Commit a1a08811 authored by Ayush Tiwari's avatar Ayush Tiwari

erp5_data_notebook: Check user permission for at entry point for...

erp5_data_notebook: Check user permission for at entry point for Base_executeJupyter python script so that non-developer user cannot execute python code through script
parent 5fd03c12
...@@ -61,9 +61,12 @@ ...@@ -61,9 +61,12 @@
</item> </item>
<item> <item>
<key> <string>_body</string> </key> <key> <string>_body</string> </key>
<value> <string>import json\n <value> <string>portal = context.getPortalObject()\n
# Check permissions for current user \n
if not portal.Base_checkPermission(\'portal_components\', \'Manage Portal\'):\n
return "You are not authorized to access the script"\n
\n \n
portal = context.getPortalObject()\n import json\n
\n \n
# The boolean values via requests are received as \n # The boolean values via requests are received as \n
request_reference = {\'True\': True, \'False\': False}.get(request_reference, False)\n request_reference = {\'True\': True, \'False\': False}.get(request_reference, False)\n
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment