Commit 1cfc0ad4 authored by Vincent Pelletier's avatar Vincent Pelletier

Products.ERP5Security._setUserNameForAccessLog: Do nothing on Zope4

The way Zope4 logs the authenticated user is radically different from
Zope2, and makes this function useless.
So, unless when running on Zope2, do nothing when this function is called.
parent 86582f1f
...@@ -24,6 +24,7 @@ from Acquisition import aq_inner, aq_parent ...@@ -24,6 +24,7 @@ from Acquisition import aq_inner, aq_parent
from AccessControl.Permissions import manage_users as ManageUsers from AccessControl.Permissions import manage_users as ManageUsers
from Products.PluggableAuthService.PluggableAuthService import registerMultiPlugin from Products.PluggableAuthService.PluggableAuthService import registerMultiPlugin
from Products.PluggableAuthService.permissions import ManageGroups from Products.PluggableAuthService.permissions import ManageGroups
from Products.ERP5Type import IS_ZOPE2
import six import six
# This user is used to bypass all security checks. # This user is used to bypass all security checks.
...@@ -57,27 +58,34 @@ def mergedLocalRoles(object): ...@@ -57,27 +58,34 @@ def mergedLocalRoles(object):
return deepcopy(merged) return deepcopy(merged)
def _setUserNameForAccessLog(username, REQUEST): if IS_ZOPE2: # BBB
"""Make the current user look as `username` in Zope's Z2.log def _setUserNameForAccessLog(username, REQUEST):
"""Make the current user look as `username` in Zope's Z2.log
Taken from Products.CMFCore.CookieCrumbler._setAuthHeader Taken from Products.CMFCore.CookieCrumbler._setAuthHeader
""" """
# Set the authorization header in the medusa http request # Set the authorization header in the medusa http request
# so that the username can be logged to the Z2.log # so that the username can be logged to the Z2.log
# Put the full-arm latex glove on now... # Put the full-arm latex glove on now...
try:
# Is this WSGI ?
REQUEST._orig_env['wsgi.input']
except KeyError:
# Not WSGI, maybe Medusa
try: try:
medusa_headers = REQUEST.RESPONSE.stdout._request._header_cache # Is this WSGI ?
except AttributeError: REQUEST._orig_env['wsgi.input']
pass except KeyError:
# Not WSGI, maybe Medusa
try:
medusa_headers = REQUEST.RESPONSE.stdout._request._header_cache
except AttributeError:
pass
else:
medusa_headers['authorization'] = 'Basic %s' % encodestring('%s:' % username).rstrip()
else: else:
medusa_headers['authorization'] = 'Basic %s' % encodestring('%s:' % username).rstrip() REQUEST._orig_env['REMOTE_USER'] = username
else: else: # zope4
REQUEST._orig_env['REMOTE_USER'] = username def _setUserNameForAccessLog(username, REQUEST):
"""
Nothing to do for this on Zope4.
"""
pass
def initialize(context): def initialize(context):
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment