121 for principal_id in principal_ids.copy(): |
121 for principal_id in principal_ids.copy(): |
122 if IPrincipalInfo.providedBy(principal_id): |
122 if IPrincipalInfo.providedBy(principal_id): |
123 principal_id = principal_id.id |
123 principal_id = principal_id.id |
124 if principal_id in role_principals: |
124 if principal_id in role_principals: |
125 principal_roles = self._roles_by_principal.get(principal_id) or set() |
125 principal_roles = self._roles_by_principal.get(principal_id) or set() |
126 role_principals.remove(principal_id) |
126 if principal_id in role_principals: |
127 principal_roles.remove(role_id) |
127 role_principals.remove(principal_id) |
|
128 if role_id in principal_roles: |
|
129 principal_roles.remove(role_id) |
128 if principal_roles: |
130 if principal_roles: |
129 self._roles_by_principal[principal_id] = principal_roles |
131 self._roles_by_principal[principal_id] = principal_roles |
130 else: |
132 elif principal_id in self._roles_by_principal: |
131 del self._roles_by_principal[principal_id] |
133 del self._roles_by_principal[principal_id] |
132 if role_principals: |
134 if role_principals: |
133 self._principals_by_role[role_id] = role_principals |
135 self._principals_by_role[role_id] = role_principals |
134 else: |
136 elif role_id in self._principals_by_role: |
135 del self._principals_by_role[role_id] |
137 del self._principals_by_role[role_id] |
136 registry.notify(RevokedRoleEvent(self, role_id, principal_id)) |
138 registry.notify(RevokedRoleEvent(self, role_id, principal_id)) |
137 |
139 |
138 def get_principals(self, role_id): |
140 def get_principals(self, role_id): |
139 if IRole.providedBy(role_id): |
141 if IRole.providedBy(role_id): |