Commit 81819f22 authored by Julien Muchembled's avatar Julien Muchembled

Allow UnrestrictedMethod to be used as a decorator

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@30329 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent 9cc88da0
......@@ -79,7 +79,6 @@ from Products.CMFActivity.ActiveObject import ActiveObject
from Products.ERP5Type.Accessor.Accessor import Accessor as Method
from Products.ERP5Type.Accessor.TypeDefinition import asDate
from Products.ERP5Type.Message import Message
from Products.ERP5Type.UnrestrictedMethod import UnrestrictedMethod
from zope.interface import classImplementsOnly, implementedBy
......
......@@ -55,10 +55,8 @@ class LocalRoleAssignorMixIn(object):
zope.interface.implements(interfaces.ILocalRoleAssignor)
security.declarePrivate('updateLocalRolesOnObject')
def updateLocalRolesOnDocument(self, *args, **kw):
return UnrestrictedMethod(self._updateLocalRolesOnDocument)(*args, **kw)
def _updateLocalRolesOnDocument(self, ob, user_name=None, reindex=True):
@UnrestrictedMethod
def updateLocalRolesOnDocument(self, ob, user_name=None, reindex=True):
"""
Assign Local Roles to Groups on object 'ob', based on Portal Type Role
Definitions and "ERP5 Role Definition" objects contained inside 'ob'.
......
......@@ -48,13 +48,13 @@ class PrivilegedUser(UnrestrictedUser):
"""Get the ID of the user. This is disabled in UnrestrictedUser."""
return self.getUserName()
class UnrestrictedMethod(object):
"""Callable object that bypasses all security checks.
def UnrestrictedMethod(function):
"""Decorator to bypass all security checks.
This method is dangerous. Never use this, until you are 100% certain
that you have no other way.
When a method is wrapped with an instance of this class, it will behave
When a function is wrapped with this decorator, it will behave
in the same way as before, besides that all security checks pass through.
This is required, for example, for the simulation to expand movements,
regardless of the permissions given to a user.
......@@ -66,10 +66,9 @@ class UnrestrictedMethod(object):
This method is dangerous. Enough said. Be careful.
"""
def __init__(self, method):
self._m = method
return lambda *args, **kw: _unrestricted_apply(function, args, kw)
def __call__(self, *args, **kw):
def _unrestricted_apply(function, args, kw):
security_manager = getSecurityManager()
user = security_manager.getUser()
anonymous = (user.getUserName() == 'Anonymous User')
......@@ -94,8 +93,7 @@ class UnrestrictedMethod(object):
role_list, user.getDomains()).__of__(uf)
newSecurityManager(None, super_user)
try:
return self._m(*args, **kw)
return apply(function, args, kw)
finally:
# Make sure that the original user is back.
setSecurityManager(security_manager)
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment