diff --git a/product/CMFCategory/CategoryTool.py b/product/CMFCategory/CategoryTool.py index ec1799bf5529f757cbbd276566f161ee00144e8e..e5396a094b360b85680f63381183b797de02381c 100644 --- a/product/CMFCategory/CategoryTool.py +++ b/product/CMFCategory/CategoryTool.py @@ -678,7 +678,9 @@ class CategoryTool( UniqueObject, Folder, Base ): security.declareProtected( Permissions.AccessContentsInformation, 'setDefaultCategoryMembership' ) def setDefaultCategoryMembership(self, context, base_category, default_category, - spec=(), filter=None, portal_type=(), base=0 ): + spec=(), filter=None, + portal_type=(), base=0, + checked_permission=None ): """ Sets the membership of the context on the specified base_category list and for the specified portal_type spec @@ -711,10 +713,11 @@ class CategoryTool( UniqueObject, Folder, Base ): self.setCategoryMembership(context, base_category, new_category_list, spec=spec, filter=filter, portal_type=portal_type, base=base, keep_default = 0) - security.declareProtected( Permissions.AccessContentsInformation, - 'getSingleCategoryMembershipList' ) + security.declareProtected(Permissions.AccessContentsInformation, + 'getSingleCategoryMembershipList') def getSingleCategoryMembershipList(self, context, base_category, base=0, - spec=(), filter=None, checked_permission=None, **kw): + spec=(), filter=None, + checked_permission=None, **kw): """ Returns the local membership of the context for a single base category represented as a list of relative URLs @@ -727,47 +730,51 @@ class CategoryTool( UniqueObject, Folder, Base ): base -- if set to 1, returns relative URLs to portal_categories if set to 0, returns relative URLs to the base category + + checked_permission -- a string which defined the permission + to filter the object on """ # XXX We must use filters in the future # where_expression = self._buildQuery(spec, filter, kw) - portal_type = kw.get('portal_type', ()) - if spec is (): spec = portal_type + if spec is (): + spec = kw.get('portal_type', ()) # Build the ckecked_permission filter - if checked_permission is None: - permissionFilter = lambda x: x - else: - def permissionFilter(category_list): - filtered_category_list = [] - checkPermission = self.portal_membership.checkPermission - for category in category_list: - object = self.unrestrictedTraverse(category) - if object is not None and checkPermission(checked_permission, object): - filtered_category_list.append(category) - return filtered_category_list + if checked_permission is not None: + checkPermission = self.portal_membership.checkPermission + def permissionFilter(category): + object = self.unrestrictedTraverse(category) + if object is not None and checkPermission(checked_permission, object): + return category + else: + return None + # We must treat parent in a different way #LOG('getSingleCategoryMembershipList', 0, 'base_category = %s, spec = %s, base = %s, context = %s, context.aq_inner.aq_parent = %s' % (repr(base_category), repr(spec), repr(base), repr(context), repr(context.aq_inner.aq_parent))) if base_category == 'parent': parent = context.aq_inner.aq_parent # aq_inner is required to make sure we use containment if parent.portal_type in spec: - if base: - return permissionFilter(['parent/' + parent.getRelativeUrl()]) - else: - return permissionFilter([parent.getRelativeUrl()]) + parent_relative_url = parent.getRelativeUrl() + if (checked_permission is None) or \ + (permissionFilter(parent_relative_url) is not None): + if base: + return 'parent/%s' % parent_relative_url + else: + return parent_relative_url #LOG('getSingleCategoryMembershipList', 0, 'not in spec: parent.portal_type = %s, spec = %s' % (repr(parent.portal_type), repr(spec))) return [] - result = [] - append = result.append # XXX We must use filters in the future # where_expression = self._buildQuery(spec, filter, kw) - spec = kw.get('portal_type', ()) + result = [] + append = result.append # Make sure spec is a list or tuple if isinstance(spec, str): spec = [spec] # Filter categories if getattr(aq_base(context), 'categories', _marker) is not _marker: + for category_url in self._getCategoryList(context): try: index = category_url.index('/') @@ -777,20 +784,22 @@ class CategoryTool( UniqueObject, Folder, Base ): if my_base_category == base_category: #LOG("getSingleCategoryMembershipList",0,"%s %s %s %s" % (context.getRelativeUrl(), # my_base_category, base_category, category_url)) - if spec is (): - if base: - append(category_url) + if (checked_permission is None) or \ + (permissionFilter(category_url) is not None): + if spec is (): + if base: + append(category_url) + else: + append(category_url[len(my_base_category)+1:]) else: - append(category_url[len(my_base_category)+1:]) - else: - my_reference = self.unrestrictedTraverse(category_url, None) - if my_reference is not None: - if my_reference.portal_type in spec: - if base: - append(category_url) - else: - append(category_url[len(my_base_category)+1:]) - return permissionFilter(result) + my_reference = self.unrestrictedTraverse(category_url, None) + if my_reference is not None: + if my_reference.portal_type in spec: + if base: + append(category_url) + else: + append(category_url[len(my_base_category)+1:]) + return result security.declareProtected( Permissions.AccessContentsInformation, 'getSingleCategoryAcquiredMembershipList' )