Commit 81819f22 authored by Julien Muchembled's avatar Julien Muchembled

Allow UnrestrictedMethod to be used as a decorator

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@30329 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent 9cc88da0
...@@ -79,7 +79,6 @@ from Products.CMFActivity.ActiveObject import ActiveObject ...@@ -79,7 +79,6 @@ from Products.CMFActivity.ActiveObject import ActiveObject
from Products.ERP5Type.Accessor.Accessor import Accessor as Method from Products.ERP5Type.Accessor.Accessor import Accessor as Method
from Products.ERP5Type.Accessor.TypeDefinition import asDate from Products.ERP5Type.Accessor.TypeDefinition import asDate
from Products.ERP5Type.Message import Message from Products.ERP5Type.Message import Message
from Products.ERP5Type.UnrestrictedMethod import UnrestrictedMethod
from zope.interface import classImplementsOnly, implementedBy from zope.interface import classImplementsOnly, implementedBy
......
...@@ -55,10 +55,8 @@ class LocalRoleAssignorMixIn(object): ...@@ -55,10 +55,8 @@ class LocalRoleAssignorMixIn(object):
zope.interface.implements(interfaces.ILocalRoleAssignor) zope.interface.implements(interfaces.ILocalRoleAssignor)
security.declarePrivate('updateLocalRolesOnObject') security.declarePrivate('updateLocalRolesOnObject')
def updateLocalRolesOnDocument(self, *args, **kw): @UnrestrictedMethod
return UnrestrictedMethod(self._updateLocalRolesOnDocument)(*args, **kw) def updateLocalRolesOnDocument(self, ob, user_name=None, reindex=True):
def _updateLocalRolesOnDocument(self, ob, user_name=None, reindex=True):
""" """
Assign Local Roles to Groups on object 'ob', based on Portal Type Role Assign Local Roles to Groups on object 'ob', based on Portal Type Role
Definitions and "ERP5 Role Definition" objects contained inside 'ob'. Definitions and "ERP5 Role Definition" objects contained inside 'ob'.
......
...@@ -48,13 +48,13 @@ class PrivilegedUser(UnrestrictedUser): ...@@ -48,13 +48,13 @@ class PrivilegedUser(UnrestrictedUser):
"""Get the ID of the user. This is disabled in UnrestrictedUser.""" """Get the ID of the user. This is disabled in UnrestrictedUser."""
return self.getUserName() return self.getUserName()
class UnrestrictedMethod(object): def UnrestrictedMethod(function):
"""Callable object that bypasses all security checks. """Decorator to bypass all security checks.
This method is dangerous. Never use this, until you are 100% certain This method is dangerous. Never use this, until you are 100% certain
that you have no other way. that you have no other way.
When a method is wrapped with an instance of this class, it will behave When a function is wrapped with this decorator, it will behave
in the same way as before, besides that all security checks pass through. in the same way as before, besides that all security checks pass through.
This is required, for example, for the simulation to expand movements, This is required, for example, for the simulation to expand movements,
regardless of the permissions given to a user. regardless of the permissions given to a user.
...@@ -66,10 +66,9 @@ class UnrestrictedMethod(object): ...@@ -66,10 +66,9 @@ class UnrestrictedMethod(object):
This method is dangerous. Enough said. Be careful. This method is dangerous. Enough said. Be careful.
""" """
def __init__(self, method): return lambda *args, **kw: _unrestricted_apply(function, args, kw)
self._m = method
def __call__(self, *args, **kw): def _unrestricted_apply(function, args, kw):
security_manager = getSecurityManager() security_manager = getSecurityManager()
user = security_manager.getUser() user = security_manager.getUser()
anonymous = (user.getUserName() == 'Anonymous User') anonymous = (user.getUserName() == 'Anonymous User')
...@@ -94,8 +93,7 @@ class UnrestrictedMethod(object): ...@@ -94,8 +93,7 @@ class UnrestrictedMethod(object):
role_list, user.getDomains()).__of__(uf) role_list, user.getDomains()).__of__(uf)
newSecurityManager(None, super_user) newSecurityManager(None, super_user)
try: try:
return self._m(*args, **kw) return apply(function, args, kw)
finally: finally:
# Make sure that the original user is back. # Make sure that the original user is back.
setSecurityManager(security_manager) setSecurityManager(security_manager)
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment