Commit 9275c91f authored by Rafael Monnerat's avatar Rafael Monnerat

Expect only a part of path only, and all possible variables should be configured at /etc/erp5.cfg.




git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@28832 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent cba17432
...@@ -243,7 +243,7 @@ class IntrospectionTool(LogMixin, BaseTool): ...@@ -243,7 +243,7 @@ class IntrospectionTool(LogMixin, BaseTool):
return getConfiguration().softwarehome return getConfiguration().softwarehome
security.declareProtected(Permissions.ManagePortal, 'setSoftwareHome') security.declareProtected(Permissions.ManagePortal, 'setSoftwareHome')
def setSoftwareHome(self, path): def setSoftwareHome(self, relative_path):
""" """
EXPERIMENTAL - DEVELOPMENT EXPERIMENTAL - DEVELOPMENT
...@@ -258,6 +258,8 @@ class IntrospectionTool(LogMixin, BaseTool): ...@@ -258,6 +258,8 @@ class IntrospectionTool(LogMixin, BaseTool):
""" """
config = self._loadExternalConfig() config = self._loadExternalConfig()
allowed_path_list = config.get("main", "zopehome").split("\n") allowed_path_list = config.get("main", "zopehome").split("\n")
base_zope_path = config.get("base", "base_zope_path").split("\n")
path = "%s/%s/lib/python" % (base_zope_path,relative_path)
if path not in allowed_path_list: if path not in allowed_path_list:
raise Unauthorized("You are setting one Unauthorized path as Zope Home.") raise Unauthorized("You are setting one Unauthorized path as Zope Home.")
...@@ -338,7 +340,7 @@ class IntrospectionTool(LogMixin, BaseTool): ...@@ -338,7 +340,7 @@ class IntrospectionTool(LogMixin, BaseTool):
return getConfiguration().products return getConfiguration().products
security.declareProtected(Permissions.ManagePortal, 'setProductPathList') security.declareProtected(Permissions.ManagePortal, 'setProductPathList')
def setProductPathList(self, path_list): def setProductPath(self, relative_path):
""" """
Set the value of SOFTWARE_HOME for zopectl startup script Set the value of SOFTWARE_HOME for zopectl startup script
or from zope.conf (whichever is most relevant) or from zope.conf (whichever is most relevant)
...@@ -346,13 +348,18 @@ class IntrospectionTool(LogMixin, BaseTool): ...@@ -346,13 +348,18 @@ class IntrospectionTool(LogMixin, BaseTool):
Rationale: multiple versions of Products can be present Rationale: multiple versions of Products can be present
on the same system on the same system
relative_path is usually defined by a number of release
(ex. 5.4.2)
WARNING: the list of possible path should be protected WARNING: the list of possible path should be protected
if possible (ex. /etc/erp5/product) if possible (ex. /etc/erp5/product)
""" """
config = self._loadExternalConfig() config = self._loadExternalConfig()
allowed_path_list = config.get("main", "products").split("\n") allowed_path_list = config.get("main", "products").split("\n")
base_product_path = config.get("base", "base_product_path").split("\n")
path = base_product_path + relative_path
for path in path_list:
if path not in allowed_path_list: if path not in allowed_path_list:
raise Unauthorized("You are setting one Unauthorized path as Product Path.") raise Unauthorized("You are setting one Unauthorized path as Product Path.")
...@@ -360,12 +367,12 @@ class IntrospectionTool(LogMixin, BaseTool): ...@@ -360,12 +367,12 @@ class IntrospectionTool(LogMixin, BaseTool):
new_file_list = [] new_file_list = []
for line in config_file: for line in config_file:
new_line = line new_line = line
if line.strip(" ").startswith("products"): if line.strip(" ").startswith("products %s" % (base_product_path)):
# Only comment the line, so it can easily reverted # Only comment the line, so it can easily reverted
new_line = "#%s" % ( line) new_line = "#%s" % (line)
new_file_list.append(new_line) # Append the new line.
for path in path_list:
new_file_list.append("products %s\n" % (path)) new_file_list.append("products %s\n" % (path))
new_file_list.append(new_line)
config_file.close() config_file.close()
# reopen file for write # reopen file for write
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment