Commit 9275c91f authored by Rafael Monnerat's avatar Rafael Monnerat

Expect only a part of path only, and all possible variables should be configured at /etc/erp5.cfg.



git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@28832 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent cba17432
No related merge requests found
......@@ -243,7 +243,7 @@ class IntrospectionTool(LogMixin, BaseTool):
return getConfiguration().softwarehome
security.declareProtected(Permissions.ManagePortal, 'setSoftwareHome')
def setSoftwareHome(self, path):
def setSoftwareHome(self, relative_path):
"""
EXPERIMENTAL - DEVELOPMENT
......@@ -258,6 +258,8 @@ class IntrospectionTool(LogMixin, BaseTool):
"""
config = self._loadExternalConfig()
allowed_path_list = config.get("main", "zopehome").split("\n")
base_zope_path = config.get("base", "base_zope_path").split("\n")
path = "%s/%s/lib/python" % (base_zope_path,relative_path)
if path not in allowed_path_list:
raise Unauthorized("You are setting one Unauthorized path as Zope Home.")
......@@ -338,7 +340,7 @@ class IntrospectionTool(LogMixin, BaseTool):
return getConfiguration().products
security.declareProtected(Permissions.ManagePortal, 'setProductPathList')
def setProductPathList(self, path_list):
def setProductPath(self, relative_path):
"""
Set the value of SOFTWARE_HOME for zopectl startup script
or from zope.conf (whichever is most relevant)
......@@ -346,26 +348,31 @@ class IntrospectionTool(LogMixin, BaseTool):
Rationale: multiple versions of Products can be present
on the same system
relative_path is usually defined by a number of release
(ex. 5.4.2)
WARNING: the list of possible path should be protected
if possible (ex. /etc/erp5/product)
"""
config = self._loadExternalConfig()
allowed_path_list = config.get("main", "products").split("\n")
base_product_path = config.get("base", "base_product_path").split("\n")
path = base_product_path + relative_path
for path in path_list:
if path not in allowed_path_list:
raise Unauthorized("You are setting one Unauthorized path as Product Path.")
if path not in allowed_path_list:
raise Unauthorized("You are setting one Unauthorized path as Product Path.")
config_file = self._getZopeConfigurationFile("etc/zope.conf")
new_file_list = []
for line in config_file:
new_line = line
if line.strip(" ").startswith("products"):
if line.strip(" ").startswith("products %s" % (base_product_path)):
# Only comment the line, so it can easily reverted
new_line = "#%s" % ( line)
new_line = "#%s" % (line)
# Append the new line.
new_file_list.append("products %s\n" % (path))
new_file_list.append(new_line)
for path in path_list:
new_file_list.append("products %s\n" % (path))
config_file.close()
# reopen file for write
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment