Commit 691da10c authored by Jean-Paul Smets's avatar Jean-Paul Smets

implemented class tool security


git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@2050 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent 989644a4
...@@ -43,6 +43,14 @@ import Interface, PropertySheet, ZopePatch, StateChangeInfoPatch, CMFCorePatch ...@@ -43,6 +43,14 @@ import Interface, PropertySheet, ZopePatch, StateChangeInfoPatch, CMFCorePatch
import Products.Localizer # So that we make sure Globals.get_request is available import Products.Localizer # So that we make sure Globals.get_request is available
# ClassTool will not be available unless a special file is created with
# read permissions for zope - this prevents security holes in
# production environment
class_tool_security_path = '%s%s%s' % (product_path, os.sep, 'ALLOW_CLASS_TOOL')
def allowClassTool():
return os.access(class_tool_security_path, os.F_OK)
def initialize( context ): def initialize( context ):
# Import Product Components # Import Product Components
from Tool import ClassTool from Tool import ClassTool
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment