Commit 4d8e1fe1 authored by Łukasz Nowak's avatar Łukasz Nowak

Support non Person loggable users.

parent ade1e544
No related merge requests found
...@@ -31,6 +31,7 @@ ...@@ -31,6 +31,7 @@
from Acquisition import Implicit from Acquisition import Implicit
from Products.ERP5Type.Tool.BaseTool import BaseTool from Products.ERP5Type.Tool.BaseTool import BaseTool
from AccessControl import ClassSecurityInfo, getSecurityManager, Unauthorized from AccessControl import ClassSecurityInfo, getSecurityManager, Unauthorized
from Products.Vifib.VifibMachineAuthenticationPlugin import getUserByLogin
from Products.ERP5Type.Globals import InitializeClass from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type import Permissions from Products.ERP5Type import Permissions
from ComputedAttribute import ComputedAttribute from ComputedAttribute import ComputedAttribute
...@@ -174,18 +175,20 @@ def responseSupport(anonymous=False): ...@@ -174,18 +175,20 @@ def responseSupport(anonymous=False):
.portal_preferences.getPreferredRestApiV1TokenServerUrl()) .portal_preferences.getPreferredRestApiV1TokenServerUrl())
return self.REQUEST.response return self.REQUEST.response
else: else:
person = self.getPortalObject().ERP5Site_getAuthenticatedMemberPersonValue() user_name = self.getPortalObject().portal_membership\
if person is None: .getAuthenticatedMember()
user_document = getUserByLogin(self.getPortalObject(),
str(user_name))
if len(user_document) != 1:
transaction.abort() transaction.abort()
LOG('VifibRestApiV1Tool', ERROR, LOG('VifibRestApiV1Tool', ERROR,
'Currenty logged in user %r has no Person document.'% 'Currenty logged in user %r wrong document list %r.'%
str(self.getPortalObject().portal_membership (user_name, user_document))
.getAuthenticatedMember()))
self.REQUEST.response.setStatus(500) self.REQUEST.response.setStatus(500)
self.REQUEST.response.setBody(jsonify({'error': self.REQUEST.response.setBody(jsonify({'error':
'There is system issue, please try again later.'})) 'There is system issue, please try again later.'}))
return self.REQUEST.response return self.REQUEST.response
self.person_url = person.getRelativeUrl() self.user_url = user_document[0].getRelativeUrl()
return fn(self, *args, **kwargs) return fn(self, *args, **kwargs)
wrapperResponseSupport.__doc__ = fn.__doc__ wrapperResponseSupport.__doc__ = fn.__doc__
return wrapperResponseSupport return wrapperResponseSupport
...@@ -329,7 +332,7 @@ class InstancePublisher(GenericPublisher): ...@@ -329,7 +332,7 @@ class InstancePublisher(GenericPublisher):
{'status': 'Status shall be one of: started, stopped, destroyed.'})) {'status': 'Status shall be one of: started, stopped, destroyed.'}))
return self.REQUEST.response return self.REQUEST.response
try: try:
self.restrictedTraverse(self.person_url self.restrictedTraverse(self.user_url
).requestSoftwareInstance(**request_dict) ).requestSoftwareInstance(**request_dict)
except Exception: except Exception:
transaction.abort() transaction.abort()
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment