zope.security provides a ZCML file that configures some utilities and a couple of permissions:
>>> from zope.component import getGlobalSiteManager
>>> from zope.configuration.xmlconfig import XMLConfig
>>> import zope.security
>>> XMLConfig('permissions.zcml', zope.security)()
>>> len(list(getGlobalSiteManager().registeredUtilities()))
7
Clear the current state:
>>> from zope.component.testing import setUp, tearDown
>>> tearDown()
>>> setUp()
>>> XMLConfig('configure.zcml', zope.security)()
>>> len(list(getGlobalSiteManager().registeredUtilities()))
10
This field describes a permission.
Let’s look at an example:
>>> from zope.security.zcml import Permission
>>> class FauxContext(object):
... permission_mapping = {'zope.ManageCode':'zope.private'}
... _actions = []
... def action(self, **kws):
... self._actions.append(kws)
>>> context = FauxContext()
>>> field = Permission().bind(context)
Let’s test the fromUnicode method:
>>> field.fromUnicode(u'zope.foo')
'zope.foo'
>>> field.fromUnicode(u'zope.ManageCode')
'zope.private'
Now let’s see whether validation works alright
>>> field._validate('zope.ManageCode')
>>> context._actions[0]['args']
(None, 'zope.foo')
>>> field._validate('3 foo')
Traceback (most recent call last):
...
InvalidId: 3 foo
zope.Public is always valid
>>> field._validate('zope.Public')
Defines the security policy that will be used for Zope.
Component
Pointer to the object that will handle the security.
Define a new security object.
Id
Id as which this object will be known and used.
Title
Provides a title for the object.
Description
Provides a description for the object.