Navigation

← Previous Changeset
Next Changeset →

Changeset 46

Timestamp:

08/26/06 11:31:42 (2 years ago)

Author:

johnbywater

Message:

Rewrote personalGrants/Bars methods in the new fast way.
Added lazy loading of the permission object, to optimise performance.

access controller now works very fast

Files:

trunk/src/dm/accesscontrol.py (modified) (3 diffs)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

trunk/src/dm/accesscontrol.py

r45	r46
13	13	def __init__(self):
14	14	self.visitor = None
	15	self.permissionObject = None
15	16
16	17	def getVisitor(self):
…	…
63	64	raise Exception(message)
64	65
	66	def getPermissionObject(self):
	67	if self.permissionObject == None:
	68	permission = self.protectionObject.permissions[self.action]
	69	self.permissionObject = permission
	70	return self.permissionObject
	71
65	72	def isRoleAuthorised(self, role):
66		permission = self.~~protectionObject.permissions[self.action]~~
	73	permission = self.getPermissionObject()
67	74	if role in permission.grants:
68	75	if self.debug:
69		msg = "Access by role authorised: '%s' to '%s' with '%s'." % (role.name, self.actionName, self.protectedObject)
	76	msg = "Access by role authorised: '%s' to '%s' with '%s'." % (
	77	role.name, self.actionName, self.protectedObject
	78	)
70	79	self.logger.debug(msg)
71	80	return True
72	81	else:
73	82	if self.debug:
74		msg = "Access by role not authorised: '%s' to '%s' with '%s'." % (role.name, self.actionName, self.protectedObject)
	83	msg = "Access by role not authorised: '%s' to '%s' with '%s'."%(
	84	role.name, self.actionName, self.protectedObject
	85	)
75	86	self.logger.debug(msg)
76	87	return False
77
78		~~def ____isRoleAuthorised(self, role):~~
79		~~for grant in role.grants:~~
80		~~permission = grant.permission~~
81		~~if permission.action == self.action:~~
82		~~protectionObject = permission.protectionObject~~
83		~~if protectionObject.isProtector(self.protectedObject):~~
84		~~if self.debug:~~
85		~~msg = "Access by role authorised: '%s' to '%s' with '%s'." % (role.name, self.actionName, self.protectedObject)~~
86		~~self.logger.debug(msg)~~
87		~~return True~~
88		~~return False~~
89	88
90	89	def makeProtectedNames(self):
…	…
114	113
115	114	def hasAuthorisedRole(self):
	115	if self.isPersonBarred():
	116	return False
116	117	if self.isSystemRoleAuthorised():
117	118	return True
118		#if self.isPersonAuthorised():
119		# return True
120		#if self.isPersonBarred():
121		# return False
	119	if self.isPersonAuthorised():
	120	return True
122	121	return False
123	122
124	123	def isPersonBarred(self):
125		for bar in self.person.bars:
126		permission = bar.permission
127		if permission.action == self.action:
128		protectionObject = permission.protectionObject
129		if protectionObject.isProtector(self.protectedObject):
130		if self.debug:
131		msg = "Access by person barred: '%s' to '%s' with '%s'." % (self.person.name, self.actionName, self.protectedObject)
132		self.logger.debug(msg)
133		return True
134		return False
	124	permission = self.getPermissionObject()
	125	if self.person in permission.personalBars:
	126	if self.debug:
	127	msg = "Access personal barred: '%s' to '%s' with '%s'." % (
	128	self.person.name, self.actionName, self.protectedObject
	129	)
	130	self.logger.debug(msg)
	131	return True
	132	else:
	133	if self.debug:
	134	msg = "Access personal not barred: '%s' to '%s' with '%s'." %(
	135	self.person.name, self.actionName, self.protectedObject
	136	)
	137	self.logger.debug(msg)
	138	return False
135	139
136	140	def isPersonAuthorised(self):
137		for grant in self.person.grants:
138		permission = grant.permission
139		if permission.action == self.action:
140		protectionObject = permission.protectionObject
141		if protectionObject.isProtector(self.protectedObject):
142		if self.debug:
143		msg = "Access by person authorised: '%s' to '%s' with '%s'." % (self.person.name, self.actionName, self.protectedObject)
144		self.logger.debug(msg)
145		return True
146		return False
147
	141	permission = self.getPermissionObject()
	142	if self.person in permission.personalGrants:
	143	if self.debug:
	144	msg = "Access personal authorised: '%s' to '%s' with '%s'." %(
	145	self.person.name, self.actionName, self.protectedObject
	146	)
	147	self.logger.debug(msg)
	148	return True
	149	else:
	150	if self.debug:
	151	msg = "Access personal not auth'd: '%s' to '%s' with '%s'." % (
	152	self.person.name, self.actionName, self.protectedObject
	153	)
	154	self.logger.debug(msg)
	155	return False
	156
148	157	def isSystemRoleAuthorised(self):
149	158	systemRole = self.getSystemRole()
150	159	if self.isRoleAuthorised(systemRole):
	160	if self.debug:
	161	msg = "Access system authorised: '%s' to '%s' with '%s'." %(
	162	self.person.name, self.actionName, self.protectedObject
	163	)
	164	self.logger.debug(msg)
151	165	return True
152		return False
	166	else:
	167	if self.debug:
	168	msg = "Access system not authorised: '%s' to '%s' with '%s'." %(
	169	self.person.name, self.actionName, self.protectedObject
	170	)
	171	self.logger.debug(msg)
	172	return False
153	173
154	174	def getSystemRole(self):

Navigation

Changeset 46

Legend:

trunk/src/dm/accesscontrol.py

Download in other formats: