Commit af63bfda authored by Sebastien Robin's avatar Sebastien Robin

replaces all state_change.object by state_change['object'] in order to prevent...

replaces all state_change.object by state_change['object'] in order to prevent some security problems

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@12467 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent 530d8414
......@@ -68,7 +68,7 @@
</item>
<item>
<key> <string>_body</string> </key>
<value> <string>order = state_change.object\n
<value> <string>order = state_change[\'object\']\n
\n
order.applyToOrderRelatedMovement(method_id=\'expand\')\n
</string> </value>
......@@ -114,8 +114,9 @@ order.applyToOrderRelatedMovement(method_id=\'expand\')\n
<value>
<tuple>
<string>state_change</string>
<string>_getattr_</string>
<string>_getitem_</string>
<string>order</string>
<string>_getattr_</string>
</tuple>
</value>
</item>
......
......@@ -68,7 +68,7 @@
</item>
<item>
<key> <string>_body</string> </key>
<value> <string>order = state_change.object\n
<value> <string>order = state_change[\'object\']\n
\n
previous_tag = order.getPath() + \'_firstUpdateAppliedRule\'\n
expand_tag = order.getPath() + \'_expand\'\n
......@@ -126,8 +126,9 @@ delivery_builder.activate(activity=\'SQLQueue\',after_tag=expand_tag).build(expl
<value>
<tuple>
<string>state_change</string>
<string>_getattr_</string>
<string>_getitem_</string>
<string>order</string>
<string>_getattr_</string>
<string>previous_tag</string>
<string>expand_tag</string>
<string>activate_kw</string>
......
......@@ -68,7 +68,7 @@
</item>
<item>
<key> <string>_body</string> </key>
<value> <string>order = state_change.object\n
<value> <string>order = state_change[\'object\']\n
\n
tag = order.getPath() + \'_firstUpdateAppliedRule\'\n
activate_kw = {\'tag\':tag,\'priority\':3}\n
......@@ -117,8 +117,9 @@ order.activate(tag=tag).updateAppliedRule(rule_id = \'default_order_rule\',activ
<tuple>
<string>state_change</string>
<string>kw</string>
<string>_getattr_</string>
<string>_getitem_</string>
<string>order</string>
<string>_getattr_</string>
<string>tag</string>
<string>activate_kw</string>
</tuple>
......
......@@ -72,7 +72,7 @@
# This script check that necessary data exists on Order\n
from Products.DCWorkflow.DCWorkflow import ValidationFailed\n
order = state_change.object\n
order = state_change[\'object\']\n
error_message = \'\'\n
message_list = []\n
\n
......@@ -149,10 +149,11 @@ if len(message_list) > 0:\n
<string>kw</string>
<string>Products.DCWorkflow.DCWorkflow</string>
<string>ValidationFailed</string>
<string>_getattr_</string>
<string>_getitem_</string>
<string>order</string>
<string>error_message</string>
<string>message_list</string>
<string>_getattr_</string>
<string>None</string>
<string>_getiter_</string>
<string>line</string>
......
......@@ -68,7 +68,7 @@
</item>
<item>
<key> <string>_body</string> </key>
<value> <string>packing_list = state_change.object\n
<value> <string>packing_list = state_change[\'object\']\n
\n
# Create Delivery Applied Rule (if required)\n
packing_list.updateAppliedRule()\n
......@@ -125,8 +125,9 @@ packing_list.activate().updateCausalityState()\n
<value>
<tuple>
<string>state_change</string>
<string>_getattr_</string>
<string>_getitem_</string>
<string>packing_list</string>
<string>_getattr_</string>
<string>None</string>
</tuple>
</value>
......
......@@ -68,7 +68,7 @@
</item>
<item>
<key> <string>_body</string> </key>
<value> <string>packing_list = state_change.object\n
<value> <string>packing_list = state_change[\'object\']\n
\n
# Create Delivery Applied Rule (if required)\n
packing_list.updateAppliedRule()\n
......@@ -131,8 +131,9 @@ packing_list.activate().updateCausalityState()\n
<value>
<tuple>
<string>state_change</string>
<string>_getattr_</string>
<string>_getitem_</string>
<string>packing_list</string>
<string>_getattr_</string>
<string>packing_list_portal_type</string>
<string>delivery_builder</string>
<string>packing_list_relative_url</string>
......
......@@ -68,7 +68,7 @@
</item>
<item>
<key> <string>_body</string> </key>
<value> <string>context = state_change.object\n
<value> <string>context = state_change[\'object\']\n
if context.getSimulationState()!=\'draft\':\n
context.activate().updateCausalityState()\n
</string> </value>
......@@ -115,8 +115,9 @@ if context.getSimulationState()!=\'draft\':\n
<tuple>
<string>state_change</string>
<string>kw</string>
<string>_getattr_</string>
<string>_getitem_</string>
<string>context</string>
<string>_getattr_</string>
</tuple>
</value>
</item>
......
......@@ -68,7 +68,7 @@
</item>
<item>
<key> <string>_body</string> </key>
<value> <string>packing_list = state_change.object\n
<value> <string>packing_list = state_change[\'object\']\n
\n
stop_date = state_change.kwargs[\'stop_date\']\n
start_date = state_change.kwargs[\'start_date\']\n
......@@ -125,9 +125,9 @@ packing_list.portal_workflow.doActionFor(\n
<value>
<tuple>
<string>state_change</string>
<string>_getattr_</string>
<string>packing_list</string>
<string>_getitem_</string>
<string>packing_list</string>
<string>_getattr_</string>
<string>stop_date</string>
<string>start_date</string>
</tuple>
......
......@@ -68,7 +68,7 @@
</item>
<item>
<key> <string>_body</string> </key>
<value> <string>packing_list = state_change.object\n
<value> <string>packing_list = state_change[\'object\']\n
\n
stop_date = state_change.kwargs[\'stop_date\']\n
start_date = state_change.kwargs[\'start_date\']\n
......@@ -148,9 +148,9 @@ delivery_builder.activate(activity=\'SQLQueue\',after_tag=tag).build(explanation
<value>
<tuple>
<string>state_change</string>
<string>_getattr_</string>
<string>packing_list</string>
<string>_getitem_</string>
<string>packing_list</string>
<string>_getattr_</string>
<string>stop_date</string>
<string>start_date</string>
<string>tag</string>
......
......@@ -68,7 +68,7 @@
</item>
<item>
<key> <string>_body</string> </key>
<value> <string>packing_list = state_change.object\n
<value> <string>packing_list = state_change[\'object\']\n
\n
for movement in packing_list.getMovementList():\n
movement.setQuantity(movement.Movement_getPackedQuantity())\n
......@@ -117,9 +117,10 @@ packing_list.edit()\n
<value>
<tuple>
<string>state_change</string>
<string>_getattr_</string>
<string>_getitem_</string>
<string>packing_list</string>
<string>_getiter_</string>
<string>_getattr_</string>
<string>movement</string>
</tuple>
</value>
......
......@@ -68,7 +68,7 @@
</item>
<item>
<key> <string>_body</string> </key>
<value> <string>packing_list_content = state_change.object\n
<value> <string>packing_list_content = state_change[\'object\']\n
\n
packing_list_content.getExplanationValue().activate(after_path=packing_list_content.getPath()).edit()\n
</string> </value>
......@@ -114,8 +114,9 @@ packing_list_content.getExplanationValue().activate(after_path=packing_list_cont
<value>
<tuple>
<string>state_change</string>
<string>_getattr_</string>
<string>_getitem_</string>
<string>packing_list_content</string>
<string>_getattr_</string>
</tuple>
</value>
</item>
......
......@@ -68,7 +68,7 @@
</item>
<item>
<key> <string>_body</string> </key>
<value> <string>packing_list_content = state_change.object\n
<value> <string>packing_list_content = state_change[\'object\']\n
\n
#packing_list_content.immediateReindexObject()\n
#packing_list_content.getExplanationValue().edit()\n
......@@ -116,8 +116,9 @@ packing_list_content.getExplanationValue().activate(after_path=packing_list_cont
<value>
<tuple>
<string>state_change</string>
<string>_getattr_</string>
<string>_getitem_</string>
<string>packing_list_content</string>
<string>_getattr_</string>
</tuple>
</value>
</item>
......
......@@ -68,7 +68,7 @@
</item>
<item>
<key> <string>_body</string> </key>
<value> <string>packing_list_content = state_change.object\n
<value> <string>packing_list_content = state_change[\'object\']\n
\n
# Clean simulation\n
simulation_movement_list = packing_list_content.getDeliveryRelatedValueList(\n
......@@ -133,8 +133,9 @@ for simulation_movement in simulation_movement_list:\n
<value>
<tuple>
<string>state_change</string>
<string>_getattr_</string>
<string>_getitem_</string>
<string>packing_list_content</string>
<string>_getattr_</string>
<string>simulation_movement_list</string>
<string>_getiter_</string>
<string>simulation_movement</string>
......
......@@ -68,7 +68,7 @@
</item>
<item>
<key> <string>_body</string> </key>
<value> <string>packing_list_content = state_change.object\n
<value> <string>packing_list_content = state_change[\'object\']\n
if packing_list_content.getSimulationState()!=\'draft\':\n
explanation_value = packing_list_content.getExplanationValue()\n
explanation_value.edit()\n
......@@ -116,8 +116,9 @@ if packing_list_content.getSimulationState()!=\'draft\':\n
<value>
<tuple>
<string>state_change</string>
<string>_getattr_</string>
<string>_getitem_</string>
<string>packing_list_content</string>
<string>_getattr_</string>
<string>explanation_value</string>
</tuple>
</value>
......
......@@ -68,7 +68,7 @@
</item>
<item>
<key> <string>_body</string> </key>
<value> <string>packing_list = state_change.object\n
<value> <string>packing_list = state_change[\'object\']\n
if packing_list.getSimulationState()!=\'draft\':\n
packing_list.activate(after_method_id=(\'immediateReindexObject\',\'recursiveImmediateReindexObject\')).updateAppliedRule(rule_id=\'default_delivery_rule\')\n
\n
......@@ -123,8 +123,9 @@ if packing_list.getSimulationState()!=\'draft\':\n
<tuple>
<string>state_change</string>
<string>kw</string>
<string>_getattr_</string>
<string>_getitem_</string>
<string>packing_list</string>
<string>_getattr_</string>
</tuple>
</value>
</item>
......
......@@ -68,7 +68,7 @@
</item>
<item>
<key> <string>_body</string> </key>
<value> <string>supply_line = state_change.object\n
<value> <string>supply_line = state_change[\'object\']\n
price_parameter = \'base_price\'\n
base_id = \'path\'\n
supply_line.updateQuantityPredicate(price_parameter)\n
......@@ -116,10 +116,11 @@ supply_line.updateCellRange(base_id=base_id)\n
<value>
<tuple>
<string>state_change</string>
<string>_getattr_</string>
<string>_getitem_</string>
<string>supply_line</string>
<string>price_parameter</string>
<string>base_id</string>
<string>_getattr_</string>
</tuple>
</value>
</item>
......
......@@ -68,7 +68,7 @@
</item>
<item>
<key> <string>_body</string> </key>
<value> <string>supply_line = state_change.object\n
<value> <string>supply_line = state_change[\'object\']\n
price_parameter = \'discount_ratio\'\n
base_id = \'path_discount_ratio\'\n
supply_line.updateQuantityPredicate(price_parameter)\n
......@@ -116,10 +116,11 @@ supply_line.updateCellRange(base_id=base_id)\n
<value>
<tuple>
<string>state_change</string>
<string>_getattr_</string>
<string>_getitem_</string>
<string>supply_line</string>
<string>price_parameter</string>
<string>base_id</string>
<string>_getattr_</string>
</tuple>
</value>
</item>
......
......@@ -68,7 +68,7 @@
</item>
<item>
<key> <string>_body</string> </key>
<value> <string>supply_line = state_change.object\n
<value> <string>supply_line = state_change[\'object\']\n
price_parameter = \'exclusive_discount_ratio\'\n
base_id = \'path_%s\' % price_parameter\n
supply_line.updateQuantityPredicate(price_parameter)\n
......@@ -116,10 +116,11 @@ supply_line.updateCellRange(base_id=base_id)\n
<value>
<tuple>
<string>state_change</string>
<string>_getattr_</string>
<string>_getitem_</string>
<string>supply_line</string>
<string>price_parameter</string>
<string>base_id</string>
<string>_getattr_</string>
</tuple>
</value>
</item>
......
......@@ -68,7 +68,7 @@
</item>
<item>
<key> <string>_body</string> </key>
<value> <string>supply_line = state_change.object\n
<value> <string>supply_line = state_change[\'object\']\n
price_parameter = \'additional_price\'\n
base_id = \'path_optional_%s\' % price_parameter\n
supply_line.updateQuantityPredicate(price_parameter)\n
......@@ -116,10 +116,11 @@ supply_line.updateCellRange(base_id=base_id, option_variation=1)\n
<value>
<tuple>
<string>state_change</string>
<string>_getattr_</string>
<string>_getitem_</string>
<string>supply_line</string>
<string>price_parameter</string>
<string>base_id</string>
<string>_getattr_</string>
</tuple>
</value>
</item>
......
......@@ -68,7 +68,7 @@
</item>
<item>
<key> <string>_body</string> </key>
<value> <string>supply_line = state_change.object\n
<value> <string>supply_line = state_change[\'object\']\n
base_id = \'path_optional_discount_ratio\'\n
#supply_line.updateQuantityPredicate(base_id, option_variation=1)\n
supply_line.updateCellRange(base_id=base_id, option_variation=1)\n
......@@ -115,9 +115,10 @@ supply_line.updateCellRange(base_id=base_id, option_variation=1)\n
<value>
<tuple>
<string>state_change</string>
<string>_getattr_</string>
<string>_getitem_</string>
<string>supply_line</string>
<string>base_id</string>
<string>_getattr_</string>
</tuple>
</value>
</item>
......
......@@ -68,7 +68,7 @@
</item>
<item>
<key> <string>_body</string> </key>
<value> <string>supply_line = state_change.object\n
<value> <string>supply_line = state_change[\'object\']\n
base_id = \'path_optional_exclusive_discount_ratio\'\n
supply_line.updateCellRange(base_id=base_id, option_variation=1)\n
</string> </value>
......@@ -114,9 +114,10 @@ supply_line.updateCellRange(base_id=base_id, option_variation=1)\n
<value>
<tuple>
<string>state_change</string>
<string>_getattr_</string>
<string>_getitem_</string>
<string>supply_line</string>
<string>base_id</string>
<string>_getattr_</string>
</tuple>
</value>
</item>
......
......@@ -68,7 +68,7 @@
</item>
<item>
<key> <string>_body</string> </key>
<value> <string>supply_line = state_change.object\n
<value> <string>supply_line = state_change[\'object\']\n
price_parameter = \'non_discountable_additional_price\'\n
base_id = \'path_optional_%s\' % price_parameter\n
supply_line.updateQuantityPredicate(price_parameter)\n
......@@ -122,10 +122,11 @@ supply_line.updateCellRange(base_id=base_id, option_variation=1)\n
<value>
<tuple>
<string>state_change</string>
<string>_getattr_</string>
<string>_getitem_</string>
<string>supply_line</string>
<string>price_parameter</string>
<string>base_id</string>
<string>_getattr_</string>
</tuple>
</value>
</item>
......
......@@ -68,7 +68,7 @@
</item>
<item>
<key> <string>_body</string> </key>
<value> <string>supply_line = state_change.object\n
<value> <string>supply_line = state_change[\'object\']\n
base_id = \'path_optional_surcharge_ratio\'\n
supply_line.updateCellRange(base_id=base_id, option_variation=1)\n
</string> </value>
......@@ -114,9 +114,10 @@ supply_line.updateCellRange(base_id=base_id, option_variation=1)\n
<value>
<tuple>
<string>state_change</string>
<string>_getattr_</string>
<string>_getitem_</string>
<string>supply_line</string>
<string>base_id</string>
<string>_getattr_</string>
</tuple>
</value>
</item>
......
......@@ -68,7 +68,7 @@
</item>
<item>
<key> <string>_body</string> </key>
<value> <string>supply_line = state_change.object\n
<value> <string>supply_line = state_change[\'object\']\n
price_parameter = \'variable_additional_price\'\n
base_id = \'path_optional_%s\' % price_parameter\n
supply_line.updateQuantityPredicate(price_parameter)\n
......@@ -122,10 +122,11 @@ supply_line.updateCellRange(base_id=base_id, option_variation=1)\n
<value>
<tuple>
<string>state_change</string>
<string>_getattr_</string>
<string>_getitem_</string>
<string>supply_line</string>
<string>price_parameter</string>
<string>base_id</string>
<string>_getattr_</string>
</tuple>
</value>
</item>
......
......@@ -68,7 +68,7 @@
</item>
<item>
<key> <string>_body</string> </key>
<value> <string>supply_line = state_change.object\n
<value> <string>supply_line = state_change[\'object\']\n
price_parameter = \'surcharge_ratio\'\n
base_id = \'path_%s\' % price_parameter\n
supply_line.updateQuantityPredicate(price_parameter)\n
......@@ -116,10 +116,11 @@ supply_line.updateCellRange(base_id=base_id)\n
<value>
<tuple>
<string>state_change</string>
<string>_getattr_</string>
<string>_getitem_</string>
<string>supply_line</string>
<string>price_parameter</string>
<string>base_id</string>
<string>_getattr_</string>
</tuple>
</value>
</item>
......
......@@ -68,7 +68,7 @@
</item>
<item>
<key> <string>_body</string> </key>
<value> <string>delivery_line = state_change.object\n
<value> <string>delivery_line = state_change[\'object\']\n
\n
base_id = \'movement\'\n
delivery_line.updateCellRange(base_id)\n
......@@ -115,9 +115,10 @@ delivery_line.updateCellRange(base_id)\n
<value>
<tuple>
<string>state_change</string>
<string>_getattr_</string>
<string>_getitem_</string>
<string>delivery_line</string>
<string>base_id</string>
<string>_getattr_</string>
</tuple>
</value>
</item>
......
44
\ No newline at end of file
48
\ No newline at end of file
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment