Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
erp5
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Léo-Paul Géneau
erp5
Commits
a80099b4
Commit
a80099b4
authored
Jul 09, 2018
by
Vincent Pelletier
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
ERP5Security.ERP5GroupManager: Get rid of try..finally: pass block.
parent
7a3a0a4c
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
73 additions
and
76 deletions
+73
-76
product/ERP5Security/ERP5GroupManager.py
product/ERP5Security/ERP5GroupManager.py
+73
-76
No files found.
product/ERP5Security/ERP5GroupManager.py
View file @
a80099b4
...
@@ -93,88 +93,85 @@ class ERP5GroupManager(BasePlugin):
...
@@ -93,88 +93,85 @@ class ERP5GroupManager(BasePlugin):
security_group_list
=
[]
security_group_list
=
[]
security_definition_list
=
()
security_definition_list
=
()
try
:
# To get the complete list of groups, we try to call the
# To get the complete list of groups, we try to call the
# ERP5Type_getSecurityCategoryMapping which should return a list
# ERP5Type_getSecurityCategoryMapping which should return a list
# of lists of two elements (script, base_category_list) like :
# of lists of two elements (script, base_category_list) like :
# (
# (
# ('script_1', ['base_category_1', 'base_category_2', ...]),
# ('script_1', ['base_category_1', 'base_category_2', ...]),
# ('script_2', ['base_category_1', 'base_category_3', ...])
# ('script_2', ['base_category_1', 'base_category_3', ...])
# )
# )
#
#
# else, if the script does not exist, falls back to a list containng
# else, if the script does not exist, falls back to a list containng
# only one list :
# only one list :
# (('ERP5Type_getSecurityCategoryFromAssignment',
# (('ERP5Type_getSecurityCategoryFromAssignment',
# self.getPortalAssignmentBaseCategoryList() ),)
# self.getPortalAssignmentBaseCategoryList() ),)
mapping_method
=
getattr
(
self
,
mapping_method
=
getattr
(
self
,
'ERP5Type_getSecurityCategoryMapping'
,
None
)
'ERP5Type_getSecurityCategoryMapping'
,
None
)
if
mapping_method
is
None
:
if
mapping_method
is
None
:
security_definition_list
=
((
security_definition_list
=
((
'ERP5Type_getSecurityCategoryFromAssignment'
,
'ERP5Type_getSecurityCategoryFromAssignment'
,
self
.
getPortalAssignmentBaseCategoryList
()
self
.
getPortalAssignmentBaseCategoryList
()
),)
),)
else
:
else
:
security_definition_list
=
mapping_method
()
security_definition_list
=
mapping_method
()
# get the person from its login - no security check needed
# get the person from its login - no security check needed
user_path_set
=
{
user_path_set
=
{
x
[
'path'
]
x
[
'path'
]
for
x
in
self
.
searchUsers
(
id
=
user_id
,
exact_match
=
True
)
for
x
in
self
.
searchUsers
(
id
=
user_id
,
exact_match
=
True
)
if
'path'
in
x
if
'path'
in
x
}
}
if
not
user_path_set
:
if
not
user_path_set
:
return
()
return
()
user_path
,
=
user_path_set
user_path
,
=
user_path_set
person_object
=
self
.
getPortalObject
().
unrestrictedTraverse
(
user_path
)
person_object
=
self
.
getPortalObject
().
unrestrictedTraverse
(
user_path
)
# Fetch category values from defined scripts
# Fetch category values from defined scripts
for
(
method_name
,
base_category_list
)
in
security_definition_list
:
for
(
method_name
,
base_category_list
)
in
security_definition_list
:
base_category_list
=
tuple
(
base_category_list
)
base_category_list
=
tuple
(
base_category_list
)
security_category_list
=
security_category_dict
.
setdefault
(
security_category_list
=
security_category_dict
.
setdefault
(
base_category_list
,
[])
base_category_list
,
[])
try
:
# The called script may want to distinguish if it is called
# from here or from _updateLocalRolesOnSecurityGroups.
# Currently, passing portal_type='' (instead of 'Person')
# is the only way to make the difference.
method
=
getattr
(
self
,
method_name
)
security_category_list
.
extend
(
method
(
base_category_list
,
user_id
,
person_object
,
''
)
)
except
ConflictError
:
raise
except
:
LOG
(
'ERP5GroupManager'
,
WARNING
,
'could not get security categories from %s'
%
(
method_name
,),
error
=
sys
.
exc_info
())
# Get group names from category values
# XXX try ERP5Type_asSecurityGroupIdList first for compatibility
generator_name
=
'ERP5Type_asSecurityGroupIdList'
group_id_list_generator
=
getattr
(
self
,
generator_name
,
None
)
if
group_id_list_generator
is
None
:
generator_name
=
ERP5TYPE_SECURITY_GROUP_ID_GENERATION_SCRIPT
group_id_list_generator
=
getattr
(
self
,
generator_name
,
None
)
for
base_category_list
,
category_value_list
in
\
security_category_dict
.
iteritems
():
for
category_dict
in
category_value_list
:
try
:
try
:
# The called script may want to distinguish if it is called
group_id_list
=
group_id_list_generator
(
# from here or from _updateLocalRolesOnSecurityGroups.
category_order
=
base_category_list
,
# Currently, passing portal_type='' (instead of 'Person')
**
category_dict
)
# is the only way to make the difference.
if
isinstance
(
group_id_list
,
str
):
method
=
getattr
(
self
,
method_name
)
group_id_list
=
[
group_id_list
]
security_category_list
.
extend
(
security_group_list
.
extend
(
group_id_list
)
method
(
base_category_list
,
user_id
,
person_object
,
''
)
)
except
ConflictError
:
except
ConflictError
:
raise
raise
except
:
except
:
LOG
(
'ERP5GroupManager'
,
WARNING
,
LOG
(
'ERP5GroupManager'
,
WARNING
,
'could not get security categories from %s'
%
(
method_name
,),
'could not get security groups from %s'
%
generator_name
,
error
=
sys
.
exc_info
())
error
=
sys
.
exc_info
())
# Get group names from category values
# XXX try ERP5Type_asSecurityGroupIdList first for compatibility
generator_name
=
'ERP5Type_asSecurityGroupIdList'
group_id_list_generator
=
getattr
(
self
,
generator_name
,
None
)
if
group_id_list_generator
is
None
:
generator_name
=
ERP5TYPE_SECURITY_GROUP_ID_GENERATION_SCRIPT
group_id_list_generator
=
getattr
(
self
,
generator_name
,
None
)
for
base_category_list
,
category_value_list
in
\
security_category_dict
.
iteritems
():
for
category_dict
in
category_value_list
:
try
:
group_id_list
=
group_id_list_generator
(
category_order
=
base_category_list
,
**
category_dict
)
if
isinstance
(
group_id_list
,
str
):
group_id_list
=
[
group_id_list
]
security_group_list
.
extend
(
group_id_list
)
except
ConflictError
:
raise
except
:
LOG
(
'ERP5GroupManager'
,
WARNING
,
'could not get security groups from %s'
%
generator_name
,
error
=
sys
.
exc_info
())
finally
:
pass
return
tuple
(
security_group_list
)
return
tuple
(
security_group_list
)
if
not
NO_CACHE_MODE
:
if
not
NO_CACHE_MODE
:
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment