Commit 0a803733 authored by Romain Courteaud's avatar Romain Courteaud

Prevent more security checking.

Calling an external python will prevent calling navigate from a python script
with a proxy role.
parent 1208b56c
...@@ -8,6 +8,7 @@ from zLOG import LOG, WARNING ...@@ -8,6 +8,7 @@ from zLOG import LOG, WARNING
import datetime import datetime
import os import os
import time import time
from Products.DCWorkflow.DCWorkflow import ValidationFailed
present = False present = False
tz = None tz = None
...@@ -330,7 +331,17 @@ class PayzenService(XMLObject, PayzenSOAP): ...@@ -330,7 +331,17 @@ class PayzenService(XMLObject, PayzenSOAP):
def navigate(self, page_template, payzen_dict, REQUEST=None, **kw): def navigate(self, page_template, payzen_dict, REQUEST=None, **kw):
"""Returns configured template used to do the payment""" """Returns configured template used to do the payment"""
self.Base_checkConsistency() check_result = self.checkConsistency()
message_list = []
for err in check_result:
if getattr(err, 'getTranslatedMessage', None) is not None:
message_list.append(err.getTranslatedMessage())
else:
# backward compatibility:
message_list.append(err[3])
if message_list:
raise ValidationFailed, message_list
temp_document = newTempDocument(self, 'id') temp_document = newTempDocument(self, 'id')
temp_document.edit( temp_document.edit(
link_url_string=self.getLinkUrlString(), link_url_string=self.getLinkUrlString(),
......
49 50
\ No newline at end of file \ No newline at end of file
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment