Commit c3c81b44 authored by Yoshinori Okuji's avatar Yoshinori Okuji

Rewrite (un)restrictedResolveValue, because the exception handling was very...

Rewrite (un)restrictedResolveValue, because the exception handling was very buggy, and it was easier to rewrite code than to band-aid the code.

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@37831 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent 13752de1
...@@ -613,83 +613,62 @@ class BaseTemplateItem(Implicit, Persistent): ...@@ -613,83 +613,62 @@ class BaseTemplateItem(Implicit, Persistent):
""" """
return self.__class__.__name__[:-12] return self.__class__.__name__[:-12]
def restrictedResolveValue(self, context=None, path=None, default=_MARKER): def restrictedResolveValue(self, context=None, path='', default=_MARKER):
""" """
Get the value with checking the security. Get the value with checking the security.
This method does not acquire the parent. This method does not acquire the parent.
""" """
def restrictedGetItem(container, key, default): return self.unrestrictedResolveValue(context, path, default=default,
validate = getSecurityManager().validate restricted=1)
try:
value = container[key]
except KeyError:
if default is not _MARKER:
return default
return None
if value is not None:
try:
if not validate(container, container, key, value):
raise Unauthorized('unauthorized access to element %s' % key)
except Unauthorized:
# if user can't access object try to return default passed
if default is not _MARKER:
return default
raise
return value
return self._resolveValue(context, path, default, getItem=restrictedGetItem)
def unrestrictedResolveValue(self, context=None, path=None, default=_MARKER): def unrestrictedResolveValue(self, context=None, path='', default=_MARKER,
restricted=0):
""" """
Get the value without checking the security. Get the value without checking the security.
This method does not acquire the parent. This method does not acquire the parent.
""" """
def unrestrictedGetItem(container, key, default):
try:
return container[key]
except KeyError:
if default is not _MARKER:
return default
else:
return None
return self._resolveValue(context, path, default, getItem=unrestrictedGetItem)
def _resolveValue(self, context, path, default=_MARKER, getItem=None):
"""
Resolve the value without acquire the parent.
"""
if isinstance(path, basestring): if isinstance(path, basestring):
stack = path.split('/') stack = path.split('/')
else: else:
stack = list(path) stack = list(path)
stack.reverse() stack.reverse()
value = None
if stack: if stack:
portal = aq_inner(self.getPortalObject())
# It can be passed with the context, so at first, searching from the context.
if context is None: if context is None:
portal = aq_inner(self.getPortalObject())
container = portal container = portal
else: else:
container = context container = context
key = stack.pop()
value = getItem(container, key, default)
# resolve the value from top to down if restricted:
while value is not None and stack: validate = getSecurityManager().validate
while stack:
key = stack.pop() key = stack.pop()
value = getItem(value, key, default) try:
else: value = container[key]
# When relative_url is empty, returns the context except KeyError:
return context LOG('BusinessTemplate', WARNING,
'Could not access object %s' % (path,))
if default is _MARKER:
raise
return default
if value is None: if restricted:
try:
if not validate(container, container, key, value):
raise Unauthorized('unauthorized access to element %s' % key)
except Unauthorized:
LOG('BusinessTemplate', WARNING, LOG('BusinessTemplate', WARNING,
'Could not access object %s' % path) 'access to %s is forbidden' % (path,))
if default is not _MARKER: if default is _MARKER:
raise
return default return default
else:
raise KeyError
return value
container = value
return value
else:
return context
class ObjectTemplateItem(BaseTemplateItem): class ObjectTemplateItem(BaseTemplateItem):
""" """
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment