Commit c1faf731 authored by Alexandre Boeglin's avatar Alexandre Boeglin

restore the original SecurityManager, to prevent side effects.


git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@4540 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent 4bad4320
...@@ -17,7 +17,8 @@ ...@@ -17,7 +17,8 @@
from Globals import InitializeClass from Globals import InitializeClass
from AccessControl import ClassSecurityInfo from AccessControl import ClassSecurityInfo
from AccessControl.SecurityManagement import newSecurityManager, getSecurityManager from AccessControl.SecurityManagement import newSecurityManager,\
getSecurityManager, setSecurityManager
from Products.PageTemplates.PageTemplateFile import PageTemplateFile from Products.PageTemplates.PageTemplateFile import PageTemplateFile
from Products.PluggableAuthService.plugins.BasePlugin import BasePlugin from Products.PluggableAuthService.plugins.BasePlugin import BasePlugin
from Products.PluggableAuthService.utils import classImplements from Products.PluggableAuthService.utils import classImplements
...@@ -74,6 +75,7 @@ class ERP5GroupManager(BasePlugin): ...@@ -74,6 +75,7 @@ class ERP5GroupManager(BasePlugin):
# SecurityManager to be able to access the Catalog # SecurityManager to be able to access the Catalog
#FIXME here we assume that the portal owner will always have #FIXME here we assume that the portal owner will always have
# enough rights, which might as well be wrong # enough rights, which might as well be wrong
sm = getSecurityManager()
newSecurityManager(self, self.getPortalObject().getOwner()) newSecurityManager(self, self.getPortalObject().getOwner())
# To get the complete list of groups, we try to call the # To get the complete list of groups, we try to call the
...@@ -105,6 +107,7 @@ class ERP5GroupManager(BasePlugin): ...@@ -105,6 +107,7 @@ class ERP5GroupManager(BasePlugin):
login is %s : %s' % (user_name, login is %s : %s' % (user_name,
repr([r.getObject() for r in catalog_result])) repr([r.getObject() for r in catalog_result]))
else: # no person is linked to this user login else: # no person is linked to this user login
setSecurityManager(sm)
return () return ()
person_object = catalog_result[0].getObject() person_object = catalog_result[0].getObject()
person_id = person_object.getId() person_id = person_object.getId()
...@@ -128,6 +131,7 @@ class ERP5GroupManager(BasePlugin): ...@@ -128,6 +131,7 @@ class ERP5GroupManager(BasePlugin):
security_group_list.append(group_id_generator( security_group_list.append(group_id_generator(
category_order=base_category_list, **category_dict)) category_order=base_category_list, **category_dict))
setSecurityManager(sm)
return tuple(security_group_list) return tuple(security_group_list)
_getGroupsForPrincipal = CachingMethod(_getGroupsForPrincipal, id='ERP5GroupManager_getGroupsForPrincipal') _getGroupsForPrincipal = CachingMethod(_getGroupsForPrincipal, id='ERP5GroupManager_getGroupsForPrincipal')
......
...@@ -17,7 +17,8 @@ ...@@ -17,7 +17,8 @@
from Globals import InitializeClass from Globals import InitializeClass
from AccessControl import ClassSecurityInfo from AccessControl import ClassSecurityInfo
from AccessControl.SecurityManagement import newSecurityManager from AccessControl.SecurityManagement import getSecurityManager,\
setSecurityManager, newSecurityManager
from Products.PageTemplates.PageTemplateFile import PageTemplateFile from Products.PageTemplates.PageTemplateFile import PageTemplateFile
from Products.PluggableAuthService.plugins.BasePlugin import BasePlugin from Products.PluggableAuthService.plugins.BasePlugin import BasePlugin
from Products.PluggableAuthService.utils import classImplements from Products.PluggableAuthService.utils import classImplements
...@@ -139,10 +140,12 @@ class ERP5UserManager(BasePlugin): ...@@ -139,10 +140,12 @@ class ERP5UserManager(BasePlugin):
""" """
# because we aren't logged in, we have to create our own # because we aren't logged in, we have to create our own
# SecurityManager to be able to access the Catalog # SecurityManager to be able to access the Catalog
sm = getSecurityManager()
newSecurityManager(self, self.getPortalObject().portal_catalog.getOwner()) newSecurityManager(self, self.getPortalObject().portal_catalog.getOwner())
result = self.getPortalObject().portal_catalog(portal_type="Person", reference=login) result = self.getPortalObject().portal_catalog(portal_type="Person", reference=login)
setSecurityManager(sm)
return [item.getObject() for item in result] return [item.getObject() for item in result]
classImplements( ERP5UserManager classImplements( ERP5UserManager
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment