changeset 1276:7c29a18a7e26

more memory efficient and faster ACL processing, do not have before/after/default acl in ACL object, but only once in cfg
author Thomas Waldmann <tw AT waldmann-edv DOT de>
date Tue, 15 Aug 2006 11:20:21 +0200
parents a9b155a92bc2
children ed68b5d6f47e
files MoinMoin/Page.py MoinMoin/_tests/test_security.py MoinMoin/config/multiconfig.py MoinMoin/security/__init__.py
diffstat 4 files changed, 47 insertions(+), 51 deletions(-) [+]
line wrap: on
line diff
--- a/MoinMoin/Page.py	Mon Aug 14 18:04:10 2006 +0200
+++ b/MoinMoin/Page.py	Tue Aug 15 11:20:21 2006 +0200
@@ -1649,7 +1649,7 @@
         try:
             lastRevision = self.getRevList()[0]
         except IndexError:
-            return security.AccessControlList(self.request)
+            return security.AccessControlList(self.request.cfg)
         body = Page(self.request, self.page_name,
                     rev=lastRevision).get_raw_body()
         return security.parseACL(self.request, body)
--- a/MoinMoin/_tests/test_security.py	Mon Aug 14 18:04:10 2006 +0200
+++ b/MoinMoin/_tests/test_security.py	Tue Aug 15 11:20:21 2006 +0200
@@ -204,7 +204,7 @@
             "BadGuy:  "
             "All:read  "
             ]
-        acl = security.AccessControlList(self.request, acl_rights)
+        acl = security.AccessControlList(self.request.cfg, acl_rights)
 
         # Should apply these rights:
         users = (
--- a/MoinMoin/config/multiconfig.py	Mon Aug 14 18:04:10 2006 +0200
+++ b/MoinMoin/config/multiconfig.py	Tue Aug 15 11:20:21 2006 +0200
@@ -15,6 +15,7 @@
 from MoinMoin import error, util, wikiutil
 import MoinMoin.auth as authmodule
 from MoinMoin.packages import packLine
+from MoinMoin.security import AccessControlList
 
 _url_re_cache = None
 _farmconfig_mtime = None
@@ -557,6 +558,10 @@
         # Cache variables for the properties below
         self._iwid = self._iwid_full = self._meta_dict = None
 
+        self._acl_rights_before = AccessControlList(self, [self.acl_rights_before])
+        self._acl_rights_default = AccessControlList(self, [self.acl_rights_default])
+        self._acl_rights_after = AccessControlList(self, [self.acl_rights_after])
+
     def load_meta_dict(self):
         """ The meta_dict contains meta data about the wiki instance. """
         if getattr(self, "_meta_dict", None) is None:
--- a/MoinMoin/security/__init__.py	Mon Aug 14 18:04:10 2006 +0200
+++ b/MoinMoin/security/__init__.py	Tue Aug 15 11:20:21 2006 +0200
@@ -169,38 +169,23 @@
 
     special_users = ["All", "Known", "Trusted"] # order is important
 
-    def __init__(self, request, lines=[]):
+    def __init__(self, cfg, lines=[]):
         """Initialize an ACL, starting from <nothing>.
         """
-        self.setLines(request.cfg, lines)
-
-    def setLines(self, cfg, lines=[]):
-        self.clean()
-        self.addBefore(cfg)
-        if not lines:
-            self.addDefault(cfg)
+        self._is_group = {}
+        if lines:
+            self.acl = [] # [ ('User', {"read": 0, ...}), ... ]
+            self.acl_lines = []
+            for line in lines:
+                self._addLine(cfg, line)
         else:
-            for line in lines:
-                self.addLine(cfg, line)
-        self.addAfter(cfg)
+            self.acl = None
+            self.acl_lines = None
 
-    def clean(self):
-        self.acl = [] # [ ('User', {"read": 0, ...}), ... ]
-        self.acl_lines = []
-        self._is_group = {}
-
-    def addBefore(self, cfg):
-        self.addLine(cfg, cfg.acl_rights_before, remember=0)
-    def addDefault(self, cfg):
-        self.addLine(cfg, cfg.acl_rights_default, remember=0)
-    def addAfter(self, cfg):
-        self.addLine(cfg, cfg.acl_rights_after, remember=0)
-
-    def addLine(self, cfg, aclstring, remember=1):
+    def _addLine(self, cfg, aclstring, remember=1):
         """ Add another ACL line
 
-        This can be used in multiple subsequent calls to process longer
-        lists.
+        This can be used in multiple subsequent calls to process longer lists.
 
         @param cfg: current config
         @param aclstring: acl string from page or cfg
@@ -216,26 +201,25 @@
         acliter = ACLStringIterator(cfg.acl_rights_valid, aclstring)
         for modifier, entries, rights in acliter:
             if entries == ['Default']:
-                self.addDefault(cfg)
-                continue
-
-            for entry in entries:
-                if group_re.search(entry):
-                    self._is_group[entry] = 1
-                rightsdict = {}
-                if modifier:
-                    # Only user rights are added to the right dict.
-                    # + add rights with value of 1
-                    # - add right with value of 0
-                    for right in rights:
-                        rightsdict[right] = (modifier == '+')
-                else:
-                    # All rights from acl_rights_valid are added to the
-                    # dict, user rights with value of 1, and other with
-                    # value of 0
-                    for right in cfg.acl_rights_valid:
-                        rightsdict[right] = (right in rights)
-                self.acl.append((entry, rightsdict))
+                self._addLine(cfg, cfg.acl_rights_default, remember=0)
+            else:
+                for entry in entries:
+                    if group_re.search(entry):
+                        self._is_group[entry] = 1
+                    rightsdict = {}
+                    if modifier:
+                        # Only user rights are added to the right dict.
+                        # + add rights with value of 1
+                        # - add right with value of 0
+                        for right in rights:
+                            rightsdict[right] = (modifier == '+')
+                    else:
+                        # All rights from acl_rights_valid are added to the
+                        # dict, user rights with value of 1, and other with
+                        # value of 0
+                        for right in cfg.acl_rights_valid:
+                            rightsdict[right] = (right in rights)
+                    self.acl.append((entry, rightsdict))
 
     def may(self, request, name, dowhat):
         """May <name> <dowhat>?
@@ -243,8 +227,10 @@
         """
         is_group_member = request.dicts.has_member
 
+        acl_page = self.acl or request.cfg._acl_rights_default.acl
+        acl = request.cfg._acl_rights_before.acl + acl_page + request.cfg._acl_rights_after.acl
         allowed = None
-        for entry, rightsdict in self.acl:
+        for entry, rightsdict in acl:
             if entry in self.special_users:
                 handler = getattr(self, "_special_"+entry, None)
                 allowed = handler(request, name, dowhat, rightsdict)
@@ -266,7 +252,11 @@
 
     def getString(self, b='#acl ', e='\n'):
         """print the acl strings we were fed with"""
-        return ''.join(["%s%s%s" % (b, l, e) for l in self.acl_lines])
+        if self.acl_lines:
+            acl_lines = ''.join(["%s%s%s" % (b, l, e) for l in self.acl_lines])
+        else:
+            acl_lines = ''
+        return acl_lines
 
     def _special_All(self, request, name, dowhat, rightsdict):
         return rightsdict.get(dowhat)
@@ -291,6 +281,7 @@
 
     def __eq__(self, other):
         return self.acl_lines == other.acl_lines
+
     def __ne__(self, other):
         return self.acl_lines != other.acl_lines
 
@@ -403,5 +394,5 @@
             else:
                 args = ""
             acl_lines.append(args)
-    return AccessControlList(request, acl_lines)
+    return AccessControlList(request.cfg, acl_lines)