Commit f84e2f62 authored by Kazuhiko Shiozaki's avatar Kazuhiko Shiozaki

Add more security declarations.

parent 175d43ad
......@@ -73,6 +73,14 @@ if len(delivery_solve_property_dict) or len(divergence_to_accept_list) \\\n
<key> <string>_params</string> </key>
<value> <string>state_change</string> </value>
</item>
<item>
<key> <string>_proxy_roles</string> </key>
<value>
<tuple>
<string>Manager</string>
</tuple>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>Delivery_solveDivergence</string> </value>
......
......@@ -58,6 +58,8 @@ class CredentialRecovery(Ticket, EncryptedPasswordMixin):
, PropertySheet.Url
)
security.declareProtected(Permissions.AccessContentsInformation,
'isAnswerCorrect')
def isAnswerCorrect(self):
'''
Check if the given answer match the real answer
......
......@@ -76,6 +76,14 @@ return \'Done.\'\n
<key> <string>_params</string> </key>
<value> <string>count = 1000</string> </value>
</item>
<item>
<key> <string>_proxy_roles</string> </key>
<value>
<tuple>
<string>Manager</string>
</tuple>
</value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>Zuite_waitForActivities</string> </value>
......
......@@ -31,6 +31,7 @@ import warnings
from contextlib import contextmanager
from AccessControl import ClassSecurityInfo
from Acquisition import aq_base
from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type.TransactionalVariable import getTransactionalVariable
from ActivityRuntimeEnvironment import getActivityRuntimeEnvironment
from AccessControl import Unauthorized
......@@ -58,6 +59,7 @@ class ActiveObject(ExtensionClass.Base):
security = ClassSecurityInfo()
security.declarePublic('activate')
def activate(self, activity=DEFAULT_ACTIVITY, active_process=None,
activate_kw=None, REQUEST=None, **kw):
"""Returns an active wrapper for this object.
......@@ -207,3 +209,5 @@ class ActiveObject(ExtensionClass.Base):
def getActivityRuntimeEnvironment(self):
return getActivityRuntimeEnvironment()
InitializeClass(ActiveObject)
......@@ -808,6 +808,7 @@ class ActivityTool (Folder, UniqueObject):
self.subscribe()
Folder.inheritedAttribute('manage_afterAdd')(self, item, container)
security.declareProtected(CMFCorePermissions.ManagePortal, 'getServerAddress')
def getServerAddress(self):
"""
Backward-compatibility code only.
......@@ -828,6 +829,7 @@ class ActivityTool (Folder, UniqueObject):
_server_address = '%s:%s' %(ip, port)
return _server_address
security.declareProtected(CMFCorePermissions.ManagePortal, 'getCurrentNode')
def getCurrentNode(self):
""" Return current node identifier """
global currentNode
......@@ -848,7 +850,7 @@ class ActivityTool (Folder, UniqueObject):
currentNode = self.getServerAddress()
return currentNode
security.declarePublic('getDistributingNode')
security.declareProtected(CMFCorePermissions.ManagePortal, 'getDistributingNode')
def getDistributingNode(self):
""" Return the distributingNode """
return self.distributingNode
......@@ -977,6 +979,7 @@ class ActivityTool (Folder, UniqueObject):
'/manageLoadBalancing?manage_tabs_message=' +
urllib.quote(message))
security.declarePrivate('process_shutdown')
def process_shutdown(self, phase, time_in_phase):
"""
Prevent shutdown from happening while an activity queue is
......@@ -989,6 +992,7 @@ class ActivityTool (Folder, UniqueObject):
is_running_lock.acquire()
LOG('CMFActivity', INFO, "Shutdown: Activities finished.")
security.declareProtected(CMFCorePermissions.ManagePortal, 'process_timer')
def process_timer(self, tick, interval, prev="", next=""):
"""
Call distribute() if we are the Distributing Node and call tic()
......@@ -1112,6 +1116,7 @@ class ActivityTool (Folder, UniqueObject):
return True
return False
security.declarePrivate('getActivityBuffer')
def getActivityBuffer(self, create_if_not_found=True):
"""
Get activtity buffer for this thread for this activity tool.
......
......@@ -452,6 +452,8 @@ class Category(Folder):
display_id='logical_path',
base=base, **kw)
security.declareProtected(Permissions.AccessContentsInformation,
'getCategoryChildTranslatedLogicalPathItemList')
def getCategoryChildTranslatedLogicalPathItemList(self,
recursive=1, base=0, **kw):
"""
......@@ -652,6 +654,7 @@ class Category(Folder):
# Predicate interface
_operators = []
security.declareProtected(Permissions.AccessContentsInformation, 'test')
def test(self, context):
"""
A Predicate can be tested on a given context
......@@ -799,10 +802,12 @@ class BaseCategory(Category):
# BBB: Required to start instance with old
# version of erp5_property_sheets BT.
related_locally_indexed = False
security.declarePrivate('isRelatedLocallyIndexed')
def isRelatedLocallyIndexed(self):
"""Determines if related values should be indexed on target documents"""
return self.related_locally_indexed
security.declareProtected(Permissions.AccessContentsInformation, 'asSQLExpression')
def asSQLExpression(self, strict_membership=0, table='category', base_category=None):
"""
A Predicate can be rendered as an sql expression. This
......
......@@ -65,7 +65,8 @@ class Agent(Folder, Image):
security.declareProtected(Permissions.AccessContentsInformation, 'viewImage')
viewImage = Image.index_html
security.declareProtected(Permissions.ModifyPortalContent, 'importSignature')
def importSignature(self, import_file=None, form_id=None, REQUEST=None, **kw):
"""
Imports a scan of a signature.
......@@ -89,4 +90,3 @@ class Agent(Folder, Image):
ret_url = self.absolute_url() + '/' + REQUEST.get('form_id', 'view')
REQUEST.RESPONSE.redirect("%s?portal_status_message=Signature+Imported+Successfully"
% ret_url)
......@@ -57,6 +57,8 @@ class BaseCategory(CMFBaseCategory, XMLObject):
, PropertySheet.Predicate)
# Experimental - WebDAV browsing support - ask JPS
security.declareProtected(Permissions.AccessContentsInformation,
'experimental_listDAVObjects')
def experimental_listDAVObjects(self):
from zLOG import LOG
LOG("BaseCategory listDAVObjects" ,0, "listDAVObjects")
......
......@@ -56,7 +56,9 @@ class BudgetModel(Predicate):
# Declarative security
security = ClassSecurityInfo()
security.declareObjectProtected(Permissions.AccessContentsInformation)
security.declareProtected(Permissions.AccessContentsInformation,
'getCellRangeForBudgetLine')
def getCellRangeForBudgetLine(self, budget_line, matrixbox=0):
"""Return the cell range to use for the budget.
"""
......@@ -74,6 +76,8 @@ class BudgetModel(Predicate):
cell_range.extend(variation_cell_range)
return cell_range
security.declareProtected(Permissions.AccessContentsInformation,
'getConsumptionCellRangeForBudgetLine')
def getConsumptionCellRangeForBudgetLine(self, budget_line, matrixbox=0, engaged_budget=False):
"""Return the cell range to use for the budget consumption.
......@@ -94,6 +98,8 @@ class BudgetModel(Predicate):
cell_range.extend(variation_cell_range)
return cell_range
security.declareProtected(Permissions.AccessContentsInformation,
'getInventoryQueryDict')
def getInventoryQueryDict(self, budget_cell):
"""Returns the query dict to pass to simulation query for a budget cell
"""
......@@ -112,6 +118,8 @@ class BudgetModel(Predicate):
query_dict.setdefault('at_date', start_date_range_max.latestTime())
return query_dict
security.declareProtected(Permissions.AccessContentsInformation,
'getInventoryListQueryDict')
def getInventoryListQueryDict(self, budget_line):
"""Returns the query dict to pass to simulation query for a budget line
"""
......@@ -154,7 +162,9 @@ class BudgetModel(Predicate):
if key:
cell_key += (key,)
return cell_key
security.declareProtected(Permissions.AccessContentsInformation,
'asBudgetPredicate')
def asBudgetPredicate(self):
" "
# XXX predicate for line / cell ?
......
......@@ -121,6 +121,8 @@ class BusinessLink(Path, Predicate):
method = getattr(movement, method_id) # We wish to raise if it does not exist
return method()
security.declareProtected(Permissions.AccessContentsInformation,
'getCompletionDate')
def getCompletionDate(self, explanation):
"""Returns the date of completion of business path in the
context of the explanation. The completion date of the Business
......@@ -220,6 +222,7 @@ class BusinessLink(Path, Predicate):
return False
return True
security.declareProtected(Permissions.AccessContentsInformation, 'isDelivered')
def isDelivered(self, explanation):
"""Returns True is all simulation movements related to this
Business Link in the context of given explanation are built
......
This diff is collapsed.
......@@ -145,6 +145,8 @@ class Category(CMFCategory, Predicate, MetaNode, MetaResource):
return None
# Experimental - WebDAV browsing support - ask JPS
security.declareProtected(Permissions.AccessContentsInformation,
'experimental_listDAVObjects')
def experimental_listDAVObjects(self):
"""
"""
......
......@@ -56,10 +56,14 @@ class CategoryBudgetVariation(BudgetVariation):
# zope.interface.implements(BudgetVariation, )
security.declareProtected(Permissions.AccessContentsInformation,
'asBudgetPredicate')
def asBudgetPredicate(self):
"""This budget variation in a predicate
"""
security.declareProtected(Permissions.AccessContentsInformation,
'getCellRangeForBudgetLine')
def getCellRangeForBudgetLine(self, budget_line, matrixbox=0):
"""The cell range added by this variation
"""
......@@ -69,6 +73,8 @@ class CategoryBudgetVariation(BudgetVariation):
return [[(i[1], i[0]) for i in item_list if i[1] in variation_category_list]]
return [[i[1] for i in item_list if i[1] in variation_category_list]]
security.declareProtected(Permissions.AccessContentsInformation,
'getConsumptionCellRangeForBudgetLine')
def getConsumptionCellRangeForBudgetLine(self, budget_line, matrixbox=0, engaged_budget=False):
"""The cell range added by this variation for consumption
"""
......@@ -101,6 +107,8 @@ class CategoryBudgetVariation(BudgetVariation):
return [[(i[1], i[0]) for i in item_list if i[0] in used_node_item_set]]
return [[i[1] for i in item_list if i[1] in used_node_item_set]]
security.declareProtected(Permissions.AccessContentsInformation,
'getInventoryQueryDict')
def getInventoryQueryDict(self, budget_cell):
""" Query dict to pass to simulation query
"""
......@@ -144,6 +152,8 @@ class CategoryBudgetVariation(BudgetVariation):
return query_dict
security.declareProtected(Permissions.AccessContentsInformation,
'getInventoryListQueryDict')
def getInventoryListQueryDict(self, budget_line):
"""Returns the query dict to pass to simulation query for a budget line
"""
......@@ -195,6 +205,8 @@ class CategoryBudgetVariation(BudgetVariation):
return query_dict
return {}
security.declareProtected(Permissions.AccessContentsInformation,
'getBudgetVariationRangeCategoryList')
def getBudgetVariationRangeCategoryList(self, context):
"""Returns the Variation Range Category List that can be applied to this
budget.
......@@ -216,6 +228,8 @@ class CategoryBudgetVariation(BudgetVariation):
checked_permission='View')
security.declareProtected(Permissions.AccessContentsInformation,
'getBudgetLineVariationRangeCategoryList')
def getBudgetLineVariationRangeCategoryList(self, budget_line):
"""Returns the Variation Range Category List that can be applied to this
budget line.
......@@ -246,6 +260,8 @@ class CategoryBudgetVariation(BudgetVariation):
return getattr(portal.portal_categories.unrestrictedTraverse(base_category),
item_list_method)(**item_list_method_parameter_dict)
security.declareProtected(Permissions.ModifyPortalContent,
'initializeBudgetLine')
def initializeBudgetLine(self, budget_line):
"""Initialize a budget line
"""
......@@ -263,6 +279,8 @@ class CategoryBudgetVariation(BudgetVariation):
budget_line.setMembershipCriterionBaseCategoryList(
budget_line_membership_criterion_base_category_list)
security.declareProtected(Permissions.ModifyPortalContent,
'initializeBudget')
def initializeBudget(self, budget):
"""Initialize a budget.
"""
......
......@@ -108,6 +108,8 @@ class Container(Movement, XMLObject):
"""
return False
security.declareProtected(Permissions.AccessContentsInformation,
'getContainerText')
def getContainerText(self):
"""
Creates a unique string which allows to compare/hash two containers
......
......@@ -339,6 +339,7 @@ class Delivery(XMLObject, ImmobilisationDelivery, SimulableMixin,
divergence_list.extend(simulation_movement.getDivergenceList())
return divergence_list
security.declareProtected(Permissions.AccessContentsInformation, 'updateCausalityState')
@UnrestrictedMethod
def updateCausalityState(self, solve_automatically=True, **kw):
"""
......@@ -369,6 +370,8 @@ class Delivery(XMLObject, ImmobilisationDelivery, SimulableMixin,
if kw:
super(Delivery, self).updateSimulation(**kw)
security.declareProtected(Permissions.AccessContentsInformation,
'splitAndDeferMovementList')
def splitAndDeferMovementList(self, start_date=None, stop_date=None,
movement_uid_list=[], delivery_solver=None,
target_solver='CopyToTarget', delivery_builder=None):
......@@ -757,6 +760,8 @@ class Delivery(XMLObject, ImmobilisationDelivery, SimulableMixin,
"""
pass
security.declareProtected(Permissions.AccessContentsInformation,
'getBuilderList')
def getBuilderList(self):
"""Returns appropriate builder list."""
return self._getTypeBasedMethod('getBuilderList')()
......@@ -832,6 +837,8 @@ class Delivery(XMLObject, ImmobilisationDelivery, SimulableMixin,
result += movement.getDeliveryRelatedValueList()
return result
security.declareProtected(Permissions.AccessContentsInformation,
'getDivergentTesterAndSimulationMovementList')
def getDivergentTesterAndSimulationMovementList(self):
"""
This method returns a list of (tester, simulation_movement) for each divergence.
......
......@@ -465,6 +465,7 @@ class DeliveryLine(Movement, XMLMatrix, ImmobilisationMovement):
delivery_ratio = 1.0 / len(s_m_list_per_movement)
s_m.edit(delivery_ratio=delivery_ratio)
security.declareProtected(Permissions.ModifyPortalContent, 'solve')
def solve(self, decision_list):
"""Solves line according to decision list
"""
......
......@@ -313,7 +313,7 @@ class Document(DocumentExtensibleTraversableMixin, XMLObject, UrlMixin,
text = self.getSearchableText() # XXX getSearchableText or asText ?
return self._getSearchableReferenceList(text)
security.declareProtected(Permissions.AccessContentsInformation, 'getSearchableReferenceList')
security.declareProtected(Permissions.AccessContentsInformation, 'isSearchableReference')
def isSearchableReference(self):
"""
Determine if current document's reference can be used for searching - i.e. follows
......
......@@ -120,6 +120,8 @@ class Domain(Predicate, MetaNode, MetaResource):
domain = self.newContent(id=id, portal_type='Domain', temp_object=1)
return domain.__of__(self)
security.declareProtected(Permissions.AccessContentsInformation,
'getChildDomainValueList')
def getChildDomainValueList(self, parent = None, **kw):
"""
Return child domain objects already present or me may generate
......@@ -130,6 +132,8 @@ class Domain(Predicate, MetaNode, MetaResource):
return self.portal_domains.getChildDomainValueList(parent, **kw)
# Experimental - WebDAV browsing support - ask JPS
security.declareProtected(Permissions.AccessContentsInformation,
'experimental_listDAVObjects')
def experimental_listDAVObjects(self):
result = self.objectValues(portal_type = self.getPortalType())
result.extend(self.portal_catalog(selection_domain = self))
......
......@@ -30,6 +30,7 @@ from AccessControl import ClassSecurityInfo
from Products.ERP5Type import Permissions, PropertySheet
from Products.ERP5Type.Accessor.Constant import PropertyGetter as ConstantGetter
from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5.Document.Movement import Movement
from Products.ERP5.Document.EmailDocument import EmailDocument
......@@ -60,6 +61,8 @@ class AcknowledgeableMixin:
return method(**kw)
return None
security.declareProtected(Permissions.AccessContentsInformation,
'hasAcknowledgementActivity')
def hasAcknowledgementActivity(self, user_name=None):
"""
We will check if there is some current activities running or not
......@@ -88,6 +91,8 @@ class AcknowledgeableMixin:
result = True
return result
InitializeClass(AcknowledgeableMixin)
class Event(Movement, EmailDocument, AcknowledgeableMixin):
"""
Event is the base class for all events in ERP5.
......
......@@ -57,6 +57,7 @@ class FIFODeliverySolver(XMLObject):
zope.interface.implements(interfaces.IDeliverySolver,)
# IDeliverySolver Implementation
security.declareProtected(Permissions.AccessContentsInformation, 'getTotalQuantity')
def getTotalQuantity(self):
"""
Move this to mixin
......@@ -66,6 +67,7 @@ class FIFODeliverySolver(XMLObject):
total_quantity += movement.getQuantity()
return total_quantity
security.declareProtected(Permissions.ModifyPortalContent, 'setTotalQuantity')
def setTotalQuantity(self, new_quantity, activate_kw=None):
"""
"""
......
......@@ -120,12 +120,14 @@ class File(Document, CMFFile):
security.declareProtected( Permissions.ModifyPortalContent, 'edit' )
edit = WorkflowMethod( _edit )
security.declareProtected(Permissions.View, 'get_size')
def get_size(self):
"""
has to be overwritten here, otherwise WebDAV fails
"""
return self.getSize()
security.declareProtected(Permissions.View, 'getcontentlength')
getcontentlength = get_size
def _get_content_type(*args, **kw):
......
......@@ -438,6 +438,7 @@ class Image(TextConvertableMixin, File, OFSImage):
File.PUT(self, REQUEST, RESPONSE)
self._update_image_info()
security.declareProtected(Permissions.AccessContentsInformation, 'getDefaultImageQuality')
def getDefaultImageQuality(self, format=None):
"""
Get default image quality for a format.
......
......@@ -70,6 +70,7 @@ class Item(XMLObject, Amount):
"""
return XMLObject.generateNewId(self, id_group=id_group, default=default, method=method)
security.declareProtected(Permissions.AccessContentsInformation, 'getPrice')
def getPrice(self,context=None,**kw):
"""
Get the Price in the context.
......@@ -84,16 +85,15 @@ class Item(XMLObject, Amount):
if resource is not None:
local_price = resource.getPrice(self.asContext( context=context, **kw))
return local_price
security.declareProtected(Permissions.ModifyPortalContent, 'getRemainingQuantity')
security.declareProtected(Permissions.AccessContentsInformation,
'getRemainingQuantity')
def getRemainingQuantity(self):
"""
Computes the quantity of an item minus quantity of all sub_items
"""
sub_quantity = 0
sub_item_list = [document
for document in self.objectValues()
if document.isItem()]
for sub_item in sub_item_list :
sub_quantity += sub_item.getQuantity()
for sub_item in self.objectValues():
if sub_item.isItem():
sub_quantity += sub_item.getQuantity()
return self.getQuantity() - sub_quantity
......@@ -57,6 +57,7 @@ class MinimisePriceDeliverySolver(FIFODeliverySolver):
zope.interface.implements(interfaces.IDeliverySolver,)
# IDeliverySolver Implementation
security.declareProtected(Permissions.ModifyPortalContent, 'setTotalQuantity')
def setTotalQuantity(self, new_quantity, activate_kw=None):
"""
"""
......
......@@ -512,6 +512,8 @@ class Movement(XMLObject, Amount, CompositionMixin, AmountGeneratorMixin):
return True
return False
security.declareProtected(Permissions.AccessContentsInformation,
'getDivergenceList')
def getDivergenceList(self):
"""
Return a list of messages that contains the divergences
......
......@@ -45,6 +45,8 @@ class NetConvertedQuantityEquivalenceTester(FloatEquivalenceTester):
security = ClassSecurityInfo()
security.declareObjectProtected(Permissions.AccessContentsInformation)
security.declareProtected(Permissions.AccessContentsInformation,
'getUpdatablePropertyDict')
def getUpdatablePropertyDict(self, prevision_movement, decision_movement):
"""
Returns a list of properties to update on decision_movement
......
......@@ -61,6 +61,8 @@ class NodeBudgetVariation(BudgetVariation):
# zope.interface.implements(BudgetVariation, )
security.declareProtected(Permissions.AccessContentsInformation,
'asBudgetPredicate')
def asBudgetPredicate(self):
"""This budget variation in a predicate
"""
......@@ -87,6 +89,8 @@ class NodeBudgetVariation(BudgetVariation):
node_title_method_id = self.getProperty('node_title_method_id', 'getTitle')
return guarded_getattr(node, node_title_method_id)()
security.declareProtected(Permissions.AccessContentsInformation,
'getCellRangeForBudgetLine')
def getCellRangeForBudgetLine(self, budget_line, matrixbox=0):
"""The cell range added by this variation
"""
......@@ -103,6 +107,8 @@ class NodeBudgetVariation(BudgetVariation):
return [[i for i in node_item_list if i[0] in variation_category_list]]
return [[i[0] for i in node_item_list if i[0] in variation_category_list]]
security.declareProtected(Permissions.AccessContentsInformation,
'getConsumptionCellRangeForBudgetLine')
def getConsumptionCellRangeForBudgetLine(self, budget_line, matrixbox=0, engaged_budget=False):
"""The cell range added by this variation for consumption
"""
......@@ -136,6 +142,8 @@ class NodeBudgetVariation(BudgetVariation):
return [[i for i in node_item_list if i[0] in used_node_item_set]]
return [[i[0] for i in node_item_list if i[0] in used_node_item_set]]
security.declareProtected(Permissions.AccessContentsInformation,
'getInventoryQueryDict')
def getInventoryQueryDict(self, budget_cell):
""" Query dict to pass to simulation query
"""
......@@ -218,6 +226,8 @@ class NodeBudgetVariation(BudgetVariation):
return query_dict
security.declareProtected(Permissions.AccessContentsInformation,
'getInventoryListQueryDict')
def getInventoryListQueryDict(self, budget_line):
"""Returns the query dict to pass to simulation query for a budget line
"""
......@@ -309,6 +319,8 @@ class NodeBudgetVariation(BudgetVariation):
self.getProperty('variation_base_category'),)
return key
security.declareProtected(Permissions.AccessContentsInformation,
'getBudgetLineVariationRangeCategoryList')
def getBudgetLineVariationRangeCategoryList(self, budget_line):
"""Returns the Variation Range Category List that can be applied to this
budget line.
......@@ -320,6 +332,8 @@ class NodeBudgetVariation(BudgetVariation):
return [(self._getNodeTitle(node), '%s%s' % (prefix, node.getRelativeUrl()))
for node in self._getNodeList(budget_line)]
security.declareProtected(Permissions.AccessContentsInformation,
'getBudgetVariationRangeCategoryList')
def getBudgetVariationRangeCategoryList(self, budget):
"""Returns the Variation Range Category List that can be applied to this
budget.
......@@ -331,6 +345,8 @@ class NodeBudgetVariation(BudgetVariation):
return [(self._getNodeTitle(node), '%s%s' % (prefix, node.getRelativeUrl()))
for node in self._getNodeList(budget)]
security.declareProtected(Permissions.ModifyPortalContent,
'initializeBudgetLine')
def initializeBudgetLine(self, budget_line):
"""Initialize a budget line
"""
......@@ -348,6 +364,8 @@ class NodeBudgetVariation(BudgetVariation):
budget_line.setMembershipCriterionBaseCategoryList(
budget_line_membership_criterion_base_category_list)
security.declareProtected(Permissions.ModifyPortalContent,
'initializeBudget')
def initializeBudget(self, budget):
"""Initialize a budget.
"""
......
......@@ -67,6 +67,8 @@ class QuantityUnitConversionDefinition(XMLObject):
return default_title
security.declareProtected(Permissions.AccessContentsInformation,
'getConversionRatio')
def getConversionRatio(self):
"""
Compute conversion ratio associated with this definition
......
......@@ -1007,6 +1007,8 @@ class Resource(XMLObject, XMLMatrix, VariatedMixin):
return insert_list
security.declareProtected(Permissions.AccessContentsInformation,
'getQuantityUnitDefinitionRatio')
def getQuantityUnitDefinitionRatio(self, quantity_unit_value):
"""
get the ratio used to define the quantity unit quantity_unit_value.
......
......@@ -93,6 +93,7 @@ class SimulatedDeliveryBuilder(BuilderMixin):
, PropertySheet.DeliveryBuilder
)
security.declarePrivate('callBeforeBuildingScript')
def callBeforeBuildingScript(self): # XXX-JPS
"""
Redefine this method, because it seems nothing interesting can be
......@@ -100,6 +101,7 @@ class SimulatedDeliveryBuilder(BuilderMixin):
"""
pass
security.declarePrivate('searchMovementList')
@UnrestrictedMethod
def searchMovementList(self, applied_rule_uid=None, **kw):
"""
......@@ -189,6 +191,8 @@ class SimulatedDeliveryBuilder(BuilderMixin):
delivery_relative_url,
divergence_to_adopt_list=divergence_to_adopt_list)
security.declareProtected(Permissions.ModifyPortalContent,
'solveDeliveryGroupDivergence')
@UnrestrictedMethod
def solveDeliveryGroupDivergence(self, delivery_relative_url,
property_dict=None):
......@@ -333,6 +337,8 @@ class SimulatedDeliveryBuilder(BuilderMixin):
return delivery_list
security.declareProtected(Permissions.ModifyPortalContent,
'solveDivergence')
solveDivergence = UnrestrictedMethod(_solveDivergence)
def _createDelivery(self, delivery_module, movement_list, activate_kw):
......
......@@ -722,6 +722,8 @@ class SimulationMovement(PropertyRecordableMixin, Movement, ExplainableMixin):
return True
security.declareProtected(Permissions.AccessContentsInformation,
'getSolverProcessValueList')
def getSolverProcessValueList(self, movement=None, validation_state=None):
"""
Returns the list of solver processes which are
......@@ -736,6 +738,8 @@ class SimulationMovement(PropertyRecordableMixin, Movement, ExplainableMixin):
"""
raise NotImplementedError
security.declareProtected(Permissions.AccessContentsInformation,
'getSolverDecisionValueList')
def getSolverDecisionValueList(self, movement=None, validation_state=None):
"""
Returns the list of solver decisions which apply
......@@ -748,6 +752,8 @@ class SimulationMovement(PropertyRecordableMixin, Movement, ExplainableMixin):
"""
raise NotImplementedError
security.declareProtected(Permissions.AccessContentsInformation,
'getSolvedPropertyApplicationValueList')
def getSolvedPropertyApplicationValueList(self, movement=None, divergence_tester=None):
"""
Returns the list of documents at which a given divergence resolution
......
......@@ -80,6 +80,8 @@ class SolverDecision(ConfigurableMixin, XMLObject):
zope.interface.implements(interfaces.IConfigurable,
)
security.declareProtected(Permissions.AccessContentsInformation,
'getDefaultConfigurationPropertyDict')
def getDefaultConfigurationPropertyDict(self):
"""
Returns a dictionary of default properties for specified
......@@ -92,6 +94,8 @@ class SolverDecision(ConfigurableMixin, XMLObject):
else:
return solver_type.getDefaultConfigurationPropertyDict(self)
security.declareProtected(Permissions.AccessContentsInformation,
'getConfigurationPropertyListDict')
def getConfigurationPropertyListDict(self):
"""
Returns a dictionary of possible values for specified
......@@ -104,6 +108,8 @@ class SolverDecision(ConfigurableMixin, XMLObject):
else:
return solver_type.getConfigurationPropertyListDict(self)
security.declareProtected(Permissions.AccessContentsInformation,
'searchDeliverySolverList')
def searchDeliverySolverList(self, **kw):
"""
this method returns a list of delivery solvers, as predicates against
......@@ -115,6 +121,8 @@ class SolverDecision(ConfigurableMixin, XMLObject):
solver_list = target_solver_type.getDeliverySolverValueList()
return filter(lambda x:x.test(self), solver_list)
security.declareProtected(Permissions.AccessContentsInformation,
'getExplanationMessage')
def getExplanationMessage(self, all=False):
"""
Returns the HTML message that describes the detail of divergences to
......
......@@ -78,6 +78,7 @@ class SolverProcess(XMLObject, ActiveProcess):
)
# Implementation
security.declareProtected(Permissions.ModifyPortalContent, 'buildTargetSolverList')
@UnrestrictedMethod
def buildTargetSolverList(self):
"""
......@@ -176,6 +177,7 @@ class SolverProcess(XMLObject, ActiveProcess):
# ISolver implementation
# Solver Process Workflow Interface
# NOTE: how can we consider that a workflow defines or provides an interface ?
security.declareProtected(Permissions.ModifyPortalContent, 'solve')
def solve(self, activate_kw=None):
"""
Start solving
......@@ -200,6 +202,8 @@ class SolverProcess(XMLObject, ActiveProcess):
activate_kw=activate_kw)
# API
security.declareProtected(Permissions.AccessContentsInformation,
'isSolverDecisionListConsistent')
def isSolverDecisionListConsistent(self):
"""
Returns True is the Solver Process decisions do not
......@@ -208,6 +212,8 @@ class SolverProcess(XMLObject, ActiveProcess):
this helps reducing CPU time.
"""
security.declareProtected(Permissions.ModifyPortalContent,
'buildSolverDecisionList')
def buildSolverDecisionList(self, delivery_or_movement=None):
"""
Build (or rebuild) the solver decisions in the solver process
......
......@@ -51,6 +51,8 @@ class SolverTypeInformation(Predicate, ERP5TypeInformation):
, PropertySheet.Configurable
)
security.declareProtected(Permissions.AccessContentsInformation,
'getSolverConflictMessageList')
def getSolverConflictMessageList(self, movement, configuration_mapping, solver_dict, movement_dict):
"""
Returns the list of conflictings messgaes if the solver and configuration_mapping
......@@ -89,6 +91,8 @@ class SolverTypeInformation(Predicate, ERP5TypeInformation):
# Return emtpty message list
return ()
security.declareProtected(Permissions.AccessContentsInformation,
'getSolverProcessGroupingKey')
def getSolverProcessGroupingKey(self, movement, configuration_mapping, solver_dict, movement_dict):
"""
Returns a key which can be used to group solvers during the
......@@ -140,6 +144,8 @@ class SolverTypeInformation(Predicate, ERP5TypeInformation):
return movement.getRelativeUrl()
security.declareProtected(Permissions.AccessContentsInformation,
'getDefaultConfigurationPropertyDict')
def getDefaultConfigurationPropertyDict(self, configurable):
"""
Returns a dictionary of default properties for specified
......@@ -155,6 +161,8 @@ class SolverTypeInformation(Predicate, ERP5TypeInformation):
else:
return {}
security.declareProtected(Permissions.AccessContentsInformation,
'getDefaultConfigurationProperty')
def getDefaultConfigurationProperty(self, property, configurable):
"""
Returns the default value for a given property
......@@ -167,6 +175,8 @@ class SolverTypeInformation(Predicate, ERP5TypeInformation):
"""
return self.getDefaultConfigurationPropertyDict().get(property, None)
security.declareProtected(Permissions.AccessContentsInformation,
'getConfigurationPropertyListDict')
def getConfigurationPropertyListDict(self, configurable):
"""
Returns a dictionary of possible values for specified
......@@ -182,6 +192,8 @@ class SolverTypeInformation(Predicate, ERP5TypeInformation):
else:
return {}
security.declareProtected(Permissions.AccessContentsInformation,
'getConfigurationPropertyList')
def getConfigurationPropertyList(self, property, configurable):
"""
Returns a list of possible values for a given property
......
......@@ -104,6 +104,8 @@ class TradeCondition(MappedValue, AmountGeneratorMixin, VariatedMixin):
return [x for x in context._findEffectiveSpecialiseValueList()
if x.getPortalType() in portal_type_set]
security.declareProtected(Permissions.AccessContentsInformation,
'getAggregatedAmountList')
def getAggregatedAmountList(self, *args, **kw):
"""
"""
......
......@@ -68,6 +68,8 @@ class TradeModelCell(TradeModelLine):
"""
return 0
security.declareProtected(Permissions.AccessContentsInformation,
'getQuantity')
def getQuantity(self):
"""Overridden getter to return None instead 0 if undefined"""
return self._baseGetQuantity(None)
......
......@@ -101,11 +101,15 @@ class TransformedResource(AmountGeneratorLine):
value += delivery_amount.getConvertedQuantity()
return value
security.declareProtected(Permissions.AccessContentsInformation,
'getBaseApplication')
def getBaseApplication(self):
"""
"""
return self.getBaseApplicationList()[0]
security.declareProtected(Permissions.AccessContentsInformation,
'getBaseApplicationList')
def getBaseApplicationList(self):
"""
"""
......
......@@ -90,6 +90,8 @@ class Url(Coordinate, UrlMixin):
return ("http://www.erp5.org", "mailto:info@erp5.org")
security.declareProtected(Permissions.AccessContentsInformation,
'getUrlString')
def getUrlString(self, default=_marker):
"""Fallback on coordinate_text
"""
......
......@@ -85,6 +85,8 @@ class VariationEquivalenceTester(Predicate, EquivalenceTesterMixin):
dict(property_name=tested_property))
return None
security.declareProtected(Permissions.AccessContentsInformation,
'generateHashKey')
def generateHashKey(self, movement):
"""
Returns a hash key which can be used to optimise the
......@@ -106,6 +108,8 @@ class VariationEquivalenceTester(Predicate, EquivalenceTesterMixin):
tested_property))
return 'variation/%r' % (value_list)
security.declareProtected(Permissions.AccessContentsInformation,
'getUpdatablePropertyDict')
def getUpdatablePropertyDict(self, prevision_movement, decision_movement):
"""
Returns a list of properties to update on decision_movement
......
......@@ -85,6 +85,7 @@ class CategoryTool(CopyContainer, CMFCategoryTool, BaseTool):
def hasContent(self,id):
return id in self.objectIds()
security.declareProtected(Permissions.AccessContentsInformation, 'getBaseCategoryDict')
@caching_instance_method(
id='portal_categories.getBaseCategoryDict',
cache_factory='erp5_content_long',
......
......@@ -359,6 +359,8 @@ class DomainTool(BaseTool):
return mapped_value
security.declareProtected(Permissions.AccessContentsInformation,
'getChildDomainValueList')
def getChildDomainValueList(self, parent, **kw):
"""
Return child domain objects already present adn thois generetaded dynamically
......@@ -370,6 +372,8 @@ class DomainTool(BaseTool):
return object_list
security.declareProtected(Permissions.AccessContentsInformation,
'getDomainByPath')
def getDomainByPath(self, path, default=_MARKER):
"""
Return the domain object for a given path
......
......@@ -279,6 +279,8 @@ class IdTool(BaseTool):
## XXX Old API deprecated
#backward compatibility
security.declareProtected(Permissions.AccessContentsInformation,
'generateNewLengthIdList')
generateNewLengthIdList = generateNewIdList
security.declareProtected(Permissions.AccessContentsInformation,
......
......@@ -28,6 +28,7 @@
##############################################################################
from AccessControl import ClassSecurityInfo
from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type import Permissions
# XXX This Mixin is not finished yet. Added as a reference for the
......@@ -86,3 +87,5 @@ class LogMixin:
"""
method = self.getTypeBasedMethod('parseLogLine')
return method(log_name, log_line)
InitializeClass(LogMixin)
......@@ -110,7 +110,7 @@ class PasswordTool(BaseTool):
def getExpirationDateForKey(self, key=None):
return self._password_request_dict[key][1]
security.declarePublic('mailPasswordResetRequest')
def mailPasswordResetRequest(self, user_login=None, REQUEST=None,
notification_message=None, sender=None,
store_as_event=False,
......@@ -227,33 +227,7 @@ class PasswordTool(BaseTool):
data = ' '.join((str(t), str(r), str(a), str(args)))
return md5(data).hexdigest()
def resetPassword(self, reset_key=None, REQUEST=None):
"""
"""
# XXX-Aurel : is it used ?
if REQUEST is None:
REQUEST = get_request()
user_login, expiration_date = self._password_request_dict.get(reset_key, (None, None))
site_url = self.getPortalObject().absolute_url()
if REQUEST and 'came_from' in REQUEST:
site_url = REQUEST.came_from
if reset_key is None or user_login is None:
ret_url = '%s/login_form' % site_url
return REQUEST.RESPONSE.redirect( ret_url )
# check date
current_date = DateTime()
if current_date > expiration_date:
msg = translateString("Date has expire.")
parameter = urlencode(dict(portal_status_message=msg))
ret_url = '%s/login_form?%s' % (site_url, parameter)
return REQUEST.RESPONSE.redirect( ret_url )
# redirect to form as all is ok
REQUEST.set("password_key", reset_key)
return self.reset_password_form(REQUEST=REQUEST)
security.declareProtected(Permissions.ModifyPortalContent, 'removeExpiredRequests')
def removeExpiredRequests(self):
"""
Browse dict and remove expired request
......@@ -264,6 +238,7 @@ class PasswordTool(BaseTool):
if date < current_date:
del password_request_dict[key]
security.declarePublic('changeUserPassword')
def changeUserPassword(self, password, password_key, password_confirm=None,
user_login=None, REQUEST=None, **kw):
"""
......
......@@ -126,18 +126,26 @@ class SimulationTool(BaseTool):
['Manager',])
BaseTool.inheritedAttribute('manage_afterAdd')(self, item, container)
security.declareProtected(Permissions.AccessContentsInformation,
'solveDelivery')
def solveDelivery(self, delivery, delivery_solver_name, target_solver_name,
additional_parameters=None, **kw):
"""
XXX obsoleted API
Solves a delivery by calling first DeliverySolver, then TargetSolver
"""
return self._solveMovementOrDelivery(delivery, delivery_solver_name,
target_solver_name, delivery=1,
additional_parameters=additional_parameters, **kw)
security.declareProtected(Permissions.AccessContentsInformation,
'solveMovement')
def solveMovement(self, movement, delivery_solver_name, target_solver_name,
additional_parameters=None, **kw):
"""
XXX obsoleted API
Solves a movement by calling first DeliverySolver, then TargetSolver
"""
return self._solveMovementOrDelivery(movement, delivery_solver_name,
......@@ -1396,6 +1404,8 @@ class SimulationTool(BaseTool):
result = delta_result
return result
security.declareProtected(Permissions.AccessContentsInformation,
'getInventoryCacheLag')
def getInventoryCacheLag(self):
"""
Returns a duration, in days, for stock cache management.
......
......@@ -30,6 +30,7 @@
import zope.interface
from AccessControl import ClassSecurityInfo
from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type import Permissions, interfaces
from Products.ERP5Type.Globals import DTMLFile
from Products.ERP5Type.Tool.BaseTool import BaseTool
......@@ -58,6 +59,8 @@ class SolverProcessTool(BaseTool):
manage_overview = DTMLFile( 'explainSolverTool', _dtmldir )
# IDivergenceController implementation
security.declareProtected(Permissions.AccessContentsInformation,
'isDivergent')
def isDivergent(self, delivery_or_movement=None):
"""
Returns True if any of the movements provided
......@@ -73,6 +76,8 @@ class SolverProcessTool(BaseTool):
return True
return False
security.declareProtected(Permissions.AddPortalContent,
'newSolverProcess')
@UnrestrictedMethod
def newSolverProcess(self, delivery_or_movement=None, temp_object=False):
"""
......@@ -107,3 +112,5 @@ class SolverProcessTool(BaseTool):
delivery.setSolverValueList(solver_list)
return new_solver
InitializeClass(SolverProcessTool)
......@@ -31,6 +31,7 @@ import zope.interface
import re
from AccessControl import ClassSecurityInfo
from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type import Permissions, interfaces
from Products.ERP5Type.Tool.TypesTool import TypeProvider
from Products.ERP5 import DeliverySolver
......@@ -55,6 +56,8 @@ class SolverTool(TypeProvider):
zope.interface.implements(interfaces.IDeliverySolverFactory,)
# IDeliverySolverFactory implementation
security.declareProtected(Permissions.AccessContentsInformation,
'newDeliverySolver')
def newDeliverySolver(self, portal_type, movement_list):
"""
Return a new instance of delivery solver of the given
......@@ -73,6 +76,8 @@ class SolverTool(TypeProvider):
tmp_solver.setDeliveryValueList(movement_list)
return tmp_solver
security.declareProtected(Permissions.AccessContentsInformation,
'getDeliverySolverTranslatedItemList')
def getDeliverySolverTranslatedItemList(self, portal_type_list=None):
"""
"""
......@@ -81,6 +86,8 @@ class SolverTool(TypeProvider):
if portal_type_list is None or x in portal_type_list],
key=lambda x:str(x[0]))
security.declareProtected(Permissions.AccessContentsInformation,
'getSolverProcessValueList')
def getSolverProcessValueList(self, delivery_or_movement=None, validation_state=None):
"""
Returns the list of solver processes which are
......@@ -95,6 +102,8 @@ class SolverTool(TypeProvider):
to filter the result
"""
security.declareProtected(Permissions.AccessContentsInformation,
'getSolverDecisionValueList')
def getSolverDecisionValueList(self, delivery_or_movement=None, validation_state=None):
"""
Returns the list of solver decisions which apply
......@@ -107,6 +116,8 @@ class SolverTool(TypeProvider):
to filter the result
"""
security.declareProtected(Permissions.AccessContentsInformation,
'getSolverDecisionApplicationValueList')
def getSolverDecisionApplicationValueList(self, movement, divergence_tester=None):
"""
Returns the list of documents at which a given divergence resolution
......@@ -190,6 +201,8 @@ class SolverTool(TypeProvider):
application_value_level[property_group.getCollectGroupOrder()] = None
# etc. same
security.declareProtected(Permissions.AccessContentsInformation,
'searchTargetSolverList')
def searchTargetSolverList(self, divergence_tester,
simulation_movement,
automatic_solver_only=False, **kw):
......@@ -203,3 +216,5 @@ class SolverTool(TypeProvider):
x.test(simulation_movement, **kw)]
else:
return [x for x in solver_list if x.test(simulation_movement, **kw)]
InitializeClass(SolverTool)
......@@ -113,6 +113,8 @@ class TemplateTool (BaseTool):
security.declareProtected(Permissions.ManagePortal, 'manage_overview')
manage_overview = DTMLFile('explainTemplateTool', _dtmldir)
security.declareProtected(Permissions.AccessContentsInformation,
'getInstalledBusinessTemplate')
def getInstalledBusinessTemplate(self, title, strict=False, **kw):
"""Returns an installed version of business template of a given title.
......@@ -148,6 +150,8 @@ class TemplateTool (BaseTool):
last_time = t
return last_bt
security.declareProtected(Permissions.AccessContentsInformation,
'getInstalledBusinessTemplatesList')
def getInstalledBusinessTemplatesList(self):
"""Deprecated.
"""
......@@ -166,16 +170,22 @@ class TemplateTool (BaseTool):
installed_bts.append(bt5)
return installed_bts
security.declareProtected(Permissions.AccessContentsInformation,
'getInstalledBusinessTemplateList')
def getInstalledBusinessTemplateList(self):
"""Get the list of installed business templates.
"""
return self._getInstalledBusinessTemplateList(only_title=0)
security.declareProtected(Permissions.AccessContentsInformation,
'getInstalledBusinessTemplateTitleList')
def getInstalledBusinessTemplateTitleList(self):
"""Get the list of installed business templates.
"""
return self._getInstalledBusinessTemplateList(only_title=1)
security.declareProtected(Permissions.AccessContentsInformation,
'getInstalledBusinessTemplateRevision')
def getInstalledBusinessTemplateRevision(self, title, **kw):
"""
Return the revision of business template installed with the title
......@@ -186,6 +196,8 @@ class TemplateTool (BaseTool):
return bt.getRevision()
return None
security.declareProtected(Permissions.AccessContentsInformation,
'getBuiltBusinessTemplateList')
def getBuiltBusinessTemplateList(self):
"""Get the list of built and not installed business templates.
"""
......@@ -283,6 +295,7 @@ class TemplateTool (BaseTool):
content_type='application/x-erp5-business-template')
business_template.setPublicationUrl(url)
security.declareProtected(Permissions.ManagePortal, 'update')
def update(self, business_template):
"""
Update an existing template from its publication URL.
......@@ -371,6 +384,7 @@ class TemplateTool (BaseTool):
bt.build(no_action=True)
return bt
security.declareProtected('Import/Export objects', 'importBase64EncodedText')
def importBase64EncodedText(self, file_data=None, id=None, REQUEST=None,
batch_mode=False, **kw):
"""
......@@ -380,6 +394,7 @@ class TemplateTool (BaseTool):
return self.importFile(import_file = import_file, id = id, REQUEST = REQUEST,
batch_mode = batch_mode, **kw)
security.declareProtected('Import/Export objects', 'importFile')
def importFile(self, import_file=None, id=None, REQUEST=None,
batch_mode=False, **kw):
"""
......@@ -421,6 +436,7 @@ class TemplateTool (BaseTool):
elif batch_mode:
return bt
security.declareProtected(Permissions.ManagePortal, 'getDiffFilterScriptList')
def getDiffFilterScriptList(self):
"""
Return list of scripts usable to filter diff
......@@ -438,12 +454,14 @@ class TemplateTool (BaseTool):
LOG("TemplateTool", WARNING, "Unable to find %r script" % script_id)
return script_list
security.declareProtected(Permissions.ManagePortal, 'getFilteredDiffAsHTML')
def getFilteredDiffAsHTML(self, diff):
"""
Return the diff filtered by python scripts into html format
"""
return self.getFilteredDiff(diff).toHTML()
security.declareProtected(Permissions.ManagePortal, 'getFilteredDiff')
def getFilteredDiff(self, diff):
"""
Filter the diff using python scripts
......@@ -461,6 +479,7 @@ class TemplateTool (BaseTool):
# DiffFile does not provide yet such feature
return diff_file_object
security.declareProtected(Permissions.ManagePortal, 'diffObjectAsHTML')
def diffObjectAsHTML(self, REQUEST, **kw):
"""
Convert diff into a HTML format before reply
......@@ -469,6 +488,7 @@ class TemplateTool (BaseTool):
"""
return DiffFile(self.diffObject(REQUEST, **kw)).toHTML()
security.declareProtected(Permissions.ManagePortal, 'diffObject')
def diffObject(self, REQUEST, **kw):
"""
Make diff between two objects, whose paths are stored in values bt1
......@@ -612,6 +632,7 @@ class TemplateTool (BaseTool):
"""
return b64encode(cPickle.dumps((repository, id)))
security.declarePublic('compareVersionStrings')
def compareVersionStrings(self, version, comparing_string):
"""
comparing_string is like "<= 0.2" | "operator version"
......@@ -755,6 +776,8 @@ class TemplateTool (BaseTool):
raise BusinessTemplateUnknownError, 'The Business Template %s could not be found on repository %s'%(bt[1], bt[0])
return []
security.declareProtected(Permissions.ManagePortal,
'findProviderInBTList')
def findProviderInBTList(self, provider_list, bt_list):
"""
Find one provider in provider_list which is present in
......@@ -968,6 +991,7 @@ class TemplateTool (BaseTool):
#LOG('getUpdatedRepositoryBusinessTemplateList', 0, 'kw = %r' % (kw,))
return self.getRepositoryBusinessTemplateList(update_only=True, **kw)
security.declarePublic('compareVersions')
def compareVersions(self, version1, version2):
"""
Return negative if version1 < version2, 0 if version1 == version2,
......
......@@ -58,6 +58,7 @@ try:
security.declareProtected( Permissions.ManagePortal, 'manage_overview' )
manage_overview = DTMLFile( 'explainTestTool', _dtmldir )
security.declarePublic('getZeleniumVersion')
def getZeleniumVersion(self):
"""Returns the version of the zelenium product
"""
......
......@@ -55,6 +55,7 @@ class TrashTool(BaseTool):
security.declareProtected(Permissions.ManagePortal, 'manage_overview' )
manage_overview = DTMLFile( 'explainTrashTool', _dtmldir )
security.declarePrivate('backupObject')
def backupObject(self, trashbin, container_path, object_id, save, **kw):
"""
Backup an object in a trash bin
......@@ -159,6 +160,7 @@ class TrashTool(BaseTool):
obj._cleanup()
return subobjects_dict
security.declarePrivate('newTrashBin')
def newTrashBin(self, bt_title='trash', bt=None):
"""
Create a new trash bin at upgrade of bt
......@@ -191,6 +193,7 @@ class TrashTool(BaseTool):
)
return trashbin
security.declareProtected(Permissions.ManagePortal, 'getTrashBinObjectsList')
def getTrashBinObjectsList(self, trashbin):
"""
Return a list of trash objects for a given trash bin
......
......@@ -154,6 +154,8 @@ class UrlRegistryTool(BaseTool):
url_list.append(url)
return url_list
security.declareProtected(Permissions.ModifyPortalContent,
'updateUrlRegistryTool')
def updateUrlRegistryTool(self):
"""
Fetch all document path, then call in activities
......
......@@ -30,7 +30,7 @@ from collections import defaultdict, deque
import random
import zope.interface
from AccessControl import ClassSecurityInfo
from AccessControl.class_init import InitializeClass
from Products.ERP5Type.Globals import InitializeClass
from Acquisition import aq_base, Implicit
from Products.ERP5.AggregatedAmountList import AggregatedAmountList
from Products.ERP5Type import Permissions, interfaces
......
......@@ -28,7 +28,7 @@
##############################################################################
from Products.CMFCore.utils import getToolByName
from AccessControl import ClassSecurityInfo
from AccessControl.class_init import InitializeClass
from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type import Permissions
from OFS.Image import Pdata
from cStringIO import StringIO
......
......@@ -28,7 +28,7 @@
##############################################################################
from AccessControl import ClassSecurityInfo
from AccessControl.class_init import InitializeClass
from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type import Permissions, PropertySheet
from Products.ERP5Type.XMLObject import XMLObject
from Products.ERP5Type.Core.Predicate import Predicate
......@@ -150,6 +150,7 @@ class BuilderMixin(XMLObject, Amount, Predicate):
def getRelatedBusinessLinkValueList(self):
return self.getDeliveryBuilderRelatedValueList(portal_type='Business Link')
security.declarePrivate('callBeforeBuildingScript')
def callBeforeBuildingScript(self):
"""
Call a script on the module, for example, to remove some
......@@ -284,8 +285,10 @@ class BuilderMixin(XMLObject, Amount, Predicate):
return movement_list
security.declarePrivate('searchMovementList')
searchMovementList = UnrestrictedMethod(_searchMovementList)
security.declarePrivate('collectMovement')
def collectMovement(self, movement_list):
"""
group movements in the way we want. Thanks to this method, we are able
......@@ -366,6 +369,7 @@ class BuilderMixin(XMLObject, Amount, Predicate):
for movement_group_node in movement_group_node_list]
return instance, self._getSortedPropertyDict(property_dict_list)
security.declarePrivate('buildDeliveryList')
@UnrestrictedMethod
def buildDeliveryList(self, movement_group_node,
delivery_relative_url_list=None,
......@@ -717,6 +721,7 @@ class BuilderMixin(XMLObject, Amount, Predicate):
# Update properties on object (quantity, price...)
delivery_movement._edit(force_update=1, **property_dict)
security.declarePrivate('callAfterBuildingScript')
@UnrestrictedMethod
def callAfterBuildingScript(self, delivery_list, movement_list=(), **kw):
"""
......
......@@ -33,7 +33,7 @@ import string
from Acquisition import aq_base
from AccessControl import ClassSecurityInfo
from AccessControl.class_init import InitializeClass
from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type import Permissions
from Products.ERP5Type.TransactionalVariable import getTransactionalVariable
from OFS.Image import Pdata, Image as OFSImage
......
......@@ -28,7 +28,7 @@
##############################################################################
from AccessControl import ClassSecurityInfo
from AccessControl.class_init import InitializeClass
from Products.ERP5Type.Globals import InitializeClass
from Acquisition import aq_base
from Products.ERP5Type import Permissions
from Products.ERP5Type.Cache import transactional_cached
......
......@@ -28,7 +28,7 @@
import zope.interface
from AccessControl import ClassSecurityInfo
from AccessControl.class_init import InitializeClass
from Products.ERP5Type.Globals import InitializeClass
from Acquisition import aq_base
from Products.ERP5Type import Permissions, interfaces
from Products.ERP5Type.Globals import PersistentMapping
......
......@@ -28,7 +28,7 @@
##############################################################################
from AccessControl import ClassSecurityInfo
from AccessControl.class_init import InitializeClass
from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type import Permissions
from Products.ERP5Type.Utils import normaliseUrl
from Products.ERP5Type.DateUtils import convertDateToHour,\
......
......@@ -28,7 +28,7 @@
##############################################################################
from AccessControl import ClassSecurityInfo, getSecurityManager
from AccessControl.class_init import InitializeClass
from Products.ERP5Type.Globals import InitializeClass
from ZODB.POSException import ConflictError
from Products.ERP5Type import Permissions
from Products.ERP5Type.Utils import convertToUpperCase
......
......@@ -28,7 +28,7 @@
##############################################################################
from Products.CMFCore.utils import getToolByName
from AccessControl import ClassSecurityInfo, Unauthorized
from AccessControl.class_init import InitializeClass
from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type import Permissions
from OFS.Image import Pdata
from cStringIO import StringIO
......@@ -85,7 +85,8 @@ class DocumentMixin:
if LOCK_PERMISSION_KEY in transaction_variable:
del transaction_variable[LOCK_PERMISSION_KEY]
return result
security.declareProtected(Permissions.AccessContentsInformation, 'getFailsafeConversion')
def getFailsafeConversion(self, **kw):
"""
Return a failure resistent conversion of a document
......
......@@ -28,7 +28,7 @@
##############################################################################
from AccessControl import ClassSecurityInfo
from AccessControl.class_init import InitializeClass
from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type import Permissions
from warnings import warn
......@@ -59,7 +59,7 @@ class DocumentProxyMixin:
return self.getProxiedDocumentValue()
security.declareProtected(Permissions.AccessContentsInformation,
'getProxiedDocument' )
'getProxiedDocumentValue')
def getProxiedDocumentValue(self):
"""
Try to retrieve the original document
......
......@@ -27,7 +27,7 @@
#
##############################################################################
from AccessControl import ClassSecurityInfo, Unauthorized
from AccessControl.class_init import InitializeClass
from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type import Permissions
from Products.ERP5Type.Utils import fill_args_from_request
from Products.CMFCore.utils import getToolByName, _checkConditionalGET, _setCacheHeaders,\
......
......@@ -31,7 +31,7 @@
import zope.interface
from AccessControl import ClassSecurityInfo
from AccessControl.AuthEncoding import pw_encrypt, pw_validate
from AccessControl.class_init import InitializeClass
from Products.ERP5Type.Globals import InitializeClass
from Acquisition import aq_base
from Products.ERP5Type import Permissions, interfaces
from Products.ERP5Type.Globals import PersistentMapping
......@@ -55,6 +55,7 @@ class EncryptedPasswordMixin:
return pw_validate(self.getPassword(), value)
return False
security.declareProtected(Permissions.SetOwnPassword, 'checkPasswordValueAcceptable')
def checkPasswordValueAcceptable(self, value):
"""
Check the password. This method is defined explicitly, because:
......
......@@ -28,7 +28,7 @@
import zope.interface
from AccessControl import ClassSecurityInfo
from AccessControl.class_init import InitializeClass
from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type import Permissions, interfaces
from Products.ERP5Type.DivergenceMessage import DivergenceMessage
from Products.ERP5Type.Message import Message
......@@ -47,6 +47,7 @@ class EquivalenceTesterMixin:
zope.interface.implements(interfaces.IEquivalenceTester,)
# Implementation of IEquivalenceTester
security.declarePrivate('testEquivalence')
def testEquivalence(self, simulation_movement):
"""
Tests if simulation_movement is divergent. Returns False (0)
......@@ -59,6 +60,7 @@ class EquivalenceTesterMixin:
"""
return self.explain(simulation_movement) is not None
security.declarePrivate('explain')
def explain(self, simulation_movement):
"""
Returns a single message which explain the nature of
......@@ -99,6 +101,7 @@ class EquivalenceTesterMixin:
"""
return movement.getProperty(property)
security.declarePrivate('generateHashKey')
def generateHashKey(self, movement):
"""
Returns a hash key which can be used to optimise the
......@@ -117,6 +120,7 @@ class EquivalenceTesterMixin:
value = self._getTestedPropertyValue(movement, tested_property)
return '%s/%r' % (tested_property, value)
security.declarePrivate('compare')
def compare(self, prevision_movement, decision_movement):
"""
Returns True if prevision_movement and delivery_movement
......@@ -136,6 +140,7 @@ class EquivalenceTesterMixin:
"""
return (self._compare(prevision_movement, decision_movement) is None)
security.declarePrivate('update')
def update(self, prevision_movement, decision_movement):
"""
Updates decision_movement with properties from
......@@ -164,6 +169,8 @@ class EquivalenceTesterMixin:
decision_movement.edit(
**self.getUpdatablePropertyDict(prevision_movement, decision_movement))
security.declareProtected(Permissions.AccessContentsInformation,
'getExplanationMessage')
def getExplanationMessage(self, simulation_movement):
"""
Returns the HTML message that describes the detail of the
......@@ -201,6 +208,8 @@ class EquivalenceTesterMixin:
"""
raise NotImplementedError
security.declareProtected(Permissions.AccessContentsInformation,
'getUpdatablePropertyDict')
def getUpdatablePropertyDict(self, prevision_movement, decision_movement):
"""
Returns a mapping of properties to update on decision_movement so that next
......
......@@ -28,7 +28,7 @@
import zope.interface
from AccessControl import ClassSecurityInfo
from AccessControl.class_init import InitializeClass
from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type import Permissions, interfaces
class ExplainableMixin:
......
......@@ -35,7 +35,7 @@ from Products.ERP5Type.ExtensibleTraversable import ExtensibleTraversableMixIn
from Products.ERP5Type.Cache import getReadOnlyTransactionCache
from AccessControl import ClassSecurityInfo, getSecurityManager
from AccessControl.SecurityManagement import newSecurityManager, setSecurityManager
from AccessControl.class_init import InitializeClass
from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type import Permissions
from Products.CMFCore.utils import getToolByName, _checkConditionalGET, _setCacheHeaders, _ViewEmulator
from OFS.Image import File as OFSFile
......
......@@ -30,7 +30,7 @@
from Products.ERP5Type import Permissions
from AccessControl.AuthEncoding import pw_validate
from AccessControl import ClassSecurityInfo
from AccessControl.class_init import InitializeClass
from Products.ERP5Type.Globals import InitializeClass
class LoginAccountProviderMixin:
"""
......@@ -87,7 +87,8 @@ class LoginAccountProviderMixin:
if not len(result_code_list):
return True
return False
security.declareProtected(Permissions.SetOwnPassword, 'analyzePassword')
def analyzePassword(self, password, **kw):
"""
Analyze password validity.
......
......@@ -28,7 +28,7 @@
import zope.interface
from AccessControl import ClassSecurityInfo
from AccessControl.class_init import InitializeClass
from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type import Permissions, interfaces
from Products.ERP5.MovementCollectionDiff import (
MovementCollectionDiff, _getPropertyAndCategoryList)
......@@ -52,6 +52,8 @@ class MovementCollectionUpdaterMixin:
zope.interface.implements(interfaces.IMovementCollectionUpdater,)
# Implementation of IMovementCollectionUpdater
security.declareProtected(Permissions.AccessContentsInformation,
'getMovementCollectionDiff')
def getMovementCollectionDiff(self, context, rounding=False,
movement_generator=None):
"""
......@@ -147,6 +149,8 @@ class MovementCollectionUpdaterMixin:
return movement_collection_diff
security.declareProtected(Permissions.ModifyPortalContent,
'updateMovementCollection')
def updateMovementCollection(self, context, rounding=False,
movement_generator=None):
"""
......
......@@ -29,7 +29,7 @@
from DateTime import DateTime
from AccessControl import ClassSecurityInfo
from AccessControl.class_init import InitializeClass
from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type import Permissions
from Products.ERP5Type.Message import Message
......@@ -237,7 +237,7 @@ class PeriodicityMixin:
return [(Message(domain='erp5_ui', message=x), x) \
for x in self.getWeekDayList()]
security.declareProtected(Permissions.AccessContentsInformation, 'getWeekDayItemList')
security.declareProtected(Permissions.AccessContentsInformation, 'getMonthItemList')
def getMonthItemList(self):
"""
returns something like [('January', 1), ('February', 2),...]
......
......@@ -28,7 +28,7 @@
import zope.interface
from AccessControl import ClassSecurityInfo
from AccessControl.class_init import InitializeClass
from Products.ERP5Type.Globals import InitializeClass
from Acquisition import aq_base
from Products.ERP5Type import Permissions, interfaces
from Products.ERP5Type.Globals import PersistentMapping
......
......@@ -29,7 +29,7 @@
import transaction
import zope.interface
from AccessControl import ClassSecurityInfo
from AccessControl.class_init import InitializeClass
from Products.ERP5Type.Globals import InitializeClass
from Acquisition import aq_base
from Products.ERP5Type import Permissions, interfaces
from Products.ERP5Type.Base import Base
......@@ -158,6 +158,8 @@ class RuleMixin(Predicate):
movement_type = 'Simulation Movement'
# Implementation of IRule
security.declareProtected(Permissions.ModifyPortalContent,
'constructNewAppliedRule')
def constructNewAppliedRule(self, context, **kw):
"""
Create a new applied rule in the context.
......@@ -190,6 +192,8 @@ class RuleMixin(Predicate):
return False
return super(RuleMixin, self).test(*args, **kw)
security.declareProtected(Permissions.ModifyPortalContent,
'expand')
def expand(self, applied_rule, expand_policy=None, **kw):
"""
Expand this applied rule to create new documents inside the
......@@ -473,6 +477,7 @@ class RuleMixin(Predicate):
new_movement = self._newProfitAndLossMovement(prevision_movement)
movement_collection_diff.addNewMovement(new_movement)
InitializeClass(RuleMixin)
class SimulableMixin(Base):
security = ClassSecurityInfo()
......@@ -553,6 +558,8 @@ class SimulableMixin(Base):
if not movement.aq_inContextOf(applied_rule):
movement.recursiveReindexObject(activate_kw=activate_kw)
security.declareProtected( Permissions.AccessContentsInformation,
'getRuleReference')
def getRuleReference(self):
"""Returns an appropriate rule reference
......@@ -609,4 +616,4 @@ class SimulableMixin(Base):
o.getParentValue().deleteContent(o.getId())
super(SimulableMixin, self).manage_beforeDelete(item, container)
InitializeClass(RuleMixin)
InitializeClass(SimulableMixin)
......@@ -29,7 +29,7 @@
import zope.interface
from AccessControl import ClassSecurityInfo
from AccessControl.class_init import InitializeClass
from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type import Permissions, PropertySheet, interfaces
from Products.ERP5Type.UnrestrictedMethod import super_user
from Products.ERP5Type.XMLObject import XMLObject
......@@ -58,6 +58,8 @@ class SolverMixin(object):
def getPortalTypeValue(self):
return self.getPortalObject().portal_solvers._getOb(self.getPortalType())
security.declareProtected(Permissions.AccessContentsInformation,
'searchDeliverySolverList')
def searchDeliverySolverList(self, **kw):
"""
this method returns a list of delivery solvers
......@@ -70,6 +72,8 @@ class SolverMixin(object):
solver_list = target_solver_type.getDeliverySolverValueList()
return solver_list
InitializeClass(SolverMixin)
class ConfigurablePropertySolverMixin(SolverMixin,
ConfigurableMixin,
XMLObject):
......@@ -118,4 +122,4 @@ class ConfigurablePropertySolverMixin(SolverMixin,
tested_property_list = portal_type.getTestedPropertyList()
return tested_property_list
InitializeClass(SolverMixin)
InitializeClass(ConfigurablePropertySolverMixin)
......@@ -28,7 +28,7 @@
##############################################################################
from AccessControl import ClassSecurityInfo
from AccessControl.class_init import InitializeClass
from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type import Permissions
from warnings import warn
......
......@@ -28,7 +28,7 @@
import warnings
from AccessControl import ClassSecurityInfo
from AccessControl.class_init import InitializeClass
from Products.ERP5Type.Globals import InitializeClass
from Products.CMFActivity.ActivityTool import ActivityTool
from Products.ERP5Type import Permissions
try:
......
......@@ -28,7 +28,7 @@
##############################################################################
from AccessControl import ClassSecurityInfo
from AccessControl.class_init import InitializeClass
from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type import Permissions
from Products.ERP5Type.Utils import normaliseUrl
......@@ -133,6 +133,8 @@ class UrlMixin:
url_string = self.getUrlString()
return '/'.join(url_string.split('/')[1:])
security.declareProtected(Permissions.AccessContentsInformation,
'asNormalisedURL')
def asNormalisedURL(self, base_url=None):
"""
call normaliseUrl with raw url
......
......@@ -29,7 +29,7 @@
from warnings import warn
from AccessControl import ClassSecurityInfo
from AccessControl.class_init import InitializeClass
from Products.ERP5Type.Globals import InitializeClass
from Products.CMFCategory.Renderer import Renderer
from Products.ERP5Type import interfaces, Permissions, PropertySheet
import zope.interface
......
......@@ -31,7 +31,7 @@
_marker=[]
from AccessControl import ClassSecurityInfo
from AccessControl.class_init import InitializeClass
from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type.Core.Folder import Folder
from Products.ERP5Type.TransactionalVariable import getTransactionalVariable
......
......@@ -314,6 +314,7 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
, 'manage_schema')
manage_schema = DTMLFile('dtml/manageSchema', globals())
security.declarePublic('getPreferredSQLCatalogId')
def getPreferredSQLCatalogId(self, id=None):
"""
Get the SQL Catalog from preference.
......@@ -366,6 +367,7 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
return result
# Schema Management
security.declareProtected(Permissions.ManagePortal, 'editColumn')
def editColumn(self, column_id, sql_definition, method_id, default_value, REQUEST=None, RESPONSE=None):
"""
Modifies a schema column of the catalog
......@@ -379,17 +381,20 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
new_schema.append(new_c)
self.setColumnList(new_schema)
security.declareProtected(Permissions.ManagePortal, 'setColumnList')
def setColumnList(self, column_list):
"""
"""
self._sql_schema = column_list
security.declarePublic('getColumnList')
def getColumnList(self):
"""
"""
if not hasattr(self, '_sql_schema'): self._sql_schema = []
return self._sql_schema
security.declarePublic('getColumn')
def getColumn(self, column_id):
"""
"""
......@@ -398,6 +403,7 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
return c
return None
security.declareProtected(Permissions.ManagePortal, 'editIndex')
def editIndex(self, index_id, sql_definition, REQUEST=None, RESPONSE=None):
"""
Modifies the schema of the catalog
......@@ -411,17 +417,20 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
new_index.append(new_c)
self.setIndexList(new_index)
security.declareProtected(Permissions.ManagePortal, 'setIndexList')
def setIndexList(self, index_list):
"""
"""
self._sql_index = index_list
security.declarePublic('getIndexList')
def getIndexList(self):
"""
"""
if not hasattr(self, '_sql_index'): self._sql_index = []
return self._sql_index
security.declarePublic('getIndex')
def getIndex(self, index_id):
"""
"""
......@@ -512,6 +521,7 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
return allowedRolesAndUsers, role_column_dict, local_role_column_dict
security.declarePublic('getSecurityUidDictAndRoleColumnDict')
def getSecurityUidDictAndRoleColumnDict(self, sql_catalog_id=None, local_roles=None):
"""
Return a dict of local_roles_group_id -> security Uids and a
......
......@@ -86,10 +86,12 @@ class Preference( Folder ):
self._clearCache()
Folder._edit(self, **kw)
security.declareProtected(Permissions.ModifyPortalContent, 'enable')
def enable(self, **kw):
"""Workflow method"""
self._clearCache()
security.declareProtected(Permissions.ModifyPortalContent, 'disable')
def disable(self, **kw):
"""Workflow method"""
self._clearCache()
......@@ -710,6 +710,7 @@ class ERP5Form(Base, ZMIForm, ZopePageTemplate):
return ret
# Utilities
security.declareProtected('View', 'ErrorFields')
def ErrorFields(self, validation_errors):
"""
Create a dictionnary of validation_errors
......@@ -788,6 +789,7 @@ class ERP5Form(Base, ZMIForm, ZopePageTemplate):
manage_FTPput = PUT
security.declarePrivate('getSimilarSkinFolderIdList')
def getSimilarSkinFolderIdList(self):
"""
Find other skins id installed in the same time
......
......@@ -412,6 +412,7 @@ class ProxyField(ZMIField):
"""
return self.getTemplateField().get_error_names()
security.declareProtected('Access contents information', 'getTemplateField')
def getTemplateField(self, cache=True):
"""
Return template field of the proxy field.
......@@ -478,6 +479,7 @@ class ProxyField(ZMIField):
self._setTemplateFieldCache(proxy_field)
return proxy_field
security.declareProtected('Access contents information', 'getRecursiveTemplateField')
def getRecursiveTemplateField(self):
"""
Return template field of the proxy field.
......@@ -639,6 +641,7 @@ class ProxyField(ZMIField):
else:
return None
security.declareProtected('Access contents information', 'getFieldValue')
def getFieldValue(self, field, id, **kw):
"""
Return a callable expression and cacheable boolean flag
......
......@@ -1197,6 +1197,7 @@ class SelectionTool( BaseTool, SimpleItem ):
return md5(str(sorted(map(str, uid_list)))).hexdigest()
# Related document searching
security.declarePublic('viewSearchRelatedDocumentDialog')
def viewSearchRelatedDocumentDialog(self, index, form_id,
REQUEST=None, sub_index=None, **kw):
"""
......@@ -1433,6 +1434,7 @@ class SelectionTool( BaseTool, SimpleItem ):
tv['_user_id'] = user_id
return user_id
security.declarePrivate('getTemporarySelectionDict')
def getTemporarySelectionDict(self):
""" Temporary selections are used in push/pop nested scope,
to prevent from editting for stored selection in the scope.
......@@ -1794,7 +1796,7 @@ for x in SelectionTool.__dict__:
if x in method_id_filter_list:
continue
roles = getattr(SelectionTool, '%s__roles__' % x, None)
if roles is None:
if roles is None or roles == ():
continue
if roles.__name__ == ERP5Permissions.ManagePortal:
continue
......
......@@ -2495,6 +2495,7 @@ return 1
kw['portal_type'] = "Spreadsheet"
new_document = self.portal.Base_contribute(**kw)
self.assertEqual(new_document.getValidationState(), 'draft')
self.tic()
# make it read only
document.manage_permission(Permissions.ModifyPortalContent, [])
......
......@@ -78,6 +78,7 @@ class ERP5GroupManager(BasePlugin):
#
# IGroupsPlugin implementation
#
security.declarePrivate('getGroupsForPrincipal')
def getGroupsForPrincipal(self, principal, request=None):
""" See IGroupsPlugin.
"""
......
......@@ -209,6 +209,7 @@ class ERP5UserFactory(BasePlugin):
self._id = self.id = id
self.title = title
security.declarePrivate('createUser')
def createUser( self, user_id, name ):
""" See IUserFactoryPlugin
"""
......
......@@ -809,12 +809,16 @@ class Base( CopyContainer,
getId = BaseAccessor.Getter('getId', 'id', 'string')
# Debug
security.declareProtected(Permissions.AccessContentsInformation,
'getOid')
def getOid(self):
"""
Return ODB oid
"""
return self._p_oid
security.declareProtected(Permissions.AccessContentsInformation,
'getOidRepr')
def getOidRepr(self):
"""
Return ODB oid, in an 'human' readable form.
......@@ -822,10 +826,14 @@ class Base( CopyContainer,
from ZODB.utils import oid_repr
return oid_repr(self._p_oid)
security.declareProtected(Permissions.AccessContentsInformation,
'getSerial')
def getSerial(self):
"""Return ODB Serial."""
return self._p_serial
security.declareProtected(Permissions.AccessContentsInformation,
'getHistorySerial')
def getHistorySerial(self):
"""Return ODB Serial, in the same format used for history keys"""
return '.'.join([str(x) for x in unpack('>HHHH', self._p_serial)])
......@@ -1378,6 +1386,8 @@ class Base( CopyContainer,
# Accessors are not workflow methods by default
# Ping provides a dummy method to trigger automatic methods
# XXX : maybe an empty edit is enough (self.edit())
security.declareProtected(Permissions.AccessContentsInformation,
'ping')
def ping(self):
pass
......@@ -1565,6 +1575,8 @@ class Base( CopyContainer,
"""
return self
security.declareProtected(Permissions.AccessContentsInformation,
'getDocumentInstance')
def getDocumentInstance(self):
"""
Returns self
......@@ -1584,6 +1596,8 @@ class Base( CopyContainer,
assert mount_point._getMountedConnection(connection) is connection
return mount_point._traverseToMountedRoot(connection.root(), None)
security.declareProtected(Permissions.AccessContentsInformation,
'asSQLExpression')
def asSQLExpression(self, strict_membership=0, table='category', base_category = None):
"""
Any document can be used as a Category. It can therefore
......@@ -3266,6 +3280,8 @@ class Base( CopyContainer,
self._p_changed = 1
# Helpers
security.declareProtected(Permissions.AccessContentsInformation,
'getQuantityPrecisionFromResource')
def getQuantityPrecisionFromResource(self, resource, d=2):
"""
Provides a quick access to precision without accessing the resource
......
......@@ -383,28 +383,6 @@ class CopyContainer:
group_method_id='portal_catalog/uncatalogObjectList',
serialization_tag=self.getRootDocumentPath()).unindexObject(uid=uid)
security.declareProtected(Permissions.ModifyPortalContent, 'moveObject')
def moveObject(self, idxs=None):
"""
Reindex the object in the portal catalog.
If idxs is present, only those indexes are reindexed.
The metadata is always updated.
Also update the modification date of the object,
unless specific indexes were requested.
Passes is_object_moved to catalog to force
reindexing without creating new uid
"""
if idxs is None: idxs = []
if idxs == []:
# Update the modification date.
if getattr(aq_base(self), 'notifyModified', _marker) is not _marker:
self.notifyModified()
catalog = getattr(self.getPortalObject(), 'portal_catalog', None)
if catalog is not None:
catalog.moveObject(self, idxs=idxs)
def _notifyOfCopyTo(self, container, op=0):
"""Overiden to track object cut and pastes, and update related
content accordingly.
......
......@@ -86,18 +86,21 @@ class ActionInformation(XMLObject):
# XXX Following getAction/getCondition/getIcon are problably not useful
# because properties should already be cleaned up during migration
# or installation from BT.
security.declareProtected(AccessContentsInformation, 'getAction')
def getAction(self):
"""Overridden getter for 'action' to clean null values"""
if getattr(aq_base(self), 'action', None) == '':
del self.action
return self._baseGetAction()
security.declareProtected(AccessContentsInformation, 'getCondition')
def getCondition(self):
"""Overridden getter for 'condition' to clean null values"""
if getattr(aq_base(self), 'condition', None) == '':
del self.condition
return self._baseGetCondition()
security.declareProtected(AccessContentsInformation, 'getIcon')
def getIcon(self):
"""Overridden getter for 'icon' to clean null values"""
if getattr(aq_base(self), 'icon', None) == '':
......
......@@ -61,6 +61,7 @@ class CacheFactory(XMLObject):
, PropertySheet.SortIndex
)
security.declareProtected(Permissions.AccessContentsInformation, 'getCacheId')
def getCacheId(self):
"""
Get a common Cache Factory / Cache Bag ID in this
......@@ -94,6 +95,7 @@ class CacheFactory(XMLObject):
for cache_plugin in cache_plugin_list:
cache_plugin.set(cache_id, value)
security.declareProtected(Permissions.AccessContentsInformation, 'getCachePluginList')
def getCachePluginList(self, allowed_type_list=None):
""" get ordered list of installed cache plugins in ZODB """
if allowed_type_list is None:
......
......@@ -587,13 +587,15 @@ class Folder(CopyContainer, CMFBTreeFolder, CMFHBTreeFolder, Base, FolderMixIn):
""" Create a new content """
# Create data structure if none present
return FolderMixIn.newContent(self, *args, **kw)
security.declareProtected(Permissions.AccessContentsInformation, 'isBTree')
def isBTree(self):
"""
Tell if we are a BTree
"""
return self._folder_handler == BTREE_HANDLER
security.declareProtected(Permissions.AccessContentsInformation, 'isHBTree')
def isHBTree(self):
"""
Tell if we are a HBTree
......@@ -1386,6 +1388,28 @@ class Folder(CopyContainer, CMFBTreeFolder, CMFHBTreeFolder, Base, FolderMixIn):
'recursiveImmediateReindexObject', None) is not None:
c.recursiveImmediateReindexObject(**kw)
security.declareProtected(Permissions.ModifyPortalContent, 'moveObject')
def moveObject(self, idxs=None):
"""
Reindex the object in the portal catalog.
If idxs is present, only those indexes are reindexed.
The metadata is always updated.
Also update the modification date of the object,
unless specific indexes were requested.
Passes is_object_moved to catalog to force
reindexing without creating new uid
"""
if idxs is None: idxs = []
if idxs == []:
# Update the modification date.
if getattr(aq_base(self), 'notifyModified', _marker) is not _marker:
self.notifyModified()
catalog = getattr(self.getPortalObject(), 'portal_catalog', None)
if catalog is not None:
catalog.moveObject(self, idxs=idxs)
security.declareProtected( Permissions.ModifyPortalContent,
'recursiveMoveObject' )
def recursiveMoveObject(self):
......@@ -1513,46 +1537,6 @@ class Folder(CopyContainer, CMFBTreeFolder, CMFHBTreeFolder, Base, FolderMixIn):
strict_membership=strict_membership))
return "( %s )" % result
def mergeContent(self,from_object=None,to_object=None, delete=1,**kw):
"""
This method will merge two objects.
When we have to different objects wich represent the same content, we
may want to merge them. In this case, we want to be sure to report
"""
if from_object is None or to_object is None:
return
from_object_related_object_list = self.portal_categories\
.getRelatedValueList(from_object)
to_object_url = to_object.getRelativeUrl()
from_object_url = from_object.getRelativeUrl()
corrected_list = []
for object in from_object_related_object_list:
#LOG('Folder.mergeContent, working on object:',0,object)
new_category_list = []
found = 0
for category in object.getCategoryList(): # so ('destination/person/1',...)
#LOG('Folder.mergeContent, working on category:',0,category)
linked_object_url = '/'.join(category.split('/')[1:])
if linked_object_url == from_object_url:
base_category = category.split('/')[0]
found = 1
new_category_list.append(base_category + '/' + to_object_url)
else:
new_category_list.append(category)
if found:
corrected_list.append(object)
object.setCategoryList(new_category_list)
object.immediateReindexObject()
if delete:
if len(from_object.portal_categories.getRelatedValueList(from_object))==0:
parent = from_object.getParentValue()
parent.manage_delObjects(from_object.getId())
return corrected_list
security.declareProtected( Permissions.AccessContentsInformation,
'objectValues' )
def objectValues(self, spec=None, meta_type=None, portal_type=None,
......
......@@ -355,12 +355,14 @@ class Predicate(XMLObject):
security.declareProtected( Permissions.AccessContentsInformation, 'asSqlJoinExpression' )
asSqlJoinExpression = asSQLJoinExpression
security.declareProtected(Permissions.AccessContentsInformation, 'searchResults')
def searchResults(self, **kw):
"""
"""
portal_catalog = getToolByName(self, 'portal_catalog')
return portal_catalog.searchResults(build_sql_query_method=self.buildSQLQuery,**kw)
security.declareProtected(Permissions.AccessContentsInformation, 'countResults')
def countResults(self, REQUEST=None, used=None, **kw):
"""
"""
......@@ -600,6 +602,7 @@ class Predicate(XMLObject):
def _asPredicate(self):
return self
security.declareProtected(Permissions.AccessContentsInformation, 'searchPredicate')
def searchPredicate(self, **kw):
"""
Returns a list of documents matching the predicate
......
......@@ -76,6 +76,7 @@ class RoleInformation(XMLObject):
value = value and Expression(value) or None
self._baseSetCondition(value)
security.declareProtected(AccessContentsInformation, 'getCondition')
def getCondition(self):
"""Overridden getter for 'condition' to clean null values"""
if getattr(aq_base(self), 'condition', None) == '':
......
......@@ -86,6 +86,8 @@ class StandardProperty(IdAsReferenceMixin('_property'), XMLObject):
getDescription = Base.Getter('getDescription', 'description', 'string',
default='')
security.declareProtected(Permissions.AccessContentsInformation,
'getElementaryType')
def getElementaryType(self):
"""
Define this getter manually as it is not possible to rely on
......
......@@ -75,7 +75,7 @@ class LocalRoleAssignorMixIn(object):
zope.interface.implements(interfaces.ILocalRoleAssignor)
security.declarePrivate('updateLocalRolesOnObject')
security.declarePrivate('updateLocalRolesOnDocument')
@UnrestrictedMethod
def updateLocalRolesOnDocument(self, ob, user_name=None, reindex=True, activate_kw=()):
"""
......@@ -209,6 +209,8 @@ class LocalRoleAssignorMixIn(object):
role.uid = None
return self[self._setObject(role.id, role, set_owner=0)]
InitializeClass(LocalRoleAssignorMixIn)
class ERP5TypeInformation(XMLObject,
FactoryTypeInformation,
LocalRoleAssignorMixIn,
......
......@@ -199,6 +199,7 @@ class CacheTool(BaseTool):
if REQUEST is not None:
self.REQUEST.RESPONSE.redirect('cache_tool_configure?manage_tabs_message=Cache factory scope %s cleared.' %cache_factory_id)
security.declareProtected(Permissions.AccessContentsInformation, 'getCacheTotalMemorySize')
def getCacheTotalMemorySize(self, REQUEST=None):
""" Calculate total size of memory used for cache.
......
......@@ -191,6 +191,7 @@ class SessionTool(BaseTool):
session._updatecontext(self)
return session
security.declarePrivate('getSession')
def getSession(self, session_id, session_duration=None):
""" Return session object. """
storage_plugin = self._getStoragePlugin()
......@@ -216,6 +217,7 @@ class SessionTool(BaseTool):
session = session.getValue()
return session
security.declarePublic('newContent')
def newContent(self, id, **kw):
""" Create new session object. """
session = self.getSession(id)
......
......@@ -89,6 +89,8 @@ class WebServiceTool(BaseTool):
security.declareProtected(Permissions.ManagePortal, 'manage_overview')
manage_overview = DTMLFile('explainWebServiceTool', _dtmldir )
security.declareProtected(Permissions.AccessContentsInformation,
'getConnectionPluginList')
def getConnectionPluginList(self):
"""
Return list of available connection plugins
......@@ -97,6 +99,7 @@ class WebServiceTool(BaseTool):
plugin_list.sort()
return plugin_list
security.declareProtected(Permissions.ManagePortal, 'connect')
def connect(self, url, user_name=None, password=None, transport=None, transport_kw=None):
"""
Connect to remote instances
......
......@@ -17,6 +17,7 @@ import re
import transaction
from Acquisition import aq_parent, aq_inner, aq_base
from AccessControl import ClassSecurityInfo, ModuleSecurityInfo
from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type import Permissions, PropertySheet, Constraint
from Products.CMFCore.PortalContent import ResourceLockedError
from Products.CMFCore.utils import getToolByName
......@@ -193,6 +194,8 @@ class TextContent:
""" Used for FTP and apparently the ZMI now too """
return len(self.manage_FTPget())
InitializeClass(TextContent)
from webdav.common import Locked, PreconditionFailed
from webdav.interfaces import IWriteLock
from webdav.NullResource import NullResource
......
......@@ -32,6 +32,7 @@
from __future__ import absolute_import
from AccessControl import ClassSecurityInfo
from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5.mixin.property_recordable import PropertyRecordableMixin
from Products.ERP5Type import Permissions
from Products.ERP5Type.Base import Base
......@@ -399,3 +400,5 @@ class ComponentMixin(PropertyRecordableMixin, Base):
rev = historicalRevision(self, serial)
return rev.getTextContent()
InitializeClass(ComponentMixin)
......@@ -16,8 +16,13 @@ import logging
logger = logging.getLogger(__name__)
from Products.ERP5Type.Globals import InitializeClass
from AccessControl import ClassSecurityInfo
from Products.CMFCore.ActionsTool import ActionsTool
from Products.CMFCore.interfaces import IActionProvider
from Products.CMFCore.permissions import ManagePortal
security = ClassSecurityInfo()
def migrateNonProviders(portal_actions):
portal_actions_path = '/'.join(portal_actions.getPhysicalPath())
......@@ -100,4 +105,8 @@ def reorderActions(self, REQUEST=None):
return self.manage_editActionsForm(REQUEST,
manage_tabs_message='Actions reordered.')
security.declareProtected(ManagePortal, 'reorderActions')
ActionsTool.reorderActions = reorderActions
ActionsTool.security = security
InitializeClass(ActionsTool)
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
This diff is collapsed.
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment