[PEAK] peak.security
Phillip J. Eby
pje at telecommunity.com
Fri Dec 5 18:19:51 EST 2003
At 04:30 PM 12/5/03 -0600, darryl wrote:
> From the handy python prompt:
>
> >>> from security_test import *
> >>> myHouse=Building()
> >>> Maniac = Owner()
> >>> myHouse.owner = Maniac
> >>> theInteraction=MyBuildingInteraction(user=Maniac)
> >>>allowed = theInteraction.allows(myHouse,"burnBuilding")
> >>> if allowed:
>.. myHouse.burnBuilding()
>..
>burn baby burn!
>
>
>Am i getting close?
Yes. Except that 'Maniac = Owner()' bit doesn't make sense. You can't
instantiate a permission! (Well, obviously you *can*, so I should fix
that!) Instead, 'Maniac' should be an instance of e.g. an app-specific
'Person' class, just like you have an app-specific 'Building' class.
Apart from that issue, your example has distilled the essence of my
explanation. Oh, and you don't need the MyBuildingInteraction class, since
you didn't change the default permissionProtocol. You could have used
security.Interaction out of the box for this example. Last, but not least,
you could have had the 'checkCanBurn' method return a 'security.Denial()'
so that the app could show a message explaining why non-owners are not
allowed to be arsonists. :)
More information about the PEAK
mailing list