Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
erp5
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Xiaowu Zhang
erp5
Commits
9d6c0b16
Commit
9d6c0b16
authored
Feb 20, 2015
by
Kazuhiko Shiozaki
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
add unrestricted_contextmanager.
parent
2155dbf5
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
13 additions
and
1 deletion
+13
-1
product/ERP5Type/UnrestrictedMethod.py
product/ERP5Type/UnrestrictedMethod.py
+13
-1
No files found.
product/ERP5Type/UnrestrictedMethod.py
View file @
9d6c0b16
...
@@ -26,6 +26,7 @@
...
@@ -26,6 +26,7 @@
#
#
##############################################################################
##############################################################################
from
contextlib
import
contextmanager
from
AccessControl.User
import
UnrestrictedUser
from
AccessControl.User
import
UnrestrictedUser
from
AccessControl.SpecialUsers
import
system
from
AccessControl.SpecialUsers
import
system
from
AccessControl.SecurityManagement
import
getSecurityManager
,
\
from
AccessControl.SecurityManagement
import
getSecurityManager
,
\
...
@@ -69,6 +70,17 @@ def UnrestrictedMethod(function):
...
@@ -69,6 +70,17 @@ def UnrestrictedMethod(function):
def
unrestricted_apply
(
function
,
args
=
(),
kw
=
{}):
# XXX-JPS: naming
def
unrestricted_apply
(
function
,
args
=
(),
kw
=
{}):
# XXX-JPS: naming
"""Function to bypass all security checks
"""Function to bypass all security checks
This function is as dangerous as 'UnrestrictedMethod' decorator. Read its
docstring for more information. Never use this, until you are 100% certain
that you have no other way.
"""
with
unrestricted_contextmanager
():
return
apply
(
function
,
args
,
kw
)
@
contextmanager
def
unrestricted_contextmanager
():
"""Function to bypass all security checks
This function is as dangerous as 'UnrestrictedMethod' decorator. Read its
This function is as dangerous as 'UnrestrictedMethod' decorator. Read its
docstring for more information. Never use this, until you are 100% certain
docstring for more information. Never use this, until you are 100% certain
that you have no other way.
that you have no other way.
...
@@ -99,7 +111,7 @@ def unrestricted_apply(function, args=(), kw={}): # XXX-JPS: naming
...
@@ -99,7 +111,7 @@ def unrestricted_apply(function, args=(), kw={}): # XXX-JPS: naming
role_list
,
user
.
getDomains
()).
__of__
(
uf
)
role_list
,
user
.
getDomains
()).
__of__
(
uf
)
newSecurityManager
(
None
,
super_user
)
newSecurityManager
(
None
,
super_user
)
try
:
try
:
return
apply
(
function
,
args
,
kw
)
yield
finally
:
finally
:
# Make sure that the original user is back.
# Make sure that the original user is back.
setSecurityManager
(
security_manager
)
setSecurityManager
(
security_manager
)
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment