Commit d2e2d15d authored by Tatuya Kamada's avatar Tatuya Kamada

Fix a issue that BusinessTemplate unexpectedly removes the skins of another...

Fix a issue that BusinessTemplate unexpectedly removes the skins of another skin folder when upgrading. To fix the issue, (un)restrectedTraverse calling are replaced with the new method, (un)restrictedResolveValue.


git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@36841 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent e8d9c6b0
...@@ -32,7 +32,7 @@ from Shared.DC.ZRDB.Connection import Connection as RDBConnection ...@@ -32,7 +32,7 @@ from Shared.DC.ZRDB.Connection import Connection as RDBConnection
from Products.ERP5Type.DiffUtils import DiffFile from Products.ERP5Type.DiffUtils import DiffFile
from Products.ERP5Type.Globals import Persistent, PersistentMapping from Products.ERP5Type.Globals import Persistent, PersistentMapping
from Acquisition import Implicit, aq_base, aq_inner, aq_parent from Acquisition import Implicit, aq_base, aq_inner, aq_parent
from AccessControl import ClassSecurityInfo from AccessControl import ClassSecurityInfo, Unauthorized, getSecurityManager
from Products.CMFCore.utils import getToolByName from Products.CMFCore.utils import getToolByName
from Products.ERP5Type.Accessor.Constant import PropertyGetter as ConstantGetter from Products.ERP5Type.Accessor.Constant import PropertyGetter as ConstantGetter
from Products.ERP5Type.Base import WorkflowMethod, _aq_reset from Products.ERP5Type.Base import WorkflowMethod, _aq_reset
...@@ -613,6 +613,71 @@ class BaseTemplateItem(Implicit, Persistent): ...@@ -613,6 +613,71 @@ class BaseTemplateItem(Implicit, Persistent):
""" """
return self.__class__.__name__[:-12] return self.__class__.__name__[:-12]
def restrictedResolveValue(self, context=None, relative_url=None, default=None):
"""
Get the value with checking the security.
This method does not acquire the parent.
"""
def restrictedGetOb(container, key, default):
validate = getSecurityManager().validate
obj = container._getOb(key, None)
if obj is not None:
try:
if not validate(container, container, key, obj):
raise Unauthorized('unauthorized access to element %s' % key)
except Unauthorized:
# if user can't access object try to return default passed
if default is not None:
return default
else:
raise
return obj
return self._resolveValue(context, relative_url, default, getOb=restrictedGetOb)
def unrestrictedResolveValue(self, context=None, relative_url=None, default=None):
"""
Get the value without checking the security.
This method does not acquire the parent.
"""
def unrestrictedGetOb(container, key, default):
return container._getOb(key, None)
return self._resolveValue(context, relative_url, default, getOb=unrestrictedGetOb)
def _resolveValue(self, context, relative_url, default, getOb=None):
"""
Resolve the value without acquire the parent.
"""
if isinstance(relative_url, basestring):
stack = relative_url.split('/')
else:
stack = list(relative_url)
stack.reverse()
value = None
if stack:
portal = aq_inner(self.getPortalObject())
# It can be passed with the context, so at first, searching from the context.
if context is None:
container = portal
else:
container = context
key = stack.pop()
value = getOb(container, key, default)
# resolve the value from top to down
while value is not None and stack:
key = stack.pop()
value = value._getOb(key, default)
else:
# When relative_url is empty, returns the context
return context
if value is None:
LOG('BusinessTemplate', WARNING,
'Could not access object %s' % relative_url)
return value
class ObjectTemplateItem(BaseTemplateItem): class ObjectTemplateItem(BaseTemplateItem):
""" """
This class is used for generic objects and as a subclass. This class is used for generic objects and as a subclass.
...@@ -933,7 +998,7 @@ class ObjectTemplateItem(BaseTemplateItem): ...@@ -933,7 +998,7 @@ class ObjectTemplateItem(BaseTemplateItem):
container_path = path_list[:-1] container_path = path_list[:-1]
object_id = path_list[-1] object_id = path_list[-1]
try: try:
container = portal.unrestrictedTraverse(container_path) container = self.unrestrictedResolveValue(portal, container_path)
except KeyError: except KeyError:
# parent object can be set to nothing, in this case just go on # parent object can be set to nothing, in this case just go on
container_url = '/'.join(container_path) container_url = '/'.join(container_path)
...@@ -1162,7 +1227,7 @@ class ObjectTemplateItem(BaseTemplateItem): ...@@ -1162,7 +1227,7 @@ class ObjectTemplateItem(BaseTemplateItem):
if recursive_path in update_dict: if recursive_path in update_dict:
action = update_dict[recursive_path] action = update_dict[recursive_path]
if action in ('remove', 'save_and_remove'): if action in ('remove', 'save_and_remove'):
document = portal.restrictedTraverse(recursive_path, None) document = self.restrictedResolveValue(portal, recursive_path, None)
if document is None: if document is None:
# It happens if the parent of target path is removed before # It happens if the parent of target path is removed before
continue continue
...@@ -1212,7 +1277,7 @@ class ObjectTemplateItem(BaseTemplateItem): ...@@ -1212,7 +1277,7 @@ class ObjectTemplateItem(BaseTemplateItem):
container_path = relative_url.split('/')[0:-1] container_path = relative_url.split('/')[0:-1]
object_id = relative_url.split('/')[-1] object_id = relative_url.split('/')[-1]
try: try:
container = portal.unrestrictedTraverse(container_path) container = self.unrestrictedResolveValue(portal, container_path)
object = container._getOb(object_id) # We force access to the object to be sure object = container._getOb(object_id) # We force access to the object to be sure
# that appropriate exception is thrown # that appropriate exception is thrown
# in case object is already backup and/or removed # in case object is already backup and/or removed
...@@ -1270,7 +1335,7 @@ class PathTemplateItem(ObjectTemplateItem): ...@@ -1270,7 +1335,7 @@ class PathTemplateItem(ObjectTemplateItem):
try: try:
container_path = relative_url.split('/')[0:-1] container_path = relative_url.split('/')[0:-1]
object_id = relative_url.split('/')[-1] object_id = relative_url.split('/')[-1]
container = portal.unrestrictedTraverse(container_path) container = self.unrestrictedResolveValue(portal, container_path)
if trash and trashbin is not None: if trash and trashbin is not None:
self.portal_trash.backupObject(trashbin, container_path, self.portal_trash.backupObject(trashbin, container_path,
object_id, save=1, object_id, save=1,
...@@ -1757,7 +1822,7 @@ class WorkflowTemplateItem(ObjectTemplateItem): ...@@ -1757,7 +1822,7 @@ class WorkflowTemplateItem(ObjectTemplateItem):
container_path = path.split('/')[:-1] container_path = path.split('/')[:-1]
object_id = path.split('/')[-1] object_id = path.split('/')[-1]
try: try:
container = portal.unrestrictedTraverse(container_path) container = self.unrestrictedResolveValue(portal, container_path)
except KeyError: except KeyError:
# parent object can be set to nothing, in this case just go on # parent object can be set to nothing, in this case just go on
container_url = '/'.join(container_path) container_url = '/'.join(container_path)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment