slapos_erp5: Reimplement (and speed up) security to use ERP5User_getUserSecurityCategoryValueList

3e947793 · Rafael Monnerat · efb0f29f · efb0f29f · efb0f29f · 3e947793
Commit 3e947793 authored Dec 11, 2024 by Rafael Monnerat
5 changed files
--- a/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/ERP5Type_getSecurityCategoryMapping.py
+++ b/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/ERP5Type_getSecurityCategoryMapping.py
-"""
-Core security script - defines the way to get security groups of the current user.
-
-WARNING: providing such script in erp5_dms could be dangerous
-if this conflicts with an existing production site which uses
-deprecated ERP5Type_asSecurityGroupIdList
-"""
-
-return (
-  # Person security
-  ('ERP5Type_getSecurityCategoryFromAssignment', ['function']),
-  ('ERP5Type_getSecurityCategoryFromAssignmentParent', ['function']),
-  # XXX TODO check that only validated project are used
-  ('ERP5Type_getSecurityCategoryFromAssignment', ['destination_project']),
-  ('ERP5Type_getSecurityCategoryFromAssignment', ['destination_project', 'function']),
-  
-  # Compute Node security
-  ('ERP5Type_getComputeNodeSecurityCategory', ['role']),
-
-  # Instance security
-  ('ERP5Type_getSoftwareInstanceSecurityCategory', ['role']),
-  ('ERP5Type_getSoftwareInstanceSecurityCategory', ['destination_project']),
-  ('ERP5Type_getSoftwareInstanceSecurityCategory', ['destination_project', 'role']),
-  ('ERP5Type_getSoftwareInstanceSecurityCategory', ['aggregate']),
-
-)
--- a/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/ERP5Type_getSoftwareInstanceSecurityCategory.xml
+++ b/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/ERP5Type_getSoftwareInstanceSecurityCategory.xml
-<?xml version="1.0"?>
-<ZopeData>
-  <record id="1" aka="AAAAAAAAAAE=">
-    <pickle>
-      <global name="ExternalMethod" module="Products.ExternalMethod.ExternalMethod"/>
-    </pickle>
-    <pickle>
-      <dictionary>
-        <item>
-            <key> <string>_function</string> </key>
-            <value> <string>getSoftwareInstanceSecurityCategory</string> </value>
-        </item>
-        <item>
-            <key> <string>_module</string> </key>
-            <value> <string>SlapOSSecurity</string> </value>
-        </item>
-        <item>
-            <key> <string>id</string> </key>
-            <value> <string>ERP5Type_getSoftwareInstanceSecurityCategory</string> </value>
-        </item>
-        <item>
-            <key> <string>title</string> </key>
-            <value> <string></string> </value>
-        </item>
-      </dictionary>
-    </pickle>
-  </record>
-</ZopeData>
--- a/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/ERP5Type_getComputeNodeSecurityCategory.xml
+++ b/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/ERP5Type_getComputeNodeSecurityCategory.xml
@@ -8,7 +8,7 @@
      <dictionary>
        <item>
            <key> <string>_function</string> </key>
-            <value> <string>getComputeNodeSecurityCategory</string> </value>
+            <value> <string>getSlapOSUserSecurityCategoryValue</string> </value>
        </item>
        <item>
            <key> <string>_module</string> </key>
@@ -16,7 +16,7 @@
        </item>
        <item>
            <key> <string>id</string> </key>
-            <value> <string>ERP5Type_getComputeNodeSecurityCategory</string> </value>
+            <value> <string>ERP5User_getSlapOSUserSecurityCategoryValue</string> </value>
        </item>
        <item>
            <key> <string>title</string> </key>

--- a/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/ERP5User_getUserSecurityCategoryValueList.py
+++ b/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/ERP5User_getUserSecurityCategoryValueList.py
+if context.getPortalType() == 'Person':
+  return context.ERP5User_getSecurityCategoryValueFromAssignment(
+    rule_dict={
+      ('function',): ((), ('function',)),
+      ('destination_project',): ((), ),
+      ('destination_project', 'function'): ((), ),
+    },
+  )
+return context.ERP5User_getSlapOSUserSecurityCategoryValue()
--- a/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/ERP5Type_getSecurityCategoryMapping.xml
+++ b/master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/ERP5Type_getSecurityCategoryMapping.xml
@@ -54,7 +54,7 @@
        </item>
        <item>
            <key> <string>id</string> </key>
-            <value> <string>ERP5Type_getSecurityCategoryMapping</string> </value>
+            <value> <string>ERP5User_getUserSecurityCategoryValueList</string> </value>
        </item>
      </dictionary>
    </pickle>