P-S: Revert 4b16e1dd and 75618d42.

This reverts commit "use UnrestrictedMethod's super user instead of ad-hoc SUPER_USER." and related commits. This commit breaks Python Script installation through UnrestrictedMethod (for example upgrader Alarms for bt5s), thus the Owner of Python Scripts will be 'System Process' (erp5/acl_users). However, Zope checks Owner when executing Python Script which fails because 'System Process' cannot be found in erp5/acl_users. Legacy SUPER_USER was working through a virtual user as implemented in enumerateUsers (ERP5Security.ERP5UserManager). Conflicts: product/CMFActivity/ActivityTool.py bt5/erp5_user_tutorial_ui_test/SkinTemplateItem/portal_skins/erp5_user_tutorial_ui_test/Zuite_checkPortalCatalog.xml

P-S: Revert 4b16e1dd and 75618d42.
This reverts commit "use UnrestrictedMethod's super user instead of ad-hoc SUPER_USER." and related commits. This commit breaks Python Script installation through UnrestrictedMethod (for example upgrader Alarms for bt5s), thus the Owner of Python Scripts will be 'System Process' (erp5/acl_users). However, Zope checks Owner when executing Python Script which fails because 'System Process' cannot be found in erp5/acl_users. Legacy SUPER_USER was working through a virtual user as implemented in enumerateUsers (ERP5Security.ERP5UserManager). Conflicts: product/CMFActivity/ActivityTool.py bt5/erp5_user_tutorial_ui_test/SkinTemplateItem/portal_skins/erp5_user_tutorial_ui_test/Zuite_checkPortalCatalog.xml
8b379f1b · Arnaud Fontaine · facbabe6 · 8b379f1b · 8b379f1b · 8b379f1b
Commit 8b379f1b authored Apr 16, 2013 by Arnaud Fontaine
9 changed files
--- a/bt5/erp5_user_tutorial_ui_test/SkinTemplateItem/portal_skins/erp5_user_tutorial_ui_test/Zuite_checkPortalCatalog.xml
+++ b/bt5/erp5_user_tutorial_ui_test/SkinTemplateItem/portal_skins/erp5_user_tutorial_ui_test/Zuite_checkPortalCatalog.xml
@@ -72,7 +72,7 @@ for result in result_list:\n
    if strict_check_mode and method() != kw[key]:\n
      raise RuntimeError, "One property is not the same that you wanted : you asked \'%s\' and expecting \'%s\' but get \'%s\'" % (key, kw[key], method())\n
  # check that every object are owner by you\n
-  if strict_check_mode and object.Base_getOwnerId() not in [owner_id, functional_test_username, \'System Processes\',\'zope\', functional_another_test_username]:\n
+  if strict_check_mode and object.Base_getOwnerId() not in [owner_id, functional_test_username, \'__erp5security-=__\',\'zope\', functional_another_test_username]:\n
    raise RuntimeError, "You have try to clean an item who haven\'t you as owner : %s is owned by %s and you are %s" % \\\n
         (object.getTitle(), object.Base_getOwnerId(), owner_id)\n
 \n

--- a/bt5/erp5_user_tutorial_ui_test/bt/revision
+++ b/bt5/erp5_user_tutorial_ui_test/bt/revision
-788
\ No newline at end of file
+789
\ No newline at end of file
--- a/product/CMFActivity/ActivityTool.py
+++ b/product/CMFActivity/ActivityTool.py
@@ -44,7 +44,6 @@ from AccessControl.SecurityManagement import newSecurityManager
 from AccessControl.SecurityManagement import noSecurityManager
 from AccessControl.SecurityManagement import setSecurityManager
 from AccessControl.SecurityManagement import getSecurityManager
-from AccessControl.User import system as system_user
 from Products.CMFCore.utils import UniqueObject, _getAuthenticatedUser
 from Products.ERP5Type.Globals import InitializeClass, DTMLFile
 from Acquisition import aq_base, aq_inner, aq_parent
@@ -52,8 +51,6 @@ from ActivityBuffer import ActivityBuffer
 from ActivityRuntimeEnvironment import BaseMessage
 from zExceptions import ExceptionFormatter
 from BTrees.OIBTree import OIBTree
-from Zope2 import app
-from Products.ERP5Type.UnrestrictedMethod import PrivilegedUser
 from zope.site.hooks import setSite

 try:
@@ -278,13 +275,6 @@ class Message(BaseMessage):
    if user is None:
      uf = portal.aq_parent.acl_users
      user = uf.getUserById(user_name)
-    if user is None and user_name == system_user.getUserName():
-      # The following logic partly comes from unrestricted_apply()
-      # implementation in ERP5Type.UnrestrictedMethod but we get roles
-      # from the portal to have more roles.
-      uf = portal_uf
-      role_list = uf.valid_roles()
-      user = PrivilegedUser(user_name, None, role_list, ()).__of__(uf)
    if user is not None:
      user = user.__of__(uf)
      newSecurityManager(None, user)

--- a/product/ERP5/Document/Alarm.py
+++ b/product/ERP5/Document/Alarm.py
@@ -32,11 +32,10 @@ from DateTime import DateTime
 from AccessControl import ClassSecurityInfo, Unauthorized
 from AccessControl.SecurityManagement import getSecurityManager, \
            setSecurityManager, newSecurityManager
-from AccessControl.User import nobody
 from Products.CMFCore.utils import getToolByName
 from Products.ERP5Type import Permissions, PropertySheet
 from Products.ERP5Type.XMLObject import XMLObject
-from Products.ERP5Type.UnrestrictedMethod import UnrestrictedMethod
+from Products.ERP5Security.ERP5UserManager import SUPER_USER
 from Products.ERP5.mixin.periodicity import PeriodicityMixin

 class Alarm(XMLObject, PeriodicityMixin):
@@ -119,10 +118,11 @@ class Alarm(XMLObject, PeriodicityMixin):
      if not checkPermission(Permissions.ManagePortal, self):
        raise Unauthorized('fixing problems or activating a disabled alarm is not allowed')

-    # Use UnrestrictedMethod, so that the behavior would not
+    # Switch to the superuser temporarily, so that the behavior would not
    # change even if this method is invoked by random users.
-    @UnrestrictedMethod
-    def _activeSense():
+    sm = getSecurityManager()
+    newSecurityManager(None, portal_membership.getMemberById(SUPER_USER))
+    try:
      # Set the next date at which this method should be invoked
      self.setNextAlarmDate()

@@ -158,13 +158,6 @@ class Alarm(XMLObject, PeriodicityMixin):
          getattr(self.activate(tag=tag), method_id)()
        if self.isAlarmNotificationMode():
          self.activate(after_tag=tag).notify(include_active=True, params=params)
-
-    # switch to nobody temporarily so that unrestricted _activeSense
-    # is already invoked by system user.
-    sm = getSecurityManager()
-    newSecurityManager(None, nobody)
-    try:
-      _activeSense()
    finally:
      # Restore the original user.
      setSecurityManager(sm)

--- a/product/ERP5Catalog/CatalogTool.py
+++ b/product/ERP5Catalog/CatalogTool.py
@@ -32,7 +32,6 @@ from Products.ZSQLCatalog.ZSQLCatalog import ZCatalog
 from Products.ZSQLCatalog.SQLCatalog import Query, ComplexQuery
 from Products.ERP5Type import Permissions
 from AccessControl import ClassSecurityInfo, getSecurityManager
-from AccessControl.User import system as system_user
 from Products.CMFCore.utils import UniqueObject, _getAuthenticatedUser, getToolByName
 from Products.ERP5Type.Globals import InitializeClass, DTMLFile
 from Acquisition import aq_base, aq_inner, aq_parent, ImplicitAcquisitionWrapper
@@ -423,7 +422,7 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
      """
      user = _getAuthenticatedUser(self)
      user_str = str(user)
-      user_is_superuser = (user == system_user) or (user_str == SUPER_USER)
+      user_is_superuser = (user_str == SUPER_USER)
      allowedRolesAndUsers = self._listAllowedRolesAndUsers(user)
      role_column_dict = {}
      local_role_column_dict = {}
@@ -544,12 +543,6 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
        values. The query takes into account the fact that some roles are
        catalogued with columns.
      """
-      user = _getAuthenticatedUser(self)
-      user_str = str(user)
-      user_is_superuser = (user == system_user) or (user_str == SUPER_USER)
-      if user_is_superuser:
-        # We need no security check for super user.
-        return query
      original_query = query
      security_uid_dict, role_column_dict, local_role_column_dict = \
          self.getSecurityUidDictAndRoleColumnDict(sql_catalog_id=sql_catalog_id, **kw)

--- a/product/ERP5Security/ERP5GroupManager.py
+++ b/product/ERP5Security/ERP5GroupManager.py
@@ -26,7 +26,6 @@ from Products.PluggableAuthService.interfaces.plugins import IGroupsPlugin
 from Products.ERP5Type.Cache import CachingMethod
 from Products.ERP5Type.ERP5Type \
  import ERP5TYPE_SECURITY_GROUP_ID_GENERATION_SCRIPT
-from Products.ERP5Type.UnrestrictedMethod import UnrestrictedMethod
 from Products.PluggableAuthService.PropertiedUser import PropertiedUser
 from ZODB.POSException import ConflictError

@@ -87,13 +86,17 @@ class ERP5GroupManager(BasePlugin):
    if principal.getId() == SUPER_USER:
      return ()

-    @UnrestrictedMethod
    def _getGroupsForPrincipal(user_name, path):
      security_category_dict = {} # key is the base_category_list,
                                  # value is the list of fetched categories
      security_group_list = []
      security_definition_list = ()

+      # because we aren't logged in, we have to create our own
+      # SecurityManager to be able to access the Catalog
+      sm = getSecurityManager()
+      if sm.getUser().getId() != SUPER_USER:
+        newSecurityManager(self, self.getUser(SUPER_USER))
      try:
        # To get the complete list of groups, we try to call the
        # ERP5Type_getSecurityCategoryMapping which should return a list
@@ -177,7 +180,7 @@ class ERP5GroupManager(BasePlugin):
                  generator_name,
                  error = sys.exc_info())
      finally:
-        pass
+        setSecurityManager(sm)
      return tuple(security_group_list)

    if not NO_CACHE_MODE:

--- a/product/ERP5Security/ERP5KeyAuthPlugin.py
+++ b/product/ERP5Security/ERP5KeyAuthPlugin.py
@@ -48,7 +48,6 @@ from Products.PluggableAuthService.plugins.BasePlugin import BasePlugin
 from Products.PluggableAuthService.plugins.CookieAuthHelper import CookieAuthHelper

 from Products.ERP5Type.Cache import CachingMethod
-from Products.ERP5Type.UnrestrictedMethod import UnrestrictedMethod
 from Products.ERP5Security.ERP5UserManager import ERP5UserManager,\
                                                  SUPER_USER,\
                                                  _AuthenticationFailure
@@ -328,7 +327,6 @@ class ERP5KeyAuthPlugin(ERP5UserManager, CookieAuthHelper):
        return None

      #Function to allow cache
-      @UnrestrictedMethod
      def _authenticateCredentials(login):
        if not login:
          return None
@@ -339,7 +337,10 @@ class ERP5KeyAuthPlugin(ERP5UserManager, CookieAuthHelper):
          raise _AuthenticationFailure()
        user = user_list[0]

-        if True:
+        #We need to be super_user
+        sm = getSecurityManager()
+        if sm.getUser().getId() != SUPER_USER:
+          newSecurityManager(self, self.getUser(SUPER_USER))
          try:
            # get assignment list
            assignment_list = [x for x in user.contentValues(portal_type="Assignment") \
@@ -360,7 +361,7 @@ class ERP5KeyAuthPlugin(ERP5UserManager, CookieAuthHelper):
            if len(valid_assignment_list) > 0:
              return (login, login)
          finally:
-            pass
+            setSecurityManager(sm)

          raise _AuthenticationFailure()


--- a/product/ERP5Security/ERP5UserFactory.py
+++ b/product/ERP5Security/ERP5UserFactory.py
@@ -26,7 +26,6 @@ from Products.PluggableAuthService.interfaces.plugins import IUserFactoryPlugin
 from Products.PluggableAuthService.PropertiedUser import PropertiedUser
 from Products.PluggableAuthService.PropertiedUser import \
                                            _what_not_even_god_should_do
-from Products.ERP5Security.ERP5UserManager import SUPER_USER

 manage_addERP5UserFactoryForm = PageTemplateFile(
    'www/ERP5Security_addERP5UserFactory', globals(),
@@ -102,10 +101,6 @@ class ERP5User(PropertiedUser):
      As for getRolesInContext, we take into account _getAcquireLocalRoles for
      ERP5.
      """
-      if self.getUserName() == SUPER_USER:
-        # super user is allowed to accesss any object
-        return 1
-
      if object_roles is _what_not_even_god_should_do:
        return 0


--- a/product/ERP5Security/ERP5UserManager.py
+++ b/product/ERP5Security/ERP5UserManager.py
@@ -28,7 +28,6 @@ from Products.PluggableAuthService.utils import classImplements
 from Products.PluggableAuthService.interfaces.plugins import IAuthenticationPlugin
 from Products.PluggableAuthService.interfaces.plugins import IUserEnumerationPlugin
 from Products.ERP5Type.Cache import CachingMethod, transactional_cached
-from Products.ERP5Type.UnrestrictedMethod import UnrestrictedMethod
 from ZODB.POSException import ConflictError
 import sys
 from DateTime import DateTime
@@ -127,7 +126,6 @@ class ERP5UserManager(BasePlugin):
        if login == SUPER_USER:
          return None

-        @UnrestrictedMethod
        def _authenticateCredentials(login, password, path,
          ignore_password=False):
            if not login or not (password or ignore_password):
@@ -140,6 +138,9 @@ class ERP5UserManager(BasePlugin):

            user = user_list[0]

+            sm = getSecurityManager()
+            if sm.getUser().getId() != SUPER_USER:
+              newSecurityManager(self, self.getUser(SUPER_USER))
            try:
              # get assignment
              assignment_list = [x for x in user.contentValues(portal_type="Assignment") if x.getValidationState() == "open"]
@@ -160,7 +161,7 @@ class ERP5UserManager(BasePlugin):
                     .getValidationState() != 'deleted': #user.getCareerRole() == 'internal':
                return login, login # use same for user_id and login
            finally:
-              pass
+              setSecurityManager(sm)
            raise _AuthenticationFailure()

        _authenticateCredentials = CachingMethod(_authenticateCredentials,