Commit 1cfc0ad4 authored by Vincent Pelletier's avatar Vincent Pelletier

Products.ERP5Security._setUserNameForAccessLog: Do nothing on Zope4

The way Zope4 logs the authenticated user is radically different from
Zope2, and makes this function useless.
So, unless when running on Zope2, do nothing when this function is called.
parent 86582f1f
Pipeline #30361 passed with stage
in 0 seconds
......@@ -24,6 +24,7 @@ from Acquisition import aq_inner, aq_parent
from AccessControl.Permissions import manage_users as ManageUsers
from Products.PluggableAuthService.PluggableAuthService import registerMultiPlugin
from Products.PluggableAuthService.permissions import ManageGroups
from Products.ERP5Type import IS_ZOPE2
import six
# This user is used to bypass all security checks.
......@@ -57,7 +58,8 @@ def mergedLocalRoles(object):
return deepcopy(merged)
def _setUserNameForAccessLog(username, REQUEST):
if IS_ZOPE2: # BBB
def _setUserNameForAccessLog(username, REQUEST):
"""Make the current user look as `username` in Zope's Z2.log
Taken from Products.CMFCore.CookieCrumbler._setAuthHeader
......@@ -78,6 +80,12 @@ def _setUserNameForAccessLog(username, REQUEST):
medusa_headers['authorization'] = 'Basic %s' % encodestring('%s:' % username).rstrip()
else:
REQUEST._orig_env['REMOTE_USER'] = username
else: # zope4
def _setUserNameForAccessLog(username, REQUEST):
"""
Nothing to do for this on Zope4.
"""
pass
def initialize(context):
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment