Import initial des fichiers de la version 1.5.3 de MoinMoin (mj Etch).

darcs-hash:20070601130042-68412-6e583291d0079b28e4c0cc18a7c8428051d37cb0.gz
2007-06-01 15:00:42 +02:00 · 2007-06-01 15:00:42 +02:00 · 329eea2862
commit 329eea2862
parent 7d86a17433
4 changed files with 1730 additions and 1165 deletions
--- a/wiki/wikiacl.py
+++ b/wiki/wikiacl.py
@ -8,13 +8,7 @@
 """

 import re
-from MoinMoin import user, search
-
-#### HACK SAUVAGE 1/4
-import sys
-sys.path.append('/usr/scripts/gestion/')
-from iptools import is_crans
-#### FIN DU HACK 1/4
+from MoinMoin import user

 class AccessControlList:
    ''' Access Control List
@ -93,10 +87,6 @@ class AccessControlList:

   Configuration options
   
-       cfg.acl_enabled
-           If true will enable ACL support.
-           Default: 0
-
       cfg.acl_rights_default
           It is is ONLY used when no other ACLs are given.
           Default: "Known:read,write,delete All:read,write",
@ -117,10 +107,7 @@ class AccessControlList:
           Default: ["read", "write", "delete", "admin"]
    '''

-    #special_users = ["All", "Known", "Trusted"]
-    #### HACK SAUVAGE 2/4
-    special_users = ["All", "Known", "Trusted", "Conf"]
-    #### FIN DU HACK 2/4
+    special_users = ["All", "Known", "Trusted"] # order is important

    def __init__(self, request, lines=[]):
        """Initialize an ACL, starting from <nothing>.
@ -159,7 +146,6 @@ class AccessControlList:
        @param aclstring: acl string from page or cfg
        @param remember: should add the line to self.acl_lines
        """
-        # FIXME: should compile this once and cache (in cfg?)
        group_re = re.compile(cfg.page_group_regex)

        # Remember lines
@ -195,17 +181,6 @@ class AccessControlList:
        """May <name> <dowhat>?
           Returns boolean answer.
        """
-        if not request.cfg.acl_enabled:
-            # everybody may read and write:
-            if dowhat in ["read", "write",]:
-                return 1
-            # only known users may do some more dangerous things:
-            if request.user.valid:
-                if dowhat in ["delete", "revert",]:
-                    return 1
-            # in any other case, we better disallow it:
-            return 0
-        
        is_group_member = request.dicts.has_member

        allowed = None
@ -213,8 +188,16 @@ class AccessControlList:
            if entry in self.special_users:
                handler = getattr(self, "_special_"+entry, None)
                allowed = handler(request, name, dowhat, rightsdict)
-            elif self._is_group.get(entry) and is_group_member(entry, name):
-                allowed = rightsdict.get(dowhat)
+            elif self._is_group.get(entry):
+                if is_group_member(entry, name):
+                    allowed = rightsdict.get(dowhat)
+                else:
+                    for special in self.special_users:
+                        if is_group_member(entry, special):
+                            handler = getattr(self, "_special_"+ special, None)
+                            allowed = handler(request, name,
+                                              dowhat, rightsdict)
+                            break # order of self.special_users is important
            elif entry == name:
                allowed = rightsdict.get(dowhat)
            if allowed is not None:
@ -226,8 +209,6 @@ class AccessControlList:
        return ''.join(["%s%s%s" % (b,l,e) for l in self.acl_lines])

    def _special_All(self, request, name, dowhat, rightsdict):
-        if dowhat == "read" and self.is_page_public(request):
-            return True
        return rightsdict.get(dowhat)

    def _special_Known(self, request, name, dowhat, rightsdict):
@ -238,11 +219,6 @@ class AccessControlList:
        if user.getUserId(request, name): # is a user with this name known?
            return rightsdict.get(dowhat)
        return None
-    
-    #### HACK SAUVAGE 3/4
-    def _special_Conf(self, request, name, dowhat, rightsdict):
-        return request.cfg.acl_request(self, request, name, dowhat, rightsdict)
-    #### FIN Du HACK 3/4

    def _special_Trusted(self, request, name, dowhat, rightsdict):
        """ check if user <name> is known AND even has logged in using a password.
@ -257,22 +233,6 @@ class AccessControlList:
        return self.acl_lines == other.acl_lines
    def __ne__(self, other):
        return self.acl_lines != other.acl_lines
-    
-    #### HACK SAUVAGE 4/4
-    def is_page_public(self,request):
-        ## On recherche si la page est publique
-        if not request.page:
-            return False
-        this_page = request.page.page_name
-        query = search.QueryParser().parse_query(u'CatégoriePagePublique')
-        page = search.Page(request, this_page)
-        result = query.search(page)
-        if result:
-            return True
-        else:
-            return False
-    #### FIN DU HACK 4/4
-


 class ACLStringIterator:
@ -291,7 +251,7 @@ class ACLStringIterator:
        """ Initialize acl iterator

        @param rights: the acl rights to consider when parsing
-        @param aclstirng: string to parse
+        @param aclstring: string to parse
        """
        self.rights = rights
        self.rest = aclstring.strip()
@ -331,7 +291,6 @@ class ACLStringIterator:
        else:
            # Get entries
            try:
-                # XXX TODO disallow : and , in usernames
                entries, self.rest = self.rest.split(':', 1)
            except ValueError:
                self.finished = 1
@ -360,9 +319,6 @@ def parseACL(request, body):

    Use ACL object may(request, dowhat) to get acl rights.
    """
-    if not request.cfg.acl_enabled:
-        return AccessControlList(request)
-
    acl_lines = []
    while body and body[0] == '#':
        # extract first line