Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
erp5
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Sebastien Robin
erp5
Commits
64f51ade
Commit
64f51ade
authored
Feb 10, 2017
by
Sebastien Robin
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
ERP5Workflow: add security declarations
parent
7e4757d2
Changes
2
Show whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
51 additions
and
3 deletions
+51
-3
product/ERP5/InteractionWorkflow.py
product/ERP5/InteractionWorkflow.py
+6
-0
product/ERP5Workflow/Document/Workflow.py
product/ERP5Workflow/Document/Workflow.py
+45
-3
No files found.
product/ERP5/InteractionWorkflow.py
View file @
64f51ade
...
@@ -336,27 +336,33 @@ class InteractionWorkflowDefinition (DCWorkflowDefinition, ActiveObject):
...
@@ -336,27 +336,33 @@ class InteractionWorkflowDefinition (DCWorkflowDefinition, ActiveObject):
return
DCWorkflowDefinition
.
_checkTransitionGuard
(
self
,
t
,
ob
,
**
kw
)
return
DCWorkflowDefinition
.
_checkTransitionGuard
(
self
,
t
,
ob
,
**
kw
)
security
.
declarePrivate
(
'getReference'
)
def
getReference
(
self
):
def
getReference
(
self
):
return
self
.
id
return
self
.
id
security
.
declarePrivate
(
'getTransitionValueById'
)
def
getTransitionValueById
(
self
,
transition_id
):
def
getTransitionValueById
(
self
,
transition_id
):
if
self
.
interactions
is
not
None
:
if
self
.
interactions
is
not
None
:
return
self
.
interactions
.
get
(
transition_id
,
None
)
return
self
.
interactions
.
get
(
transition_id
,
None
)
return
None
return
None
security
.
declarePrivate
(
'getTransitionValueList'
)
def
getTransitionValueList
(
self
):
def
getTransitionValueList
(
self
):
if
self
.
interactions
is
not
None
:
if
self
.
interactions
is
not
None
:
return
self
.
interactions
.
values
()
return
self
.
interactions
.
values
()
return
[]
return
[]
security
.
declarePrivate
(
'getTransitionIdList'
)
def
getTransitionIdList
(
self
):
def
getTransitionIdList
(
self
):
if
self
.
interactions
is
not
None
:
if
self
.
interactions
is
not
None
:
return
self
.
interactions
.
objectIds
()
return
self
.
interactions
.
objectIds
()
return
[]
return
[]
security
.
declarePrivate
(
'getPortalType'
)
def
getPortalType
(
self
):
def
getPortalType
(
self
):
return
self
.
__class__
.
__name__
return
self
.
__class__
.
__name__
security
.
declarePrivate
(
'showAsXML'
)
def
showAsXML
(
self
,
root
=
None
):
def
showAsXML
(
self
,
root
=
None
):
if
root
is
None
:
if
root
is
None
:
root
=
Element
(
'erp5'
)
root
=
Element
(
'erp5'
)
...
...
product/ERP5Workflow/Document/Workflow.py
View file @
64f51ade
...
@@ -150,6 +150,7 @@ class Workflow(IdAsReferenceMixin("", "prefix"), XMLObject):
...
@@ -150,6 +150,7 @@ class Workflow(IdAsReferenceMixin("", "prefix"), XMLObject):
PropertySheet
.
Workflow
,
PropertySheet
.
Workflow
,
)
)
security
.
declarePrivate
(
'notifyCreated'
)
def
notifyCreated
(
self
,
document
):
def
notifyCreated
(
self
,
document
):
"""
"""
Notifies this workflow after an object has been created and added.
Notifies this workflow after an object has been created and added.
...
@@ -160,8 +161,7 @@ class Workflow(IdAsReferenceMixin("", "prefix"), XMLObject):
...
@@ -160,8 +161,7 @@ class Workflow(IdAsReferenceMixin("", "prefix"), XMLObject):
# Swallow.
# Swallow.
pass
pass
security
.
declareProtected
(
Permissions
.
ModifyPortalContent
,
security
.
declarePrivate
(
'initializeDocument'
)
'initializeDocument'
)
initializeDocument
=
notifyCreated
initializeDocument
=
notifyCreated
def
_generateHistoryKey
(
self
):
def
_generateHistoryKey
(
self
):
...
@@ -358,6 +358,7 @@ class Workflow(IdAsReferenceMixin("", "prefix"), XMLObject):
...
@@ -358,6 +358,7 @@ class Workflow(IdAsReferenceMixin("", "prefix"), XMLObject):
# This method allows to update all objects using one workflow, for example
# This method allows to update all objects using one workflow, for example
# after the permissions per state for this workflow were modified
# after the permissions per state for this workflow were modified
security
.
declareProtected
(
Permissions
.
ModifyPortalContent
,
'updateRoleMappings'
)
def
updateRoleMappings
(
self
,
REQUEST
=
None
):
def
updateRoleMappings
(
self
,
REQUEST
=
None
):
"""
"""
Changes permissions of all objects related to this workflow
Changes permissions of all objects related to this workflow
...
@@ -454,6 +455,7 @@ class Workflow(IdAsReferenceMixin("", "prefix"), XMLObject):
...
@@ -454,6 +455,7 @@ class Workflow(IdAsReferenceMixin("", "prefix"), XMLObject):
# Re-raise.
# Re-raise.
raise
moved_exc
raise
moved_exc
security
.
declarePrivate
(
'listObjectActions'
)
def
listObjectActions
(
self
,
info
):
def
listObjectActions
(
self
,
info
):
fmt_data
=
None
fmt_data
=
None
document
=
info
.
object
document
=
info
.
object
...
@@ -485,6 +487,7 @@ class Workflow(IdAsReferenceMixin("", "prefix"), XMLObject):
...
@@ -485,6 +487,7 @@ class Workflow(IdAsReferenceMixin("", "prefix"), XMLObject):
return
[
result
[
1
]
for
result
in
object_action_list
]
return
[
result
[
1
]
for
result
in
object_action_list
]
security
.
declarePrivate
(
'getWorklistVariableMatchDict'
)
def
getWorklistVariableMatchDict
(
self
,
info
,
check_guard
=
True
):
def
getWorklistVariableMatchDict
(
self
,
info
,
check_guard
=
True
):
"""
"""
Return a dict which has an entry per worklist definition
Return a dict which has an entry per worklist definition
...
@@ -640,62 +643,98 @@ class Workflow(IdAsReferenceMixin("", "prefix"), XMLObject):
...
@@ -640,62 +643,98 @@ class Workflow(IdAsReferenceMixin("", "prefix"), XMLObject):
else
:
else
:
return
state
return
state
security
.
declareProtected
(
Permissions
.
AccessContentsInformation
,
'getVariableValueDict'
)
def
getVariableValueDict
(
self
):
def
getVariableValueDict
(
self
):
return
{
variable
.
getReference
():
variable
return
{
variable
.
getReference
():
variable
for
variable
in
self
.
objectValues
(
portal_type
=
"Workflow Variable"
)}
for
variable
in
self
.
objectValues
(
portal_type
=
"Workflow Variable"
)}
security
.
declareProtected
(
Permissions
.
AccessContentsInformation
,
'getCurrentStatusDict'
)
security
.
declarePrivate
(
'listObjectActions'
)
def
getVariableValueList
(
self
):
def
getVariableValueList
(
self
):
return
self
.
objectValues
(
portal_type
=
"Workflow Variable"
)
return
self
.
objectValues
(
portal_type
=
"Workflow Variable"
)
security
.
declareProtected
(
Permissions
.
AccessContentsInformation
,
'getVariableIdList'
)
def
getVariableIdList
(
self
):
def
getVariableIdList
(
self
):
return
[
variable
.
getReference
()
return
[
variable
.
getReference
()
for
variable
in
self
.
objectValues
(
portal_type
=
"Workflow Variable"
)]
for
variable
in
self
.
objectValues
(
portal_type
=
"Workflow Variable"
)]
security
.
declareProtected
(
Permissions
.
AccessContentsInformation
,
'getVariableValueById'
)
def
getVariableValueById
(
self
,
variable_id
):
def
getVariableValueById
(
self
,
variable_id
):
return
self
.
_getOb
(
'variable_'
+
variable_id
,
default
=
None
)
return
self
.
_getOb
(
'variable_'
+
variable_id
,
default
=
None
)
security
.
declareProtected
(
Permissions
.
AccessContentsInformation
,
'getStateValueById'
)
def
getStateValueById
(
self
,
stated_id
):
def
getStateValueById
(
self
,
stated_id
):
return
self
.
_getOb
(
'state_'
+
stated_id
,
default
=
None
)
return
self
.
_getOb
(
'state_'
+
stated_id
,
default
=
None
)
security
.
declareProtected
(
Permissions
.
AccessContentsInformation
,
'getStateValueList'
)
def
getStateValueList
(
self
):
def
getStateValueList
(
self
):
return
self
.
objectValues
(
portal_type
=
"State"
)
return
self
.
objectValues
(
portal_type
=
"State"
)
security
.
declareProtected
(
Permissions
.
AccessContentsInformation
,
'getStateIdList'
)
def
getStateIdList
(
self
):
def
getStateIdList
(
self
):
return
[
state
.
getReference
()
return
[
state
.
getReference
()
for
state
in
self
.
objectValues
(
portal_type
=
"State"
)]
for
state
in
self
.
objectValues
(
portal_type
=
"State"
)]
security
.
declareProtected
(
Permissions
.
AccessContentsInformation
,
'getWorklistValueList'
)
def
getWorklistValueList
(
self
):
def
getWorklistValueList
(
self
):
return
self
.
objectValues
(
portal_type
=
"Worklist"
)
return
self
.
objectValues
(
portal_type
=
"Worklist"
)
security
.
declareProtected
(
Permissions
.
AccessContentsInformation
,
'getWorklistIdList'
)
def
getWorklistIdList
():
def
getWorklistIdList
():
return
[
worklist
.
getReference
()
return
[
worklist
.
getReference
()
for
worklist
in
self
.
objectValues
(
portal_type
=
"Worklist"
)]
for
worklist
in
self
.
objectValues
(
portal_type
=
"Worklist"
)]
security
.
declareProtected
(
Permissions
.
AccessContentsInformation
,
'getTransitionIdByReference'
)
def
getTransitionIdByReference
(
self
,
transition_reference
):
def
getTransitionIdByReference
(
self
,
transition_reference
):
return
'transition_'
+
transition_reference
return
'transition_'
+
transition_reference
security
.
declareProtected
(
Permissions
.
AccessContentsInformation
,
'getScriptIdByReference'
)
def
getScriptIdByReference
(
self
,
script_reference
):
def
getScriptIdByReference
(
self
,
script_reference
):
return
SCRIPT_PREFIX
+
script_reference
return
SCRIPT_PREFIX
+
script_reference
security
.
declareProtected
(
Permissions
.
AccessContentsInformation
,
'getScriptValueById'
)
def
getScriptValueById
(
self
,
script_id
):
def
getScriptValueById
(
self
,
script_id
):
return
self
.
_getOb
(
script_id
,
default
=
None
)
return
self
.
_getOb
(
script_id
,
default
=
None
)
security
.
declareProtected
(
Permissions
.
AccessContentsInformation
,
'getWorklistValueById'
)
def
getWorklistValueById
(
self
,
worklist_reference
):
def
getWorklistValueById
(
self
,
worklist_reference
):
return
self
.
_getOb
(
'worklist_'
+
worklist_reference
,
None
)
return
self
.
_getOb
(
'worklist_'
+
worklist_reference
,
None
)
security
.
declareProtected
(
Permissions
.
AccessContentsInformation
,
'getTransitionValueById'
)
def
getTransitionValueById
(
self
,
transition_reference
):
def
getTransitionValueById
(
self
,
transition_reference
):
return
self
.
_getOb
(
'transition_'
+
transition_reference
,
None
)
return
self
.
_getOb
(
'transition_'
+
transition_reference
,
None
)
security
.
declareProtected
(
Permissions
.
AccessContentsInformation
,
'getTransitionValueList'
)
def
getTransitionValueList
(
self
):
def
getTransitionValueList
(
self
):
return
self
.
objectValues
(
portal_type
=
"Transition"
)
return
self
.
objectValues
(
portal_type
=
"Transition"
)
security
.
declareProtected
(
Permissions
.
AccessContentsInformation
,
'getTransitionIdList'
)
def
getTransitionIdList
(
self
):
def
getTransitionIdList
(
self
):
return
[
transition
.
getReference
()
for
transition
return
[
transition
.
getReference
()
for
transition
in
self
.
objectValues
(
portal_type
=
"Transition"
)]
in
self
.
objectValues
(
portal_type
=
"Transition"
)]
security
.
declareProtected
(
Permissions
.
AccessContentsInformation
,
'getScriptValueList'
)
def
getScriptValueList
(
self
):
def
getScriptValueList
(
self
):
return
self
.
objectValues
(
portal_type
=
'Workflow Script'
)
return
self
.
objectValues
(
portal_type
=
'Workflow Script'
)
security
.
declarePrivate
(
'notifyWorkflowMethod'
)
def
notifyWorkflowMethod
(
self
,
ob
,
transition_list
,
args
=
None
,
kw
=
None
):
def
notifyWorkflowMethod
(
self
,
ob
,
transition_list
,
args
=
None
,
kw
=
None
):
""" Execute workflow methods.
""" Execute workflow methods.
"""
"""
...
@@ -726,12 +765,15 @@ class Workflow(IdAsReferenceMixin("", "prefix"), XMLObject):
...
@@ -726,12 +765,15 @@ class Workflow(IdAsReferenceMixin("", "prefix"), XMLObject):
activate_kw
=
{}
activate_kw
=
{}
ob
.
reindexObject
(
activate_kw
=
activate_kw
)
ob
.
reindexObject
(
activate_kw
=
activate_kw
)
security
.
declarePrivate
(
'notifyBefore'
)
def
notifyBefore
(
self
,
ob
,
transition_list
,
args
=
None
,
kw
=
None
):
def
notifyBefore
(
self
,
ob
,
transition_list
,
args
=
None
,
kw
=
None
):
pass
pass
security
.
declarePrivate
(
'notifySuccess'
)
def
notifySuccess
(
self
,
ob
,
transition_list
,
result
,
args
=
None
,
kw
=
None
):
def
notifySuccess
(
self
,
ob
,
transition_list
,
result
,
args
=
None
,
kw
=
None
):
pass
pass
security
.
declarePrivate
(
'notifyException'
)
def
notifyException
(
self
,
ob
,
action
,
exc
):
def
notifyException
(
self
,
ob
,
action
,
exc
):
'''
'''
Notifies this workflow that an action failed.
Notifies this workflow that an action failed.
...
@@ -905,7 +947,7 @@ class Workflow(IdAsReferenceMixin("", "prefix"), XMLObject):
...
@@ -905,7 +947,7 @@ class Workflow(IdAsReferenceMixin("", "prefix"), XMLObject):
else
:
else
:
return
new_state
return
new_state
security
.
declareP
ublic
(
'wrapWorkflowMethod'
)
security
.
declareP
rivate
(
'wrapWorkflowMethod'
)
def
wrapWorkflowMethod
(
self
,
ob
,
method_id
,
func
,
args
,
kw
):
def
wrapWorkflowMethod
(
self
,
ob
,
method_id
,
func
,
args
,
kw
):
'''
'''
Allows the user to request a workflow action. This method
Allows the user to request a workflow action. This method
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment