Commit 93a7c56e authored by Ivan Tyagov's avatar Ivan Tyagov

Split force user authentication to a seperate method which can be reused.

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@36530 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent 61ab32d6
...@@ -129,12 +129,9 @@ class PermanentURLMixIn(ExtensibleTraversableMixIn): ...@@ -129,12 +129,9 @@ class PermanentURLMixIn(ExtensibleTraversableMixIn):
# Declarative security # Declarative security
security = ClassSecurityInfo() security = ClassSecurityInfo()
### Extensible content def _forceIdentification(self, request):
def _getExtensibleContent(self, request, name): # force identification (usable for extensible content)
# Permanent URL traversal
# First we must get the logged user by forcing identification
cache = getReadOnlyTransactionCache(self) cache = getReadOnlyTransactionCache(self)
# LOG('getReadOnlyTransactionCache', 0, repr(cache)) # Currently, it is always None
if cache is not None: if cache is not None:
key = ('__bobo_traverse__', self, 'user') key = ('__bobo_traverse__', self, 'user')
try: try:
...@@ -180,14 +177,23 @@ class PermanentURLMixIn(ExtensibleTraversableMixIn): ...@@ -180,14 +177,23 @@ class PermanentURLMixIn(ExtensibleTraversableMixIn):
# do not try to change SecurityManager # do not try to change SecurityManager
if cache is not None: if cache is not None:
cache[key] = user cache[key] = user
old_manager = None
if user is not None: if user is not None:
# We need to perform identification # We need to perform identification
old_manager = getSecurityManager() old_manager = getSecurityManager()
newSecurityManager(get_request(), user) newSecurityManager(get_request(), user)
return old_manager, user
### Extensible content
def _getExtensibleContent(self, request, name):
# Permanent URL traversal
old_manager, user = self._forceIdentification(request)
# Next get the document per name # Next get the document per name
portal = self.getPortalObject() portal = self.getPortalObject()
document = self.getDocumentValue(name=name, portal=portal) document = self.getDocumentValue(name=name, portal=portal)
# Last, cleanup everything # restore original security context if there's a logged in user
if user is not None: if user is not None:
setSecurityManager(old_manager) setSecurityManager(old_manager)
if document is not None: if document is not None:
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment