# HG changeset patch # User paulb # Date 1095613943 0 # Node ID c198f28d4cc2121818adbc66d749157a6b197762 # Parent ab1a88c314a5e0feccf042d28bee4ccc2df179a0 [project @ 2004-09-19 17:12:23 by paulb] Fixed user support and protection of resources using authenticators. diff -r ab1a88c314a5 -r c198f28d4cc2 WebStack/Adapters/Zope.py --- a/WebStack/Adapters/Zope.py Sun Sep 19 17:12:06 2004 +0000 +++ b/WebStack/Adapters/Zope.py Sun Sep 19 17:12:23 2004 +0000 @@ -15,25 +15,30 @@ "A WebStack adapter product superclass." - security = ClassSecurityInfo() - - def __init__(self, id, resource, authenticator=None): + def __init__(self, id, resource, authenticator=None, permission=None): """ Initialise with an 'id', a WebStack 'resource', and an optional - 'authenticator'. + 'authenticator'. The optional 'permission' is a Zope-related security + identifier. """ self.id = id self.webstack_resource = resource self.webstack_authenticator = authenticator + self.security = ClassSecurityInfo() + + if authenticator is None: + self.security.declarePublic("index_html") + else: + permission = permission or "View" + self.security.declareProtected(permission, "index_html") def __bobo_traverse__(self, request, entry_name): if entry_name == "index_html": return getattr(self, "index_html") return self - security.declarePublic("index_html") def index_html(self, REQUEST=None): """ @@ -49,8 +54,8 @@ if self.webstack_authenticator is None or self.webstack_authenticator.authenticate(trans): self.webstack_resource.respond(trans) else: - trans.set_header_value("WWW-Authenticate", '%s realm="%s"' % ( - self.webstack_authenticator.get_auth_type(), self.webstack_authenticator.get_realm())) + #trans.set_header_value("WWW-Authenticate", '%s realm="%s"' % ( + # self.webstack_authenticator.get_auth_type(), self.webstack_authenticator.get_realm())) raise "Unauthorized" trans.commit()