Commit 98181cc1 authored by Cédric Le Ninivin's avatar Cédric Le Ninivin

erp5_crm: Update Base_readEvent to consider it is a link

parent ff9813c3
...@@ -60,13 +60,9 @@ portal = context.getPortalObject()\n ...@@ -60,13 +60,9 @@ portal = context.getPortalObject()\n
request = context.REQUEST\n request = context.REQUEST\n
event_id = request[\'id\']\n event_id = request[\'id\']\n
\n \n
user = portal.ERP5Site_getAuthenticatedMemberPersonValue()\n # If the referer contains the url of the event we are probably viewing the event\n
# If we have a logged in user it\'s probably a backoffice agent.\n # from ERP5 interface. We do not want to mark the event as delivered in that case\n
if user is None:\n if not (\'/event_module/%s\' % event_id) in request.HTTP_REFERER:\n
# If the referer contains the url of the event we are probably viewing the event\n
# from ERP5 interface. We do not want to mark the event as delivered in that case\n
# It can also be from fckeditor, in this case we don\'t have the event url in REFERER.\n
if not ( (\'/event_module/%s\' % event_id) in request.HTTP_REFERER or \'fckeditor\' in request.HTTP_REFERER):\n
if portal.Base_getHMACHexdigest(portal.Base_getEventHMACKey(), event_id) != request["hash"]:\n if portal.Base_getHMACHexdigest(portal.Base_getEventHMACKey(), event_id) != request["hash"]:\n
from zExceptions import Unauthorized\n from zExceptions import Unauthorized\n
raise Unauthorized()\n raise Unauthorized()\n
...@@ -76,7 +72,7 @@ if user is None:\n ...@@ -76,7 +72,7 @@ if user is None:\n
hmac=request["hash"])\n hmac=request["hash"])\n
\n \n
# serve the image\n # serve the image\n
return context.index_html(request, request.RESPONSE, format=None)\n return context.Base_redirect(\'\')\n
</string> </value> </string> </value>
</item> </item>
<item> <item>
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment