Manager interface.
A Zope Browser Id Manager is responsible for assigning ids to site
visitors, and for servicing requests from Session Data Managers
related to the browser id.
"""
def hasBrowserId():
""" Return true if there is a browser id for the current request.
o Permission required: Access contents information
o Does *not* raise an error if the request contains a broken
browser id.
"""
def getBrowserId(create=1):
""" Return a browser id for the current request.
o If create is false, return None if there is no browser id associated
with the current request.
o If create is true, return a newly-created browser id if
there is no browser id associated with the current request.
o This method is useful in conjunction with 'getBrowserIdName' if you
wish to embed the browser-id-name/browser-id combination as a hidden
value in a POST-based form.
o The browser id is opaque, has no business meaning, and its length,
type, and composition are subject to change.
o Permission required: Access contents information
o Raises BrowserIdManagerErr if an ill-formed browser id
is found in REQUEST.
"""
def getBrowserIdName():
"""
Returns a string with the name of the cookie/form variable which is
used by the current browser id manager as the name to look up when
attempting to obtain the browser id value. For example, '_ZopeId'.
Permission required: Access contents information
"""
def isBrowserIdNew():
"""
Returns true if browser id is 'new'. A browser id is 'new'
when it is first created and the client has therefore not sent it
back to the server in any request.
Permission required: Access contents information
Raises: BrowserIdManagerErr. If there is no current browser id.
"""
def isBrowserIdFromCookie():
""" Return true if browser id comes from a cookie.
o Permission required: Access contents information
o Raise BrowserIdManagerErr if there is no current browser id.
"""
def isBrowserIdFromForm():
""" Return true if browser id comes from a form variable.
o Variable may come from either the query string or a post.
o Permission required: Access contents information
o Raise BrowserIdManagerErr if there is no current browser id.
"""
def isBrowserIdFromUrl():
""" Return true if browser id comes from a cookie.
o Permission required: Access contents information
o Raise BrowserIdManagerErr if there is no current browser id.
"""
def flushBrowserIdCookie():
""" Deletes the browser id cookie from the client browser.
o Permission required: Access contents information
o Raise BrowserIdManagerErr if the 'cookies' namespace isn't
a browser id namespace.
"""
def setBrowserIdCookieByForce(bid):
""" Sets the browser id cookie to browser id 'bid' by force.
o Useful when you need to 'chain' browser id cookies across domains
for the same user (perhaps temporarily using query strings).
o Permission required: Access contents information
o Raise BrowserIdManagerErr if the 'cookies' namespace isn't
a browser id namespace.
"""
def getHiddenFormField():
""" Return a string usable as a hidden form field for the browser id.
o String is of the form::
<input type="hidden" name="_ZopeId" value="H7HJGYUFGFyHKH*" />
o name and the value represent the current browser id
name and current browser id.
"""
def encodeUrl(url, style='querystring'):
""" Encode a given URL with the current browser id.
o Two forms of URL-encoding are supported: 'querystring' and 'inline'.
o 'querystring' is the default.
o If the 'querystring' form is used, the browser id name/value pair
are postfixed onto the URL as a query string.
o If the 'inline' form is used, the browser id name/value pair
are prefixed onto the URL as the first two path segment elements.
o For example:
- The call encodeUrl('http://foo.com/amethod', style='querystring')
might return 'http://foo.com/amethod?_ZopeId=as9dfu0adfu0ad'.
- The call encodeUrl('http://foo.com/amethod, style='inline')
might return 'http://foo.com/_ZopeId/as9dfu0adfu0ad/amethod'.
o Permission required: Access contents information
o Raise BrowserIdManagerErr if there is no current browser id.
"""
class BrowserIdManagerErr(ValueError):
""" Error raised during some browser id manager operations
o See IBrowserIdManager methods.
o This exception may be caught in PythonScripts. A successful
import of the exception for PythonScript use would need to be::
from Products.Sessions.interfaces import BrowserIdManagerErr
"""
class ISessionDataManager(Interface):
""" Zope Session Data Manager interface.
A Zope Session Data Manager is responsible for maintaining Session
Data Objects, and for servicing requests from application code
related to Session Data Objects. It also communicates with a Browser
Id Manager to provide information about browser ids.
"""
def getBrowserIdManager():
""" Return the nearest acquirable browser id manager.
o Raise SessionDataManagerErr if no browser id manager can be found.
o Permission required: Access session data
"""
def getSessionData(create=1):
""" Return a Session Data Object for the current browser id.
o If there is no current browser id, and create is true,
return a new Session Data Object.
o If there is no current browser id and create is false, returns None.
o Permission required: Access session data
"""
def hasSessionData():
""" Does a Session Data Object exist for the current browser id?
o Do not create a Session Data Object if one does not exist.
o Permission required: Access session data
"""
def getSessionDataByKey(key):
""" Return a Session Data Object associated with 'key'.
o If there is no Session Data Object associated with 'key',
return None.
o Permission required: Access arbitrary user session data
"""
class SessionDataManagerErr(ValueError):
""" Error raised during some session data manager operations
o See ISesseionDataManager.
o This exception may be caught in PythonScripts. A successful
import of the exception for PythonScript use would need to be::
from Products.Sessions.interfaces import SessionDataManagerErr
"""
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7