diff --git a/product/CMFCategory/CategoryTool.py b/product/CMFCategory/CategoryTool.py index 2ce63b43a651028511f7cb2dc1b4c2f032c6bf35..ec1799bf5529f757cbbd276566f161ee00144e8e 100644 --- a/product/CMFCategory/CategoryTool.py +++ b/product/CMFCategory/CategoryTool.py @@ -714,7 +714,7 @@ class CategoryTool( UniqueObject, Folder, Base ): security.declareProtected( Permissions.AccessContentsInformation, 'getSingleCategoryMembershipList' ) def getSingleCategoryMembershipList(self, context, base_category, base=0, - spec=(), filter=None, **kw): + spec=(), filter=None, checked_permission=None, **kw): """ Returns the local membership of the context for a single base category represented as a list of relative URLs @@ -733,15 +733,28 @@ class CategoryTool( UniqueObject, Folder, Base ): portal_type = kw.get('portal_type', ()) if spec is (): spec = portal_type + # Build the ckecked_permission filter + if checked_permission is None: + permissionFilter = lambda x: x + else: + def permissionFilter(category_list): + filtered_category_list = [] + checkPermission = self.portal_membership.checkPermission + for category in category_list: + object = self.unrestrictedTraverse(category) + if object is not None and checkPermission(checked_permission, object): + filtered_category_list.append(category) + return filtered_category_list + # We must treat parent in a different way #LOG('getSingleCategoryMembershipList', 0, 'base_category = %s, spec = %s, base = %s, context = %s, context.aq_inner.aq_parent = %s' % (repr(base_category), repr(spec), repr(base), repr(context), repr(context.aq_inner.aq_parent))) if base_category == 'parent': parent = context.aq_inner.aq_parent # aq_inner is required to make sure we use containment if parent.portal_type in spec: if base: - return ['parent/' + parent.getRelativeUrl()] + return permissionFilter(['parent/' + parent.getRelativeUrl()]) else: - return [parent.getRelativeUrl()] + return permissionFilter([parent.getRelativeUrl()]) #LOG('getSingleCategoryMembershipList', 0, 'not in spec: parent.portal_type = %s, spec = %s' % (repr(parent.portal_type), repr(spec))) return [] @@ -777,7 +790,7 @@ class CategoryTool( UniqueObject, Folder, Base ): append(category_url) else: append(category_url[len(my_base_category)+1:]) - return result + return permissionFilter(result) security.declareProtected( Permissions.AccessContentsInformation, 'getSingleCategoryAcquiredMembershipList' ) @@ -820,6 +833,9 @@ class CategoryTool( UniqueObject, Folder, Base ): base -- if set to 1, returns relative URLs to portal_categories if set to 0, returns relative URLs to the base category + checked_permission -- a string which defined the permission + to filter the object on + acquired_object_dict -- this is the list of object used by acquisition, so we can check if we already have used this object diff --git a/product/ERP5Type/Accessor/AcquiredProperty.py b/product/ERP5Type/Accessor/AcquiredProperty.py index 826a79dcdeb1f92bdce7cf575cadf77b6e3b3973..6171ee5769790f72335cee154f91bc566c941db6 100644 --- a/product/ERP5Type/Accessor/AcquiredProperty.py +++ b/product/ERP5Type/Accessor/AcquiredProperty.py @@ -94,6 +94,7 @@ class Getter(Method): alt_accessor_id=self._alt_accessor_id, is_list_type=self._is_list_type, is_tales_type=self._is_tales_type, + checked_permission=kw.get('checked_permission', None) ) if value is not None: return value.getProperty(self._acquired_property, default, **kw) diff --git a/product/ERP5Type/Accessor/Category.py b/product/ERP5Type/Accessor/Category.py index a5e06bb9e054f016d7a4d088db45a51007be185e..bb1025b202b7f10a096393ae6536972b3371a89a 100644 --- a/product/ERP5Type/Accessor/Category.py +++ b/product/ERP5Type/Accessor/Category.py @@ -57,7 +57,8 @@ class ListSetter(Method): filter=kw.get('filter', None), portal_type=kw.get('portal_type',()), base=kw.get('base', 0), - keep_default=0) + keep_default=0, + checked_permission=kw.get('checked_permission', None)) if self._reindex: warnings.warn("The reindexing accessors are deprecated.\n" "Please use Alias.Reindex instead.", @@ -90,7 +91,8 @@ class DefaultSetter(Method): spec=kw.get('spec',()), filter=kw.get('filter', None), portal_type=kw.get('portal_type',()), - base=kw.get('base', 0)) + base=kw.get('base', 0), + checked_permission=kw.get('checked_permission', None)) if self._reindex: warnings.warn("The reindexing accessors are deprecated.\n" "Please use Alias.Reindex instead.", @@ -133,7 +135,8 @@ class SetSetter(Method): filter=kw.get('filter', None), portal_type=kw.get('portal_type',()), base=kw.get('base', 0), - keep_default=1) + keep_default=1, + checked_permission=kw.get('checked_permission', None)) if self._reindex: warnings.warn("The reindexing accessors are deprecated.\n" "Please use Alias.Reindex instead.", @@ -168,7 +171,8 @@ class DefaultGetter(Method): spec=kw.get('spec',()), filter=kw.get('filter', None), portal_type=kw.get('portal_type',()), - base=kw.get('base',0), default=default) + base=kw.get('base',0), default=default, + checked_permission=kw.get('checked_permission', None)) psyco.bind(__call__) class ListGetter(Method): diff --git a/product/ERP5Type/Accessor/Value.py b/product/ERP5Type/Accessor/Value.py index ce46ff272e2485e7438b7592416c28f4882e0bc2..a49abdad56ffc3029f1037722f6c58ba0c234ee5 100644 --- a/product/ERP5Type/Accessor/Value.py +++ b/product/ERP5Type/Accessor/Value.py @@ -51,10 +51,11 @@ class SetSetter(Method): if self._warning: LOG("ERP5Type Deprecated Getter Id:",0, self._id) instance._setValue(self._key, args[0], - spec=kw.get('spec',()), - filter=kw.get('filter', None), - portal_type=kw.get('portal_type',()), - keep_default=1) + spec=kw.get('spec',()), + filter=kw.get('filter', None), + portal_type=kw.get('portal_type',()), + keep_default=1, + checked_permission=kw.get('checked_permission', None)) if self._reindex: warnings.warn("The reindexing accessors are deprecated.\n" "Please use Alias.Reindex instead.", @@ -76,7 +77,8 @@ class ListSetter(SetSetter): spec=kw.get('spec',()), filter=kw.get('filter', None), portal_type=kw.get('portal_type',()), - keep_default=0) + keep_default=0, + checked_permission=kw.get('checked_permission', None)) if self._reindex: warnings.warn("The reindexing accessors are deprecated.\n" "Please use Alias.Reindex instead.", @@ -99,7 +101,8 @@ class DefaultSetter(SetSetter): instance._setDefaultValue(self._key, args[0], spec=kw.get('spec',()), filter=kw.get('filter', None), - portal_type=kw.get('portal_type',())) + portal_type=kw.get('portal_type',()), + checked_permission=kw.get('checked_permission', None)) if self._reindex: warnings.warn("The reindexing accessors are deprecated.\n" "Please use Alias.Reindex instead.", @@ -256,7 +259,8 @@ class DefaultTranslatedTitleGetter(Method): o = instance._getDefaultAcquiredValue(self._key, spec=kw.get('spec',()), filter=kw.get('filter', None), - portal_type=kw.get('portal_type',())) + portal_type=kw.get('portal_type',()), + checked_permission=kw.get('checked_permission', None)) if o is None: return None return o.getTranslatedTitle() @@ -285,7 +289,8 @@ class TranslatedTitleListGetter(Method): return [x.getTranslatedTitle() for x in instance._getAcquiredValueList(self._key, spec=kw.get('spec',()), filter=kw.get('filter', None), - portal_type=kw.get('portal_type',())) + portal_type=kw.get('portal_type',()), + checked_permission=kw.get('checked_permission', None)) ] psyco.bind(__call__) @@ -323,7 +328,8 @@ class DefaultReferenceGetter(Method): o = instance._getDefaultAcquiredValue(self._key, spec=kw.get('spec',()), filter=kw.get('filter', None), - portal_type=kw.get('portal_type',())) + portal_type=kw.get('portal_type',()), + checked_permission=kw.get('checked_permission', None)) if o is None: return None return o.getReference() @@ -352,7 +358,8 @@ class ReferenceListGetter(Method): return [x.getReference() for x in instance._getAcquiredValueList(self._key, spec=kw.get('spec',()), filter=kw.get('filter', None), - portal_type=kw.get('portal_type',())) + portal_type=kw.get('portal_type',()), + checked_permission=kw.get('checked_permission', None)) ] psyco.bind(__call__) @@ -390,7 +397,8 @@ class DefaultUidGetter(Method): value = instance._getDefaultAcquiredValue(self._key, spec=kw.get('spec',()), filter=kw.get('filter', None), - portal_type=kw.get('portal_type',())) + portal_type=kw.get('portal_type',()), + checked_permission=kw.get('checked_permission', None)) if value is not None: return value.getUid() else: @@ -422,7 +430,8 @@ class UidListGetter(Method): return [x.getUid() for x in instance._getAcquiredValueList(self._key, spec=kw.get('spec',()), filter=kw.get('filter', None), - portal_type=kw.get('portal_type',())) + portal_type=kw.get('portal_type',()), + checked_permission=kw.get('checked_permission', None)) ] psyco.bind(__call__) @@ -460,7 +469,8 @@ class UidSetSetter(Method): spec=kw.get('spec',()), filter=kw.get('filter', None), portal_type=kw.get('portal_type',()), - keep_default=1) + keep_default=1, + checked_permission=kw.get('checked_permission', None)) if self._reindex: warnings.warn("The reindexing accessors are deprecated.\n" "Please use Alias.Reindex instead.", @@ -480,7 +490,8 @@ class UidListSetter(UidSetSetter): spec=kw.get('spec',()), filter=kw.get('filter', None), portal_type=kw.get('portal_type',()), - keep_default=0) + keep_default=0, + checked_permission=kw.get('checked_permission', None)) if self._reindex: warnings.warn("The reindexing accessors are deprecated.\n" "Please use Alias.Reindex instead.", @@ -501,7 +512,8 @@ class UidDefaultSetter(UidSetSetter): instance._setDefaultValueUid(self._key, args[0], spec=kw.get('spec',()), filter=kw.get('filter', None), - portal_type=kw.get('portal_type',())) + portal_type=kw.get('portal_type',()), + checked_permission=kw.get('checked_permission', None)) if self._reindex: warnings.warn("The reindexing accessors are deprecated.\n" "Please use Alias.Reindex instead.", @@ -527,7 +539,10 @@ class DefaultIdGetter(Method): self._key = key def __call__(self, instance, *args, **kw): - value = instance._getDefaultAcquiredValue(self._key, spec=kw.get('spec',())) + value = instance._getDefaultAcquiredValue(self._key, spec=kw.get('spec',()), + filter=kw.get('filter', None), + portal_type=kw.get('portal_type',()), + checked_permission=kw.get('checked_permission', None)) if value is not None: return value.getId() else: @@ -556,7 +571,10 @@ class DefaultTitleOrIdGetter(Method): self._key = key def __call__(self, instance, *args, **kw): - value = instance._getDefaultAcquiredValue(self._key, spec=kw.get('spec',())) + value = instance._getDefaultAcquiredValue(self._key, spec=kw.get('spec',()), + filter=kw.get('filter', None), + portal_type=kw.get('portal_type',()), + checked_permission=kw.get('checked_permission', None)) if value is not None: return value.getTitleOrId() else: @@ -585,7 +603,10 @@ class DefaultLogicalPathGetter(Method): self._key = key def __call__(self, instance, *args, **kw): - value = instance._getDefaultAcquiredValue(self._key, spec=kw.get('spec',())) + value = instance._getDefaultAcquiredValue(self._key, spec=kw.get('spec',()), + filter=kw.get('filter', None), + portal_type=kw.get('portal_type',()), + checked_permission=kw.get('checked_permission', None)) if value is not None: return value.getLogicalPath() else: @@ -617,7 +638,8 @@ class IdListGetter(Method): return [x.getId() for x in instance._getAcquiredValueList(self._key, spec=kw.get('spec',()), filter=kw.get('filter', None), - portal_type=kw.get('portal_type',())) + portal_type=kw.get('portal_type',()), + checked_permission=kw.get('checked_permission', None)) ] psyco.bind(__call__) @@ -655,7 +677,8 @@ class LogicalPathListGetter(Method): return [x.getLogicalPath() for x in instance._getAcquiredValueList(self._key, spec=kw.get('spec',()), filter=kw.get('filter', None), - portal_type=kw.get('portal_type',())) + portal_type=kw.get('portal_type',()), + checked_permission=kw.get('checked_permission', None)) ] class LogicalPathSetGetter(LogicalPathListGetter): @@ -691,7 +714,8 @@ class DefaultPropertyGetter(Method): value = instance._getDefaultAcquiredValue(self._key, spec=kw.get('spec',()), filter=kw.get('filter', None), - portal_type=kw.get('portal_type',())) + portal_type=kw.get('portal_type',()), + checked_permission=kw.get('checked_permission', None)) if value is not None: return value.getProperty(key) else: @@ -723,7 +747,8 @@ class PropertyListGetter(Method): return [x.getProperty(key) for x in instance._getAcquiredValueList(self._key, spec=kw.get('spec',()), filter=kw.get('filter', None), - portal_type=kw.get('portal_type',())) + portal_type=kw.get('portal_type',()), + checked_permission=kw.get('checked_permission', None)) ] psyco.bind(__call__) @@ -737,4 +762,3 @@ class PropertySetGetter(PropertyListGetter): self, instance, *args, **kw) result_set = dict([(x, 0) for x in result_list]).keys() return result_set - diff --git a/product/ERP5Type/Base.py b/product/ERP5Type/Base.py index b177077ee614d0782ecc52f0ad1012c06c4be984..7fcbe8fe7d067001e446c1872ce94fae4c01bdca 100644 --- a/product/ERP5Type/Base.py +++ b/product/ERP5Type/Base.py @@ -902,7 +902,7 @@ class Base( CopyContainer, def _getDefaultAcquiredProperty(self, key, default_value, null_value, base_category=None, portal_type=None, copy_value=0, mask_value=0, sync_value=0, accessor_id=None, depends=None, storage_id=None, alt_accessor_id=None, - is_list_type=0, is_tales_type=0): + is_list_type=0, is_tales_type=0, checked_permission=None): """ This method implements programmable acquisition of values in ERP5. @@ -961,7 +961,8 @@ class Base( CopyContainer, portal_type = tuple(portal_type) acquisition_key = ('_getDefaultAcquiredProperty', self.getPath(), key, base_category, portal_type, copy_value, mask_value, sync_value, - accessor_id, depends, storage_id, alt_accessor_id, is_list_type, is_tales_type) + accessor_id, depends, storage_id, alt_accessor_id, is_list_type, is_tales_type, + checked_permission) if acquisition_key in tv: return null_value @@ -992,7 +993,8 @@ class Base( CopyContainer, #LOG("Get Acquired Property portal_type",0,str(portal_type)) #LOG("Get Acquired Property base_category",0,str(base_category)) #super_list = self._getValueList(base_category, portal_type=portal_type) # We only do a single jump - super_list = self._getAcquiredValueList(base_category, portal_type=portal_type) # Full acquisition + super_list = self._getAcquiredValueList(base_category, portal_type=portal_type, + checked_permission=checked_permission) # Full acquisition super_list = filter(lambda o: o.getPhysicalPath() != self.getPhysicalPath(), super_list) # Make sure we do not create stupid loop here #LOG("Get Acquired Property super_list",0,str(super_list)) #LOG("Get Acquired Property accessor_id",0,str(accessor_id)) @@ -1064,7 +1066,7 @@ class Base( CopyContainer, def _getAcquiredPropertyList(self, key, default_value, null_value, base_category, portal_type=None, copy_value=0, mask_value=0, sync_value=0, append_value=0, accessor_id=None, depends=None, storage_id=None, alt_accessor_id=None, - is_list_type=0, is_tales_type=0): + is_list_type=0, is_tales_type=0, checked_permission=None): """ Default accessor. Implements the default attribute accessor. @@ -1080,7 +1082,8 @@ class Base( CopyContainer, portal_type = tuple(portal_type) acquisition_key = ('_getAcquiredPropertyList', self.getPath(), key, base_category, portal_type, copy_value, mask_value, sync_value, - accessor_id, depends, storage_id, alt_accessor_id, is_list_type, is_tales_type) + accessor_id, depends, storage_id, alt_accessor_id, is_list_type, is_tales_type, + checked_permission) if acquisition_key in tv: return null_value @@ -1096,7 +1099,8 @@ class Base( CopyContainer, return expression(econtext) else: return value - super_list = self._getAcquiredValueList(base_category, portal_type=portal_type) # Full acquisition + super_list = self._getAcquiredValueList(base_category, portal_type=portal_type, + checked_permission=checked_permission) # Full acquisition super_list = filter(lambda o: o.getPhysicalPath() != self.getPhysicalPath(), super_list) # Make sure we do not create stupid loop here if len(super_list) > 0: value = [] @@ -1720,7 +1724,8 @@ class Base( CopyContainer, # Private accessors for the implementation of relations based on # categories security.declareProtected( Permissions.ModifyPortalContent, '_setValue' ) - def _setValue(self, id, target, spec=(), filter=None, portal_type=(), keep_default=1): + def _setValue(self, id, target, spec=(), filter=None, portal_type=(), keep_default=1, + checked_permission=None): start_string = "%s/" % id start_string_len = len(start_string) if target is None : @@ -1746,21 +1751,23 @@ class Base( CopyContainer, path = target.getRelativeUrl() if path.startswith(start_string): path = path[start_string_len:] # Prevent duplicating base category self._setCategoryMembership(id, path, spec=spec, filter=filter, portal_type=portal_type, - base=0, keep_default=keep_default) + base=0, keep_default=keep_default, + checked_permission=checked_permission) security.declareProtected( Permissions.ModifyPortalContent, '_setValueList' ) _setValueList = _setValue security.declareProtected( Permissions.ModifyPortalContent, 'setValue' ) - def setValue(self, id, target, spec=(), filter=None, portal_type=(), keep_default=1): - self._setValue(id, target, spec=spec, filter=filter, portal_type=portal_type, keep_default=keep_default) + def setValue(self, id, target, spec=(), filter=None, portal_type=(), keep_default=1, checked_permission=None): + self._setValue(id, target, spec=spec, filter=filter, portal_type=portal_type, keep_default=keep_default, + checked_permission=checked_permission) self.reindexObject() security.declareProtected( Permissions.ModifyPortalContent, 'setValueList' ) setValueList = setValue security.declareProtected( Permissions.ModifyPortalContent, '_setDefaultValue' ) - def _setDefaultValue(self, id, target, spec=(), filter=None, portal_type=()): + def _setDefaultValue(self, id, target, spec=(), filter=None, portal_type=(), checked_permission=None): start_string = "%s/" % id start_string_len = len(start_string) if target is None : @@ -1775,18 +1782,21 @@ class Base( CopyContainer, path = target.getRelativeUrl() if path.startswith(start_string): path = path[start_string_len:] # Prevent duplicating base category self._setDefaultCategoryMembership(id, path, spec=spec, filter=filter, - portal_type=portal_type, base=0) + portal_type=portal_type, base=0, + checked_permission=checked_permission) security.declareProtected(Permissions.ModifyPortalContent, 'setDefaultValue' ) def setDefaultValue(self, id, target, spec=(), filter=None, portal_type=()): - self._setDefaultValue(id, target, spec=spec, filter=filter, portal_type=portal_type) + self._setDefaultValue(id, target, spec=spec, filter=filter, portal_type=portal_type, + checked_permission=None) self.reindexObject() security.declareProtected(Permissions.AccessContentsInformation, '_getDefaultValue') - def _getDefaultValue(self, id, spec=(), filter=None, portal_type=()): + def _getDefaultValue(self, id, spec=(), filter=None, portal_type=(), checked_permission=None): path = self._getDefaultCategoryMembership(id, spec=spec, filter=filter, - portal_type=portal_type,base=1) + portal_type=portal_type,base=1, + checked_permission=checked_permission) if path is None: return None else: @@ -1797,10 +1807,11 @@ class Base( CopyContainer, security.declareProtected(Permissions.AccessContentsInformation, '_getValueList') - def _getValueList(self, id, spec=(), filter=None, portal_type=()): + def _getValueList(self, id, spec=(), filter=None, portal_type=(), checked_permission=None): ref_list = [] for path in self._getCategoryMembershipList(id, spec=spec, filter=filter, - portal_type=portal_type, base=1): + portal_type=portal_type, base=1, + checked_permission=checked_permission): # LOG('_getValueList',0,str(path)) try: value = self._getCategoryTool().resolveCategory(path) @@ -1818,9 +1829,10 @@ class Base( CopyContainer, security.declareProtected(Permissions.AccessContentsInformation, '_getDefaultAcquiredValue') def _getDefaultAcquiredValue(self, id, spec=(), filter=None, portal_type=(), - evaluate=1): + evaluate=1, checked_permission=None): path = self._getDefaultAcquiredCategoryMembership(id, spec=spec, filter=filter, - portal_type=portal_type, base=1) + portal_type=portal_type, base=1, + checked_permission=checked_permission) # LOG("_getAcquiredDefaultValue",0,str(path)) if path is None: return None @@ -1924,9 +1936,10 @@ class Base( CopyContainer, getRelatedPropertyList = _getRelatedPropertyList security.declareProtected( Permissions.View, 'getValueUidList' ) - def getValueUidList(self, id, spec=(), filter=None, portal_type=()): + def getValueUidList(self, id, spec=(), filter=None, portal_type=(), checked_permission=None): uid_list = [] - for o in self._getValueList(id, spec=spec, filter=filter, portal_type=portal_type): + for o in self._getValueList(id, spec=spec, filter=filter, portal_type=portal_type, + checked_permission=checked_permission): uid_list.append(o.getUid()) return uid_list @@ -1934,7 +1947,8 @@ class Base( CopyContainer, getValueUids = getValueUidList # DEPRECATED security.declareProtected( Permissions.ModifyPortalContent, '_setValueUidList' ) - def _setValueUidList(self, id, uids, spec=(), filter=None, portal_type=(), keep_default=1): + def _setValueUidList(self, id, uids, spec=(), filter=None, portal_type=(), keep_default=1, + checked_permission=None): # We must do an ordered list so we can not use the previous method # self._setValue(id, self.portal_catalog.getObjectList(uids), spec=spec) references = [] @@ -1942,67 +1956,80 @@ class Base( CopyContainer, uids = [uids] for uid in uids: references.append(self.portal_catalog.getObject(uid)) - self._setValue(id, references, spec=spec, filter=filter, portal_type=portal_type, keep_default=keep_default) + self._setValue(id, references, spec=spec, filter=filter, portal_type=portal_type, + keep_default=keep_default, checked_permission=checked_permission) security.declareProtected( Permissions.ModifyPortalContent, '_setValueUidList' ) _setValueUids = _setValueUidList # DEPRECATED security.declareProtected( Permissions.ModifyPortalContent, 'setValueUidList' ) - def setValueUidList(self, id, uids, spec=(), filter=None, portal_type=(), keep_default=1): - self._setValueUids(id, uids, spec=spec, filter=filter, portal_type=portal_type, keep_default=keep_default) + def setValueUidList(self, id, uids, spec=(), filter=None, portal_type=(), keep_default=1, checked_permission=None): + self._setValueUids(id, uids, spec=spec, filter=filter, portal_type=portal_type, + keep_default=keep_default, checked_permission=checked_permission) self.reindexObject() security.declareProtected( Permissions.ModifyPortalContent, 'setValueUidList' ) setValueUids = setValueUidList # DEPRECATED security.declareProtected( Permissions.ModifyPortalContent, '_setDefaultValueUid' ) - def _setDefaultValueUid(self, id, uid, spec=(), filter=None, portal_type=()): + def _setDefaultValueUid(self, id, uid, spec=(), filter=None, portal_type=(), + checked_permission=None): # We must do an ordered list so we can not use the previous method # self._setValue(id, self.portal_catalog.getObjectList(uids), spec=spec) references = self.portal_catalog.getObject(uid) - self._setDefaultValue(id, references, spec=spec, filter=filter, portal_type=portal_type) + self._setDefaultValue(id, references, spec=spec, filter=filter, portal_type=portal_type, + checked_permission=checked_permission) security.declareProtected( Permissions.ModifyPortalContent, 'setDefaultValueUid' ) - def setDefaultValueUid(self, id, uid, spec=(), filter=None, portal_type=()): - self._setDefaultValueUid(id, uid, spec=spec, filter=filter, portal_type=portal_type) + def setDefaultValueUid(self, id, uid, spec=(), filter=None, portal_type=(), checked_permission=None): + self._setDefaultValueUid(id, uid, spec=spec, filter=filter, portal_type=portal_type, + checked_permission=checked_permission) self.reindexObject() # Private accessors for the implementation of categories security.declareProtected( Permissions.ModifyPortalContent, '_setCategoryMembership' ) def _setCategoryMembership(self, category, node_list, spec=(), - filter=None, portal_type=(), base=0, keep_default=1): + filter=None, portal_type=(), base=0, keep_default=1, + checked_permission=None): self._getCategoryTool().setCategoryMembership(self, category, node_list, - spec=spec, filter=filter, portal_type=portal_type, base=base, keep_default=keep_default) + spec=spec, filter=filter, portal_type=portal_type, base=base, + keep_default=keep_default, checked_permission=checked_permission) #self.activate().edit() # Do nothing except call workflow method # XXX This is a problem - it is used to circumvent a lack of edit security.declareProtected( Permissions.ModifyPortalContent, 'setCategoryMembership' ) - def setCategoryMembership(self, category, node_list, spec=(), portal_type=(), base=0, keep_default=1): + def setCategoryMembership(self, category, node_list, spec=(), portal_type=(), base=0, keep_default=1, + checked_permission=None): self._setCategoryMembership(category, - node_list, spec=spec, filter=filter, portal_type=portal_type, base=base, keep_default=keep_default) + node_list, spec=spec, filter=filter, portal_type=portal_type, base=base, keep_default=keep_default, checked_permission=checked_permission) self.reindexObject() security.declareProtected( Permissions.ModifyPortalContent, '_setDefaultCategoryMembership' ) def _setDefaultCategoryMembership(self, category, node_list, - spec=(), filter=None, portal_type=(), base=0): + spec=(), filter=None, portal_type=(), base=0, + checked_permission=None): self._getCategoryTool().setDefaultCategoryMembership(self, category, - node_list, spec=spec, filter=filter, portal_type=portal_type, base=base) + node_list, spec=spec, filter=filter, portal_type=portal_type, base=base, + checked_permission=checked_permission) security.declareProtected( Permissions.ModifyPortalContent, 'setDefaultCategoryMembership' ) def setDefaultCategoryMembership(self, category, node_list, - spec=(), filter=None, portal_type=(), base=0): + spec=(), filter=None, portal_type=(), base=0, + checked_permission=None): self._setDefaultCategoryMembership(category, node_list, spec=spec, filter=filter, - portal_type=portal_type, base=base) + portal_type=portal_type, base=base, + checked_permission=checked_permission) self.reindexObject() security.declareProtected( Permissions.AccessContentsInformation, '_getCategoryMembershipList' ) - def _getCategoryMembershipList(self, category, spec=(), filter=None, portal_type=(), base=0, keep_default=1): + def _getCategoryMembershipList(self, category, spec=(), filter=None, portal_type=(), base=0, + keep_default=1, checked_permission=None): """ This returns the list of categories for an object """ return self._getCategoryTool().getCategoryMembershipList(self, category, spec=spec, filter=filter, portal_type=portal_type, base=base, - keep_default=keep_default) + keep_default=keep_default, checked_permission=checked_permission) security.declareProtected( Permissions.AccessContentsInformation, 'getCategoryMembershipList' ) getCategoryMembershipList = _getCategoryMembershipList @@ -2022,26 +2049,31 @@ class Base( CopyContainer, getAcquiredCategoryMembershipList = _getAcquiredCategoryMembershipList security.declareProtected( Permissions.AccessContentsInformation, '_getCategoryMembershipItemList' ) - def _getCategoryMembershipItemList(self, category, spec=(), filter=None, portal_type=(), base=0): + def _getCategoryMembershipItemList(self, category, spec=(), filter=None, portal_type=(), base=0, + checked_permission=None): membership_list = self._getCategoryMembershipList(category, - spec = spec, filter=filter, portal_type=portal_type, base=base) + spec=spec, filter=filter, portal_type=portal_type, base=base, + checked_permission=checked_permission) return [(x, x) for x in membership_list] security.declareProtected( Permissions.AccessContentsInformation, '_getAcquiredCategoryMembershipItemList' ) def _getAcquiredCategoryMembershipItemList(self, category, spec=(), - filter=None, portal_type=(), base=0, method_id=None, sort_id='default'): + filter=None, portal_type=(), base=0, method_id=None, sort_id='default', + checked_permission=None): # Standard behaviour - should be OK # sort_id should be None for not sort - default behaviour in other methods if method_id is None and sort_id in (None, 'default'): membership_list = self._getAcquiredCategoryMembershipList(category, - spec = spec, filter=filter, portal_type=portal_type, base=base) + spec = spec, filter=filter, portal_type=portal_type, base=base, + checked_permission=checked_permission) if sort_id == 'default': membership_list.sort() return [(x, x) for x in membership_list] # Advanced behaviour XXX This is new and needs to be checked membership_list = self._getAcquiredCategoryMembershipList(category, - spec = spec, filter=filter, portal_type=portal_type, base=1) + spec = spec, filter=filter, portal_type=portal_type, base=1, + checked_permission=checked_permission) result = [] for path in membership_list: value = self._getCategoryTool().resolveCategory(path) @@ -2053,9 +2085,11 @@ class Base( CopyContainer, return map(lambda x: (x,getattr(x, method_id)()), membership_list) security.declareProtected( Permissions.View, '_getDefaultCategoryMembership' ) - def _getDefaultCategoryMembership(self, category, spec = (), filter=None, portal_type=(), base = 0 ): + def _getDefaultCategoryMembership(self, category, spec=(), filter=None, portal_type=(), base=0, + checked_permission=None ): membership = self._getCategoryTool().getCategoryMembershipList(self, - category, spec = spec, filter=filter, portal_type=portal_type, base = base) + category, spec=spec, filter=filter, portal_type=portal_type, base=base, + checked_permission=checked_permission) if len(membership) > 0: return membership[0] else: @@ -2063,9 +2097,11 @@ class Base( CopyContainer, security.declareProtected( Permissions.View, '_getDefaultAcquiredCategoryMembership' ) def _getDefaultAcquiredCategoryMembership(self, category, - spec=(), filter=None, portal_type=(), base=0, default=None): + spec=(), filter=None, portal_type=(), base=0, default=None, + checked_permission=None): membership = self._getAcquiredCategoryMembershipList(category, - spec=spec, filter=filter, portal_type=portal_type, base=base) + spec=spec, filter=filter, portal_type=portal_type, base=base, + checked_permission=checked_permission) if len(membership) > 0: return membership[0] else: