Commit 0c2b6f83 authored by Alexandre Boeglin's avatar Alexandre Boeglin

Removed Skin name filtering from the code, to a reminder, for possible future use.


git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@3252 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent cc83124b
......@@ -39,9 +39,6 @@ from RoleInformation import ori
from zLOG import LOG
import re
action_basename_re = re.compile("\/([^\/\?]+)(\?.+)?$")
ERP5TYPE_ROLE_INIT_SCRIPT = 'ERP5Type_initLocalRoleMapping'
class ERP5TypeInformation( FactoryTypeInformation, RoleProviderBase ):
......@@ -99,13 +96,6 @@ class ERP5TypeInformation( FactoryTypeInformation, RoleProviderBase ):
, 'label':'Base Categories'
, 'select_variable':'getBaseCategoryList'
},
{'id':'filter_actions', 'type': 'boolean', 'mode':'w',
'label':'Filter actions?'},
{'id':'allowed_action_list'
, 'type': 'lines'
, 'mode':'w'
, 'label':'Allowed actions'
},
))
property_sheet_list = ()
......@@ -176,29 +166,6 @@ class ERP5TypeInformation( FactoryTypeInformation, RoleProviderBase ):
"""
return self.hidden_content_type_list
security.declareProtected(ERP5Permissions.AccessContentsInformation, 'isActionAllowed')
def isActionAllowed( self, action=None ):
"""
Return list of allowed actions.
You can define a 'allowed_action_list' property (as lines) on the portal_types object
to define actions that will be available for all portal types.
"""
if not self.filter_actions :
return 1 # everything is allowed
global_allowed_action_list = list(self.portal_types.getProperty('allowed_action_list', []))
action_list = list(self.allowed_action_list) + global_allowed_action_list
for ob_action in self._actions :
action_basename = action_basename_re.search(ob_action.action.text).group(1)
if len(action_basename) :
action_list.append(action_basename_re.search(ob_action.action.text).group(1))
LOG('isActionAllowed for %s :' % self.title_or_id(), 0, 'looking for %s in %s : %s' % (action, action_list, action in action_list))
if action in action_list :
return 1
return 0
security.declareProtected(ERP5Permissions.AccessContentsInformation, 'getBaseCategoryList')
def getBaseCategoryList( self ):
result = self.portal_categories.getBaseCategoryList()
......
Index: ERP5Type.py
===================================================================
RCS file: /cvsroot/ERP5Type/ERP5Type.py,v
retrieving revision 2.13
retrieving revision 2.14
diff -u -r2.13 -r2.14
--- ERP5Type.py 9 May 2005 09:32:34 -0000 2.13
+++ ERP5Type.py 7 Jun 2005 18:52:23 -0000 2.14
@@ -39,6 +39,9 @@
from zLOG import LOG
+import re
+action_basename_re = re.compile("\/([^\/\?]+)(\?.+)?$")
+
ERP5TYPE_ROLE_INIT_SCRIPT = 'ERP5Type_initLocalRoleMapping'
class ERP5TypeInformation( FactoryTypeInformation, RoleProviderBase ):
@@ -96,6 +99,13 @@
, 'label':'Base Categories'
, 'select_variable':'getBaseCategoryList'
},
+ {'id':'filter_actions', 'type': 'boolean', 'mode':'w',
+ 'label':'Filter actions?'},
+ {'id':'allowed_action_list'
+ , 'type': 'lines'
+ , 'mode':'w'
+ , 'label':'Allowed actions'
+ },
))
property_sheet_list = ()
@@ -104,13 +114,15 @@
product = 'ERP5Type'
immediate_view = 'view'
hidden_content_type_list = ()
+ filter_actions = 0
+ allowed_action_list = []
#
# Acquisition editing interface
@@ -164,6 +176,29 @@
"""
return self.hidden_content_type_list
+ security.declareProtected(ERP5Permissions.AccessContentsInformation, 'isActionAllowed')
+ def isActionAllowed( self, action=None ):
+ """
+ Return list of allowed actions.
+
+ You can define a 'allowed_action_list' property (as lines) on the portal_types object
+ to define actions that will be available for all portal types.
+ """
+ if not self.filter_actions :
+ return 1 # everything is allowed
+
+ global_allowed_action_list = list(self.portal_types.getProperty('allowed_action_list', []))
+ action_list = list(self.allowed_action_list) + global_allowed_action_list
+ for ob_action in self._actions :
+ action_basename = action_basename_re.search(ob_action.action.text).group(1)
+ if len(action_basename) :
+ action_list.append(action_basename_re.search(ob_action.action.text).group(1))
+
+ if action in action_list :
+ return 1
+ return 0
+
security.declareProtected(ERP5Permissions.AccessContentsInformation, 'getBaseCategoryList')
def getBaseCategoryList( self ):
result = self.portal_categories.getBaseCategoryList()
Index: ZopePatch.py
===================================================================
RCS file: /cvsroot/ERP5Type/ZopePatch.py,v
retrieving revision 2.44
retrieving revision 2.45
diff -u -r2.44 -r2.45
--- ZopePatch.py 3 Jun 2005 14:22:21 -0000 2.44
+++ ZopePatch.py 7 Jun 2005 18:52:23 -0000 2.45
@@ -1848,3 +1848,48 @@
catalog.reindexObject(self, idxs=idxs, *args, **kw)
CMFCatalogAware.reindexObject = reindexObject
+
+
+##########################################
+# ERP5TypeInformation filtered actions
+
+from ZPublisher.BaseRequest import BaseRequest
+
+BaseRequest.old_traverse = BaseRequest.traverse
+def new_traverse(self, path, response=None, validated_hook=None) :
+ object = self.old_traverse(path, response=response, validated_hook=validated_hook)
+ object_id_getter = getattr(object, 'getId', None)
+ if response is None: response=self.response
+
+ if hasattr(object, 'unrestrictedTraverse') :
+ portal_skins = aq_base(object.unrestrictedTraverse('portal_skins', default=None))
+ if portal_skins is not None :
+ skin_list = []
+ for skin_folder in portal_skins.getSkinPath(portal_skins.getDefaultSkin()).split(',') :
+ skin_folder_object = getattr(portal_skins, skin_folder, None)
+ if skin_folder_object is not None :
+ for skin in skin_folder_object._objects :
+ skin_list.append(skin['id'])
+
+ if object_id_getter is not None :
+ object_id = object_id_getter()
+ if object_id in skin_list :
+ parent = object.aq_parent
+ portal_type_getter = getattr(parent, 'getPortalType', None)
+ if portal_type_getter is not None :
+ portal_type_object = getattr(object.portal_types, portal_type_getter(), None)
+ if portal_type_object is not None :
+ allowed = portal_type_object.isActionAllowed(action=object_id)
+ if allowed == 0 :
+ response.unauthorized()
+
+ return object
+
+BaseRequest.traverse = new_traverse
......@@ -1849,47 +1849,3 @@ def reindexObject(self, idxs=[], *args, **kw):
CMFCatalogAware.reindexObject = reindexObject
##########################################
# ERP5TypeInformation filtered actions
from ZPublisher.BaseRequest import BaseRequest
BaseRequest.old_traverse = BaseRequest.traverse
def new_traverse(self, path, response=None, validated_hook=None) :
import time
start_time = time.time()
object = self.old_traverse(path, response=response, validated_hook=validated_hook)
object_id_getter = getattr(object, 'getId', None)
if response is None: response=self.response
# LOG('My Traverse absolute_url', 0, path )
if hasattr(object, 'unrestrictedTraverse') :
portal_skins = aq_base(object.unrestrictedTraverse('portal_skins', default=None))
if portal_skins is not None :
skin_list = []
for skin_folder in portal_skins.getSkinPath(portal_skins.getDefaultSkin()).split(',') :
skin_folder_object = getattr(portal_skins, skin_folder, None)
if skin_folder_object is not None :
for skin in skin_folder_object._objects :
skin_list.append(skin['id'])
if object_id_getter is not None :
object_id = object_id_getter()
if object_id in skin_list :
parent = object.aq_parent
portal_type_getter = getattr(parent, 'getPortalType', None)
if portal_type_getter is not None :
portal_type_object = getattr(object.portal_types, portal_type_getter(), None)
if portal_type_object is not None :
allowed = portal_type_object.isActionAllowed(action=object_id)
# LOG('My Traverse allowed', 0, repr(( path, object, allowed )))
if allowed == 0 :
LOG('My Traverse failed after TIMEEEEEEEEEEE', 0, time.time() - start_time)
response.unauthorized()
# LOG('My Traverse succeded after TIMEEEEEEEEEEE', 0, time.time() - start_time)
return object
BaseRequest.traverse = new_traverse
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment