List Info

Thread: Diff for sample-plugins/permissions/authz_policy.py to support groups
Diff for sample-plugins/permissions/authz_policy. py to support groups
country flaguser name
United States		 2007-12-20 18:32:36 
Guys,
Attached is a diff for
sample-plugins/permissions/authz_policy.py to 
support groups as used in the configured permission
modules.
Basically, I have an ldap server providing groups for a
user.  The 
current authz_policy.py supports a [groups] section within
the authz 
file but it only uses those groups instead of the system
configured ones.

Having never touched Python before, if there is a better
way, please 
correct me.  If not, hopefully this is useful to somebody
else.

Thanks,
Mike...

Synopsis:
Import IPermissionGroupProvider
group_providers = ExtensionPoint(IPermissionGroupProvider)
for provider in self.group_providers:
    valid_users += provider.get_permission_groups(username)


--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the
Google Groups "Trac Development" group.
To post to this group, send email to trac-devgooglegroups.com
To unsubscribe from this group, send email to
trac-dev-unsubscribegooglegroups.com
For more options, visit this group at http://
groups.google.com/group/trac-dev?hl=en
-~----------~----~----~----~------~----~------~--~---


--- authz_policy.py-6367        2007-12-20
19:19:47.000000000 -0500
+++ authz_policy.py     2007-12-20 19:22:22.000000000 -0500
 -124,7
+124,7 
 from trac.core import *
 from trac.config import Option
 from trac.util.compat import set, groupby
-from trac.perm import PermissionSystem, IPermissionPolicy
+from trac.perm import PermissionSystem, IPermissionPolicy,
IPermissionGroupProvider
 from configobj import ConfigObj
 
 
 -138,6
+138,8 
     authz = None
     authz_mtime = None
 
+    group_providers =
ExtensionPoint(IPermissionGroupProvider)
+
     # IPermissionPolicy methods
     
     def check_permission(self, action, username, resource,
perm):
 -207,6
+209,8 
         valid_users = ['*', 'anonymous']
         if username and username != 'anonymous':
             valid_users += ['authenticated', username]
+            for provider in self.group_providers:
+                valid_users +=
provider.get_permission_groups(username)
         for resource_section in [a for a in
self.authz.sections
                                  if a != 'groups']:
             resource_glob = resource_section
[1]

about | contact  Other archives ( Real Estate discussion Medical topics )