Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Z
Zope
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Kirill Smelkov
Zope
Commits
12bb20e5
Commit
12bb20e5
authored
May 11, 2000
by
Jim Fulton
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Merging changes from the Security-Dev branch
parent
8dc0c578
Changes
95
Hide whitespace changes
Inline
Side-by-side
Showing
95 changed files
with
1903 additions
and
623 deletions
+1903
-623
lib/python/AccessControl/DTML.py
lib/python/AccessControl/DTML.py
+172
-0
lib/python/AccessControl/Owned.py
lib/python/AccessControl/Owned.py
+303
-0
lib/python/AccessControl/PermissionMapping.py
lib/python/AccessControl/PermissionMapping.py
+4
-1
lib/python/AccessControl/Role.py
lib/python/AccessControl/Role.py
+20
-3
lib/python/AccessControl/SecurityManagement.py
lib/python/AccessControl/SecurityManagement.py
+142
-0
lib/python/AccessControl/SecurityManager.py
lib/python/AccessControl/SecurityManager.py
+215
-0
lib/python/AccessControl/SimpleObjectPolicies.py
lib/python/AccessControl/SimpleObjectPolicies.py
+106
-0
lib/python/AccessControl/SpecialUsers.py
lib/python/AccessControl/SpecialUsers.py
+89
-0
lib/python/AccessControl/User.py
lib/python/AccessControl/User.py
+19
-26
lib/python/AccessControl/ZopeSecurityPolicy.py
lib/python/AccessControl/ZopeSecurityPolicy.py
+217
-0
lib/python/AccessControl/__init__.py
lib/python/AccessControl/__init__.py
+5
-0
lib/python/AccessControl/methodAccess.dtml
lib/python/AccessControl/methodAccess.dtml
+16
-2
lib/python/AccessControl/owner.dtml
lib/python/AccessControl/owner.dtml
+40
-0
lib/python/App/ApplicationManager.py
lib/python/App/ApplicationManager.py
+19
-11
lib/python/App/CacheManager.py
lib/python/App/CacheManager.py
+5
-2
lib/python/App/Factory.py
lib/python/App/Factory.py
+7
-4
lib/python/App/FactoryDispatcher.py
lib/python/App/FactoryDispatcher.py
+1
-1
lib/python/App/Management.py
lib/python/App/Management.py
+16
-70
lib/python/App/Permission.py
lib/python/App/Permission.py
+8
-4
lib/python/App/Product.py
lib/python/App/Product.py
+12
-29
lib/python/App/Undo.py
lib/python/App/Undo.py
+7
-3
lib/python/DateTime/DateTime.py
lib/python/DateTime/DateTime.py
+5
-1
lib/python/DocumentTemplate/DT_In.py
lib/python/DocumentTemplate/DT_In.py
+4
-4
lib/python/DocumentTemplate/DT_String.py
lib/python/DocumentTemplate/DT_String.py
+1
-3
lib/python/DocumentTemplate/DT_Util.py
lib/python/DocumentTemplate/DT_Util.py
+5
-7
lib/python/DocumentTemplate/DT_With.py
lib/python/DocumentTemplate/DT_With.py
+2
-4
lib/python/DocumentTemplate/cDocumentTemplate.c
lib/python/DocumentTemplate/cDocumentTemplate.c
+4
-2
lib/python/OFS/Application.py
lib/python/OFS/Application.py
+5
-3
lib/python/OFS/CopySupport.py
lib/python/OFS/CopySupport.py
+6
-29
lib/python/OFS/DTMLDocument.py
lib/python/OFS/DTMLDocument.py
+10
-14
lib/python/OFS/DTMLMethod.py
lib/python/OFS/DTMLMethod.py
+39
-81
lib/python/OFS/FindSupport.py
lib/python/OFS/FindSupport.py
+10
-9
lib/python/OFS/Folder.py
lib/python/OFS/Folder.py
+30
-29
lib/python/OFS/Image.py
lib/python/OFS/Image.py
+26
-25
lib/python/OFS/ObjectManager.py
lib/python/OFS/ObjectManager.py
+20
-15
lib/python/OFS/PropertyManager.py
lib/python/OFS/PropertyManager.py
+7
-1
lib/python/OFS/SimpleItem.py
lib/python/OFS/SimpleItem.py
+56
-21
lib/python/OFS/documentProxy.dtml
lib/python/OFS/documentProxy.dtml
+4
-5
lib/python/OFS/folderAdd.dtml
lib/python/OFS/folderAdd.dtml
+2
-2
lib/python/OFS/main.dtml
lib/python/OFS/main.dtml
+6
-6
lib/python/Products/ExternalMethod/ExternalMethod.py
lib/python/Products/ExternalMethod/ExternalMethod.py
+5
-3
lib/python/Products/MailHost/MailHost.py
lib/python/Products/MailHost/MailHost.py
+19
-12
lib/python/Products/OFSP/Version.py
lib/python/Products/OFSP/Version.py
+5
-3
lib/python/Products/OFSP/help/Advanced-Find.dtml
lib/python/Products/OFSP/help/Advanced-Find.dtml
+2
-3
lib/python/Products/OFSP/help/Common-Instance-Property-Sheet_Properties.dtml
.../OFSP/help/Common-Instance-Property-Sheet_Properties.dtml
+0
-3
lib/python/Products/OFSP/help/Control-Panel_Undo.dtml
lib/python/Products/OFSP/help/Control-Panel_Undo.dtml
+0
-3
lib/python/Products/OFSP/help/DTML-DocumentOrMethod_Edit.dtml
...python/Products/OFSP/help/DTML-DocumentOrMethod_Edit.dtml
+7
-3
lib/python/Products/OFSP/help/DTML-DocumentOrMethod_Proxy.dtml
...ython/Products/OFSP/help/DTML-DocumentOrMethod_Proxy.dtml
+35
-0
lib/python/Products/OFSP/help/DTML-DocumentOrMethod_Upload.dtml
...thon/Products/OFSP/help/DTML-DocumentOrMethod_Upload.dtml
+8
-4
lib/python/Products/OFSP/help/DTML-DocumentOrMethod_View.dtml
...python/Products/OFSP/help/DTML-DocumentOrMethod_View.dtml
+7
-0
lib/python/Products/OFSP/help/DTML-Document_Properties.dtml
lib/python/Products/OFSP/help/DTML-Document_Properties.dtml
+0
-3
lib/python/Products/OFSP/help/DTML-Document_Proxy.dtml
lib/python/Products/OFSP/help/DTML-Document_Proxy.dtml
+0
-8
lib/python/Products/OFSP/help/DTML-Document_Security.dtml
lib/python/Products/OFSP/help/DTML-Document_Security.dtml
+0
-3
lib/python/Products/OFSP/help/DTML-Document_View.dtml
lib/python/Products/OFSP/help/DTML-Document_View.dtml
+0
-3
lib/python/Products/OFSP/help/DTML-Method_Edit.dtml
lib/python/Products/OFSP/help/DTML-Method_Edit.dtml
+0
-3
lib/python/Products/OFSP/help/DTML-Method_Proxy.dtml
lib/python/Products/OFSP/help/DTML-Method_Proxy.dtml
+0
-3
lib/python/Products/OFSP/help/DTML-Method_Security.dtml
lib/python/Products/OFSP/help/DTML-Method_Security.dtml
+0
-3
lib/python/Products/OFSP/help/DTML-Method_Upload.dtml
lib/python/Products/OFSP/help/DTML-Method_Upload.dtml
+0
-3
lib/python/Products/OFSP/help/DTML-Method_View.dtml
lib/python/Products/OFSP/help/DTML-Method_View.dtml
+0
-3
lib/python/Products/OFSP/help/Database-Management_Undo.dtml
lib/python/Products/OFSP/help/Database-Management_Undo.dtml
+0
-3
lib/python/Products/OFSP/help/File_Properties.dtml
lib/python/Products/OFSP/help/File_Properties.dtml
+0
-3
lib/python/Products/OFSP/help/File_Security.dtml
lib/python/Products/OFSP/help/File_Security.dtml
+0
-3
lib/python/Products/OFSP/help/Find.dtml
lib/python/Products/OFSP/help/Find.dtml
+2
-3
lib/python/Products/OFSP/help/Image_Edit.dtml
lib/python/Products/OFSP/help/Image_Edit.dtml
+0
-3
lib/python/Products/OFSP/help/Image_Properties.dtml
lib/python/Products/OFSP/help/Image_Properties.dtml
+0
-3
lib/python/Products/OFSP/help/Image_Security.dtml
lib/python/Products/OFSP/help/Image_Security.dtml
+0
-3
lib/python/Products/OFSP/help/Image_Upload.dtml
lib/python/Products/OFSP/help/Image_Upload.dtml
+0
-3
lib/python/Products/OFSP/help/ObjectManager_Contents.dtml
lib/python/Products/OFSP/help/ObjectManager_Contents.dtml
+0
-0
lib/python/Products/OFSP/help/ObjectManager_Import-Export.dtml
...ython/Products/OFSP/help/ObjectManager_Import-Export.dtml
+0
-0
lib/python/Products/OFSP/help/Product-Management_Contents.dtml
...ython/Products/OFSP/help/Product-Management_Contents.dtml
+0
-3
lib/python/Products/OFSP/help/Product-Management_Find.dtml
lib/python/Products/OFSP/help/Product-Management_Find.dtml
+0
-3
lib/python/Products/OFSP/help/Product-Management_Properties.dtml
...hon/Products/OFSP/help/Product-Management_Properties.dtml
+0
-3
lib/python/Products/OFSP/help/Product-Management_Security.dtml
...ython/Products/OFSP/help/Product-Management_Security.dtml
+0
-3
lib/python/Products/OFSP/help/Product-Management_Undo.dtml
lib/python/Products/OFSP/help/Product-Management_Undo.dtml
+0
-3
lib/python/Products/OFSP/help/Product_Contents.dtml
lib/python/Products/OFSP/help/Product_Contents.dtml
+0
-3
lib/python/Products/OFSP/help/Product_Find.dtml
lib/python/Products/OFSP/help/Product_Find.dtml
+0
-3
lib/python/Products/OFSP/help/Product_Properties.dtml
lib/python/Products/OFSP/help/Product_Properties.dtml
+0
-3
lib/python/Products/OFSP/help/Product_Undo.dtml
lib/python/Products/OFSP/help/Product_Undo.dtml
+0
-3
lib/python/Products/OFSP/help/Properties.dtml
lib/python/Products/OFSP/help/Properties.dtml
+2
-3
lib/python/Products/OFSP/help/Security-DefinePermissions.dtml
...python/Products/OFSP/help/Security-DefinePermissions.dtml
+56
-0
lib/python/Products/OFSP/help/Security.dtml
lib/python/Products/OFSP/help/Security.dtml
+2
-3
lib/python/Products/OFSP/help/Undo.dtml
lib/python/Products/OFSP/help/Undo.dtml
+2
-3
lib/python/Products/OFSP/help/User-Folder_Security.dtml
lib/python/Products/OFSP/help/User-Folder_Security.dtml
+0
-3
lib/python/Products/OFSP/help/User-Folder_Undo.dtml
lib/python/Products/OFSP/help/User-Folder_Undo.dtml
+0
-3
lib/python/Products/OFSP/help/Version_Security.dtml
lib/python/Products/OFSP/help/Version_Security.dtml
+0
-3
lib/python/Products/ZCatalog/Lazy.py
lib/python/Products/ZCatalog/Lazy.py
+5
-2
lib/python/Products/ZCatalog/Vocabulary.py
lib/python/Products/ZCatalog/Vocabulary.py
+8
-6
lib/python/Products/ZCatalog/ZCatalog.py
lib/python/Products/ZCatalog/ZCatalog.py
+6
-8
lib/python/Shared/DC/ZRDB/Connection.py
lib/python/Shared/DC/ZRDB/Connection.py
+6
-4
lib/python/Shared/DC/ZRDB/DA.py
lib/python/Shared/DC/ZRDB/DA.py
+11
-18
lib/python/ZPublisher/BaseRequest.py
lib/python/ZPublisher/BaseRequest.py
+18
-16
lib/python/ZPublisher/BaseResponse.py
lib/python/ZPublisher/BaseResponse.py
+6
-3
lib/python/ZPublisher/Publish.py
lib/python/ZPublisher/Publish.py
+6
-5
lib/python/Zope/__init__.py
lib/python/Zope/__init__.py
+14
-1
lib/python/webdav/Resource.py
lib/python/webdav/Resource.py
+6
-8
No files found.
lib/python/AccessControl/DTML.py
0 → 100644
View file @
12bb20e5
##############################################################################
#
# Zope Public License (ZPL) Version 1.0
# -------------------------------------
#
# Copyright (c) Digital Creations. All rights reserved.
#
# This license has been certified as Open Source(tm).
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are
# met:
#
# 1. Redistributions in source code must retain the above copyright
# notice, this list of conditions, and the following disclaimer.
#
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions, and the following disclaimer in
# the documentation and/or other materials provided with the
# distribution.
#
# 3. Digital Creations requests that attribution be given to Zope
# in any manner possible. Zope includes a "Powered by Zope"
# button that is installed by default. While it is not a license
# violation to remove this button, it is requested that the
# attribution remain. A significant investment has been put
# into Zope, and this effort will continue if the Zope community
# continues to grow. This is one way to assure that growth.
#
# 4. All advertising materials and documentation mentioning
# features derived from or use of this software must display
# the following acknowledgement:
#
# "This product includes software developed by Digital Creations
# for use in the Z Object Publishing Environment
# (http://www.zope.org/)."
#
# In the event that the product being advertised includes an
# intact Zope distribution (with copyright and license included)
# then this clause is waived.
#
# 5. Names associated with Zope or Digital Creations must not be used to
# endorse or promote products derived from this software without
# prior written permission from Digital Creations.
#
# 6. Modified redistributions of any form whatsoever must retain
# the following acknowledgment:
#
# "This product includes software developed by Digital Creations
# for use in the Z Object Publishing Environment
# (http://www.zope.org/)."
#
# Intact (re-)distributions of any official Zope release do not
# require an external acknowledgement.
#
# 7. Modifications are encouraged but must be packaged separately as
# patches to official Zope releases. Distributions that do not
# clearly separate the patches from the original work must be clearly
# labeled as unofficial distributions. Modifications which do not
# carry the name Zope may be packaged in any form, as long as they
# conform to all of the clauses above.
#
#
# Disclaimer
#
# THIS SOFTWARE IS PROVIDED BY DIGITAL CREATIONS ``AS IS'' AND ANY
# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL DIGITAL CREATIONS OR ITS
# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
# OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
#
#
# This software consists of contributions made by Digital Creations and
# many individuals on behalf of Digital Creations. Specific
# attributions are listed in the accompanying credits file.
#
##############################################################################
'''Add security system support to Document Templates
$Id: DTML.py,v 1.2 2000/05/11 18:54:13 jim Exp $'''
__version__
=
'$Revision: 1.2 $'
[
11
:
-
2
]
from
DocumentTemplate
import
DT_Util
import
SecurityManagement
# Allow access to unprotected attributes
DT_Util
.
TemplateDict
.
__allow_access_to_unprotected_subobjects__
=
1
DT_Util
.
string
.
__allow_access_to_unprotected_subobjects__
=
1
DT_Util
.
math
.
__allow_access_to_unprotected_subobjects__
=
1
DT_Util
.
whrandom
.
__allow_access_to_unprotected_subobjects__
=
1
try
:
DT_Util
.
random
.
__allow_access_to_unprotected_subobjects__
=
1
except
:
pass
# Add security testing capabilities
class
DTMLSecurityAPI
:
"""API for performing security checks in DTML using '_' methods.
"""
def
SecurityValidate
(
md
,
inst
,
parent
,
name
,
value
):
"""Validate access.
Arguments:
accessed -- the object that was being accessed
container -- the object the value was found in
name -- The name used to access the value
value -- The value retrieved though the access.
The arguments may be provided as keyword arguments. Some of these
arguments may be ommitted, however, the policy may reject access
in some cases when arguments are ommitted. It is best to provide
all the values possible.
"""
return
(
SecurityManagement
.
getSecurityManager
()
.
validate
(
inst
,
parent
,
name
,
value
)
)
def
SecurityValidateValue
(
md
,
value
):
"""Convenience for common case of simple value validation.
"""
return
(
SecurityManagement
.
getSecurityManager
()
.
validateValue
(
value
)
)
def
SecurityCheckPermission
(
md
,
permission
,
object
):
"""Check whether the security context allows the given permission on
the given object.
Arguments:
permission -- A permission name
object -- The object being accessed according to the permission
"""
return
(
SecurityManagement
.
getSecurityManager
()
.
checkPermission
(
permission
,
object
)
)
def
SecurityGetUser
(
md
):
"""Gen the current authenticated user"""
return
(
SecurityManagement
.
getSecurityManager
()
.
getUser
()
)
def
SecurityCalledByExecutable
(
md
):
"""Return a boolean value indicating if this context was called
by an executable"""
r
=
(
SecurityManagement
.
getSecurityManager
()
.
calledByExecutable
()
)
if
r
>
0
:
return
r
-
1
return
r
DT_Util
.
TemplateDict
.
__dict__
.
update
(
DTMLSecurityAPI
.
__dict__
)
lib/python/AccessControl/Owned.py
0 → 100644
View file @
12bb20e5
##############################################################################
#
# Zope Public License (ZPL) Version 1.0
# -------------------------------------
#
# Copyright (c) Digital Creations. All rights reserved.
#
# This license has been certified as Open Source(tm).
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are
# met:
#
# 1. Redistributions in source code must retain the above copyright
# notice, this list of conditions, and the following disclaimer.
#
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions, and the following disclaimer in
# the documentation and/or other materials provided with the
# distribution.
#
# 3. Digital Creations requests that attribution be given to Zope
# in any manner possible. Zope includes a "Powered by Zope"
# button that is installed by default. While it is not a license
# violation to remove this button, it is requested that the
# attribution remain. A significant investment has been put
# into Zope, and this effort will continue if the Zope community
# continues to grow. This is one way to assure that growth.
#
# 4. All advertising materials and documentation mentioning
# features derived from or use of this software must display
# the following acknowledgement:
#
# "This product includes software developed by Digital Creations
# for use in the Z Object Publishing Environment
# (http://www.zope.org/)."
#
# In the event that the product being advertised includes an
# intact Zope distribution (with copyright and license included)
# then this clause is waived.
#
# 5. Names associated with Zope or Digital Creations must not be used to
# endorse or promote products derived from this software without
# prior written permission from Digital Creations.
#
# 6. Modified redistributions of any form whatsoever must retain
# the following acknowledgment:
#
# "This product includes software developed by Digital Creations
# for use in the Z Object Publishing Environment
# (http://www.zope.org/)."
#
# Intact (re-)distributions of any official Zope release do not
# require an external acknowledgement.
#
# 7. Modifications are encouraged but must be packaged separately as
# patches to official Zope releases. Distributions that do not
# clearly separate the patches from the original work must be clearly
# labeled as unofficial distributions. Modifications which do not
# carry the name Zope may be packaged in any form, as long as they
# conform to all of the clauses above.
#
#
# Disclaimer
#
# THIS SOFTWARE IS PROVIDED BY DIGITAL CREATIONS ``AS IS'' AND ANY
# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL DIGITAL CREATIONS OR ITS
# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
# OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
#
#
# This software consists of contributions made by Digital Creations and
# many individuals on behalf of Digital Creations. Specific
# attributions are listed in the accompanying credits file.
#
##############################################################################
__doc__
=
'''Support for owned objects
$Id: Owned.py,v 1.2 2000/05/11 18:54:13 jim Exp $'''
__version__
=
'$Revision: 1.2 $'
[
11
:
-
2
]
import
Globals
,
urlparse
,
SpecialUsers
,
ExtensionClass
,
string
from
AccessControl
import
getSecurityManager
from
Acquisition
import
aq_get
,
aq_parent
,
aq_base
UnownableOwner
=
[]
def
ownableFilter
(
self
,
aq_get
=
aq_get
,
UnownableOwner
=
UnownableOwner
):
_owner
=
aq_get
(
self
,
'_owner'
,
None
,
1
)
return
_owner
is
not
UnownableOwner
class
Owned
(
ExtensionClass
.
Base
):
__ac_permissions__
=
(
(
'View management screens'
,
(
'manage_owner'
,
'owner_info'
,
'userCanChangeOwnershipType'
)),
(
'Take ownership'
,
(
'manage_takeOwnership'
,
'manage_changeOwnershipType'
),
(
"Owner"
,)),
)
manage_options
=
({
'label'
:
'Ownership'
,
'action'
:
'manage_owner'
,
'help'
:
(
'OFSP'
,
'Ownership.dtml'
),
'filter'
:
ownableFilter
},
)
manage_owner
=
Globals
.
HTMLFile
(
'owner'
,
globals
())
def
owner_info
(
self
):
"""Get ownership info for display
"""
owner
=
self
.
getOwner
(
1
)
if
owner
is
None
or
owner
is
UnownableOwner
:
return
owner
d
=
{
'path'
:
string
.
join
(
owner
[
0
],
'/'
),
'id'
:
owner
[
1
],
'explicit'
:
hasattr
(
self
,
'_owner'
),
'userCanChangeOwnershipType'
:
getSecurityManager
().
checkPermission
(
'Take ownership'
,
self
)
}
return
d
getOwner__roles__
=
()
def
getOwner
(
self
,
info
=
0
,
aq_get
=
aq_get
,
None
=
None
,
UnownableOwner
=
UnownableOwner
,
):
"""Get the owner
If a true argument is provided, then only the owner path and id are
returned. Otherwise, the owner object is returned.
"""
owner
=
aq_get
(
self
,
'_owner'
,
None
,
1
)
if
owner
is
None
:
return
owner
if
info
:
return
owner
if
owner
is
UnownableOwner
:
return
None
udb
,
oid
=
owner
root
=
self
.
getPhysicalRoot
()
udb
=
root
.
unrestrictedTraverse
(
udb
,
None
)
if
udb
is
None
:
return
SpecialUsers
.
nobody
owner
=
udb
.
getUserById
(
oid
,
None
)
if
owner
is
None
:
return
SpecialUsers
.
nobody
return
owner
changeOwnership__roles__
=
()
def
changeOwnership
(
self
,
user
,
aq_get
=
aq_get
,
None
=
None
,
):
"""Change the ownership to the given user.
If possible, make the ownership acquired.
"""
new
=
ownerInfo
(
user
)
if
new
is
None
:
return
# Special user!
old
=
aq_get
(
self
,
'_owner'
,
None
,
1
)
if
old
==
new
:
return
if
hasattr
(
self
,
'_owner'
):
# Hm, maybe we can acquire ownership
del
self
.
_owner
self
.
changeOwnership
(
user
)
else
:
if
old
is
not
UnownableOwner
:
self
.
_owner
=
new
def
userCanTakeOwnership
(
self
):
security
=
getSecurityManager
()
user
=
security
.
getUser
()
info
=
ownerInfo
(
user
)
if
info
is
None
:
return
0
owner
=
self
.
getOwner
(
1
)
if
owner
==
info
:
return
0
return
security
.
checkPermission
(
'Take ownership'
,
self
)
def
manage_takeOwnership
(
self
,
REQUEST
,
RESPONSE
):
"""Take ownership (responsibility) for an object.
"""
security
=
getSecurityManager
()
want_referer
=
REQUEST
[
'URL1'
]
+
'/manage_owner'
got_referer
=
(
"%s://%s%s"
%
urlparse
.
urlparse
(
REQUEST
[
'HTTP_REFERER'
])[:
3
])
__traceback_info__
=
want_referer
,
got_referer
if
(
want_referer
!=
got_referer
or
security
.
calledByExecutable
()):
raise
'Unauthorized'
,
(
'manage_takeOwnership was called from an invalid context'
)
self
.
changeOwnership
(
security
.
getUser
())
RESPONSE
.
redirect
(
REQUEST
[
'HTTP_REFERER'
])
def
manage_changeOwnershipType
(
self
,
explicit
=
1
,
RESPONSE
=
None
,
REQUEST
=
None
):
"""Change the type (implicit or explicit) of ownership.
"""
old
=
getattr
(
self
,
'_owner'
,
None
)
if
explicit
:
if
old
is
not
None
:
return
owner
=
aq_get
(
self
,
'_owner'
,
None
,
1
)
if
owner
is
not
None
and
owner
is
not
UnownableOwner
:
self
.
_owner
=
owner
else
:
if
old
is
None
:
return
new
=
aq_get
(
aq_parent
(
self
),
'_owner'
,
None
,
1
)
if
old
is
new
:
del
self
.
_owner
if
RESPONSE
is
not
None
:
RESPONSE
.
redirect
(
REQUEST
[
'HTTP_REFERER'
])
def
_deleteOwnershipAfterAdd
(
self
):
if
hasattr
(
self
,
'_owner'
):
del
self
.
_owner
for
object
in
self
.
objectValues
():
try
:
s
=
object
.
_p_changed
except
:
s
=
0
try
:
object
.
_deleteOwnershipAfterAdd
()
except
:
pass
if
s
is
None
:
object
.
_p_deactivate
()
def
manage_fixupOwnershipAfterAdd
(
self
):
# Sigh, get the parent's _owner
parent
=
getattr
(
self
,
'aq_parent'
,
None
)
if
parent
is
not
None
:
_owner
=
aq_get
(
parent
,
'_owner'
,
None
,
1
)
else
:
_owner
=
None
if
(
_owner
is
None
and
((
not
hasattr
(
self
,
'aq_parent'
))
or
(
not
hasattr
(
self
,
'getPhysicalRoot'
))
)
):
# This is a special case. An object is
# being added to an object that hasn't
# been added to the object hierarchy yet.
# We can delay fixing up the ownership until the
# object is actually added.
return
None
if
_owner
is
UnownableOwner
:
# We want to acquire Unownable oenership!
return
self
.
_deleteOwnershipAfterAdd
()
else
:
# Otherwise change the ownership
user
=
getSecurityManager
().
getUser
()
if
aq_base
(
user
)
is
SpecialUsers
.
super
:
raise
SuperCannotOwn
,
(
"Objects cannot be owned by the superuser"
)
self
.
changeOwnership
(
user
)
# Force all subs to acquire ownership!
for
object
in
self
.
objectValues
():
try
:
s
=
object
.
_p_changed
except
:
s
=
0
try
:
object
.
_deleteOwnershipAfterAdd
()
except
:
pass
if
s
is
None
:
object
.
_p_deactivate
()
Globals
.
default__class_init__
(
Owned
)
class
SuperCannotOwn
(
Exception
):
"The superuser cannot own anything"
class
EditUnowned
(
Exception
):
"Can't edit unowned executables"
def
ownerInfo
(
user
,
getattr
=
getattr
,
type
=
type
,
st
=
type
(
''
),
None
=
None
):
uid
=
user
.
getId
()
if
uid
is
None
:
return
uid
db
=
user
.
aq_inner
.
aq_parent
path
=
[
db
.
id
]
root
=
db
.
getPhysicalRoot
()
while
1
:
db
=
getattr
(
db
,
'aq_inner'
,
None
)
if
db
is
None
:
break
db
=
db
.
aq_parent
if
db
is
root
:
break
id
=
db
.
id
if
type
(
id
)
is
not
st
:
try
:
id
=
id
()
except
:
id
=
str
(
id
)
path
.
append
(
id
)
path
.
reverse
()
return
path
,
uid
lib/python/AccessControl/PermissionMapping.py
View file @
12bb20e5
...
...
@@ -90,7 +90,8 @@ need the object's ordinary permissions intact so we can manage it.
"""
import
ExtensionClass
,
Acquisition
from
AccessControl.Permission
import
pname
from
Permission
import
pname
from
Owned
import
UnownableOwner
class
RoleManager
:
...
...
@@ -181,6 +182,8 @@ def setPermissionMapping(name, obj, v):
elif
obj
.
__dict__
.
has_key
(
name
):
delattr
(
obj
,
name
)
class
PM
(
ExtensionClass
.
Base
):
_owner
=
UnownableOwner
_View_Permission
=
'_View_Permission'
def
__getattr__
(
self
,
name
):
...
...
lib/python/AccessControl/Role.py
View file @
12bb20e5
...
...
@@ -84,18 +84,24 @@
##############################################################################
"""Access control support"""
__version__
=
'$Revision: 1.3
6
$'
[
11
:
-
2
]
__version__
=
'$Revision: 1.3
7
$'
[
11
:
-
2
]
from
Globals
import
HTMLFile
,
MessageDialog
,
Dictionary
from
string
import
join
,
strip
,
split
,
find
from
Acquisition
import
Implicit
,
Acquired
from
Acquisition
import
Implicit
,
Acquired
,
aq_get
import
Globals
,
ExtensionClass
,
PermissionMapping
,
Products
from
Permission
import
Permission
from
App.Common
import
aq_base
ListType
=
type
([])
def
_isBeingUsedAsAMethod
(
self
):
return
aq_get
(
self
,
'_isBeingUsedAsAMethod_'
,
0
)
def
_isNotBeingUsedAsAMethod
(
self
):
return
not
aq_get
(
self
,
'_isBeingUsedAsAMethod_'
,
0
)
class
RoleManager
(
ExtensionClass
.
Base
,
PermissionMapping
.
RoleManager
):
"""An obect that has configurable permissions"""
...
...
@@ -113,7 +119,17 @@ class RoleManager(ExtensionClass.Base, PermissionMapping.RoleManager):
'manage_setLocalRoles'
,
'manage_addLocalRoles'
,
'manage_delLocalRoles'
,
)),
# ('View management screens', ('manage_access',)),
)
manage_options
=
(
{
'label'
:
'Security'
,
'action'
:
'manage_access'
,
'help'
:(
'OFSP'
,
'Security.dtml'
),
'filter'
:
_isNotBeingUsedAsAMethod
,
},
{
'label'
:
'Define Permissions'
,
'action'
:
'manage_access'
,
'help'
:(
'OFSP'
,
'Security-DefinePermissions.dtml'
),
'filter'
:
_isBeingUsedAsAMethod
,
},
)
__ac_roles__
=
(
'Manager'
,
'Owner'
,
'Anonymous'
)
...
...
@@ -570,3 +586,4 @@ def gather_permissions(klass, result, seen):
seen
[
name
]
=
None
gather_permissions
(
base
,
result
,
seen
)
return
result
lib/python/AccessControl/SecurityManagement.py
0 → 100644
View file @
12bb20e5
##############################################################################
#
# Zope Public License (ZPL) Version 1.0
# -------------------------------------
#
# Copyright (c) Digital Creations. All rights reserved.
#
# This license has been certified as Open Source(tm).
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are
# met:
#
# 1. Redistributions in source code must retain the above copyright
# notice, this list of conditions, and the following disclaimer.
#
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions, and the following disclaimer in
# the documentation and/or other materials provided with the
# distribution.
#
# 3. Digital Creations requests that attribution be given to Zope
# in any manner possible. Zope includes a "Powered by Zope"
# button that is installed by default. While it is not a license
# violation to remove this button, it is requested that the
# attribution remain. A significant investment has been put
# into Zope, and this effort will continue if the Zope community
# continues to grow. This is one way to assure that growth.
#
# 4. All advertising materials and documentation mentioning
# features derived from or use of this software must display
# the following acknowledgement:
#
# "This product includes software developed by Digital Creations
# for use in the Z Object Publishing Environment
# (http://www.zope.org/)."
#
# In the event that the product being advertised includes an
# intact Zope distribution (with copyright and license included)
# then this clause is waived.
#
# 5. Names associated with Zope or Digital Creations must not be used to
# endorse or promote products derived from this software without
# prior written permission from Digital Creations.
#
# 6. Modified redistributions of any form whatsoever must retain
# the following acknowledgment:
#
# "This product includes software developed by Digital Creations
# for use in the Z Object Publishing Environment
# (http://www.zope.org/)."
#
# Intact (re-)distributions of any official Zope release do not
# require an external acknowledgement.
#
# 7. Modifications are encouraged but must be packaged separately as
# patches to official Zope releases. Distributions that do not
# clearly separate the patches from the original work must be clearly
# labeled as unofficial distributions. Modifications which do not
# carry the name Zope may be packaged in any form, as long as they
# conform to all of the clauses above.
#
#
# Disclaimer
#
# THIS SOFTWARE IS PROVIDED BY DIGITAL CREATIONS ``AS IS'' AND ANY
# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL DIGITAL CREATIONS OR ITS
# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
# OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
#
#
# This software consists of contributions made by Digital Creations and
# many individuals on behalf of Digital Creations. Specific
# attributions are listed in the accompanying credits file.
#
##############################################################################
__doc__
=
'''short description
$Id: SecurityManagement.py,v 1.2 2000/05/11 18:54:13 jim Exp $'''
__version__
=
'$Revision: 1.2 $'
[
11
:
-
2
]
import
SpecialUsers
from
thread
import
get_ident
from
SecurityManager
import
SecurityManager
_managers
=
{}
def
newSecurityManager
(
request
,
user
):
"""Set up a new security context for a request for a user
"""
thread_id
=
get_ident
()
_managers
[
thread_id
]
=
SecurityManager
(
thread_id
,
SecurityContext
(
user
),
)
def
noSecurityManager
():
try
:
del
_managers
[
get_ident
()]
except
:
pass
def
getSecurityManager
():
"""Get a security manager, for the current thread.
"""
thread_id
=
get_ident
()
manager
=
_managers
.
get
(
thread_id
,
None
)
if
manager
is
None
:
manager
=
SecurityManager
(
thread_id
,
SecurityContext
(
SpecialUsers
.
nobody
))
_managers
[
thread_id
]
=
manager
return
manager
def
setSecurityPolicy
(
aSecurityPolicy
):
"""Set the system default security policy.
This method should only be caused by system startup code. It should
never, for example, be called during a web request.
"""
SecurityManager
.
setSecurityPolicy
(
aSecurityPolicy
)
class
SecurityContext
:
"""The security context is an object used internally to the security
machinery. It captures data about the current security context.
"""
def
__init__
(
self
,
user
):
self
.
stack
=
[]
self
.
user
=
user
lib/python/AccessControl/SecurityManager.py
0 → 100644
View file @
12bb20e5
##############################################################################
#
# Zope Public License (ZPL) Version 1.0
# -------------------------------------
#
# Copyright (c) Digital Creations. All rights reserved.
#
# This license has been certified as Open Source(tm).
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are
# met:
#
# 1. Redistributions in source code must retain the above copyright
# notice, this list of conditions, and the following disclaimer.
#
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions, and the following disclaimer in
# the documentation and/or other materials provided with the
# distribution.
#
# 3. Digital Creations requests that attribution be given to Zope
# in any manner possible. Zope includes a "Powered by Zope"
# button that is installed by default. While it is not a license
# violation to remove this button, it is requested that the
# attribution remain. A significant investment has been put
# into Zope, and this effort will continue if the Zope community
# continues to grow. This is one way to assure that growth.
#
# 4. All advertising materials and documentation mentioning
# features derived from or use of this software must display
# the following acknowledgement:
#
# "This product includes software developed by Digital Creations
# for use in the Z Object Publishing Environment
# (http://www.zope.org/)."
#
# In the event that the product being advertised includes an
# intact Zope distribution (with copyright and license included)
# then this clause is waived.
#
# 5. Names associated with Zope or Digital Creations must not be used to
# endorse or promote products derived from this software without
# prior written permission from Digital Creations.
#
# 6. Modified redistributions of any form whatsoever must retain
# the following acknowledgment:
#
# "This product includes software developed by Digital Creations
# for use in the Z Object Publishing Environment
# (http://www.zope.org/)."
#
# Intact (re-)distributions of any official Zope release do not
# require an external acknowledgement.
#
# 7. Modifications are encouraged but must be packaged separately as
# patches to official Zope releases. Distributions that do not
# clearly separate the patches from the original work must be clearly
# labeled as unofficial distributions. Modifications which do not
# carry the name Zope may be packaged in any form, as long as they
# conform to all of the clauses above.
#
#
# Disclaimer
#
# THIS SOFTWARE IS PROVIDED BY DIGITAL CREATIONS ``AS IS'' AND ANY
# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL DIGITAL CREATIONS OR ITS
# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
# OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
#
#
# This software consists of contributions made by Digital Creations and
# many individuals on behalf of Digital Creations. Specific
# attributions are listed in the accompanying credits file.
#
##############################################################################
__doc__
=
'''short description
$Id: SecurityManager.py,v 1.2 2000/05/11 18:54:13 jim Exp $'''
__version__
=
'$Revision: 1.2 $'
[
11
:
-
2
]
import
ZopeSecurityPolicy
,
os
,
string
try
:
max_stack_size
=
string
.
atoi
(
os
.
environ
.
get
(
'Z_MAX_STACK_SIZE'
,
'100'
))
except
:
max_stack_size
=
100
_defaultPolicy
=
ZopeSecurityPolicy
.
ZopeSecurityPolicy
()
def
setSecurityPolicy
(
aSecurityPolicy
):
"""Set the system default security policy.
This method should only be caused by system startup code. It should
never, for example, be called during a web request.
"""
global
_defaultPolicy
last
=
_defaultPolicy
_defaultPolicy
=
aSecurityPolicy
return
last
class
SecurityManager
:
"""A security manager provides methods for checking access and managing
executable context and policies
"""
def
__init__
(
self
,
thread_id
,
context
):
self
.
_thread_id
=
thread_id
self
.
_context
=
context
self
.
_policy
=
None
def
validate
(
self
,
accessed
=
None
,
container
=
None
,
name
=
None
,
value
=
None
):
"""Validate access.
Arguments:
accessed -- the object that was being accessed
container -- the object the value was found in
name -- The name used to access the value
value -- The value retrieved though the access.
The arguments may be provided as keyword arguments. Some of these
arguments may be ommitted, however, the policy may reject access
in some cases when arguments are ommitted. It is best to provide
all the values possible.
"""
policy
=
self
.
_policy
if
policy
is
None
:
policy
=
_defaultPolicy
return
policy
.
validate
(
accessed
,
container
,
name
,
value
,
self
.
_context
)
def
validateValue
(
self
,
value
):
"""Convenience for common case of simple value validation.
"""
policy
=
self
.
_policy
if
policy
is
None
:
policy
=
_defaultPolicy
return
policy
.
validate
(
None
,
None
,
None
,
value
,
self
.
_context
)
def
checkPermission
(
self
,
permission
,
object
):
"""Check whether the security context allows the given permission on
the given object.
Arguments:
permission -- A permission name
object -- The object being accessed according to the permission
"""
policy
=
self
.
_policy
if
policy
is
None
:
policy
=
_defaultPolicy
return
policy
.
checkPermission
(
permission
,
object
,
self
.
_context
)
def
addContext
(
self
,
anExecutableObject
,
getattr
=
getattr
):
"""Add an ExecutableObject to the current security
context. Optionally, add a new SecurityPolicy as well.
"""
stack
=
self
.
_context
.
stack
if
len
(
stack
)
>
max_stack_size
:
raise
SystemError
,
'Excessive recursion'
stack
.
append
(
anExecutableObject
)
p
=
getattr
(
anExecutableObject
,
'_customSecurityPolicy'
,
None
)
if
p
is
not
None
:
p
=
p
()
self
.
_policy
=
p
def
removeContext
(
self
,
anExecutableObject
,
getattr
=
getattr
):
"""Remove an ExecutableObject, and optionally, a
SecurityPolicy, from the current security context.
"""
stack
=
self
.
_context
.
stack
if
not
stack
:
return
top
=
stack
[
-
1
]
if
top
is
anExecutableObject
:
del
stack
[
-
1
]
else
:
indexes
=
range
(
len
(
stack
))
indexes
.
reverse
()
for
i
in
indexes
:
top
=
stack
[
i
]
if
top
is
anExecutableObject
:
del
stack
[
i
:]
break
else
:
return
if
stack
:
top
=
stack
[
-
1
]
p
=
getattr
(
top
,
'_customSecurityPolicy'
,
None
)
if
p
is
not
None
:
p
=
p
()
self
.
_policy
=
p
else
:
self
.
_policy
=
None
def
getUser
(
self
):
"""Gen the current authenticated user"""
return
self
.
_context
.
user
def
calledByExecutable
(
self
):
"""Return a boolean value indicating if this context was called
by an executable"""
return
len
(
self
.
_context
.
stack
)
lib/python/AccessControl/SimpleObjectPolicies.py
0 → 100644
View file @
12bb20e5
##############################################################################
#
# Zope Public License (ZPL) Version 1.0
# -------------------------------------
#
# Copyright (c) Digital Creations. All rights reserved.
#
# This license has been certified as Open Source(tm).
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are
# met:
#
# 1. Redistributions in source code must retain the above copyright
# notice, this list of conditions, and the following disclaimer.
#
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions, and the following disclaimer in
# the documentation and/or other materials provided with the
# distribution.
#
# 3. Digital Creations requests that attribution be given to Zope
# in any manner possible. Zope includes a "Powered by Zope"
# button that is installed by default. While it is not a license
# violation to remove this button, it is requested that the
# attribution remain. A significant investment has been put
# into Zope, and this effort will continue if the Zope community
# continues to grow. This is one way to assure that growth.
#
# 4. All advertising materials and documentation mentioning
# features derived from or use of this software must display
# the following acknowledgement:
#
# "This product includes software developed by Digital Creations
# for use in the Z Object Publishing Environment
# (http://www.zope.org/)."
#
# In the event that the product being advertised includes an
# intact Zope distribution (with copyright and license included)
# then this clause is waived.
#
# 5. Names associated with Zope or Digital Creations must not be used to
# endorse or promote products derived from this software without
# prior written permission from Digital Creations.
#
# 6. Modified redistributions of any form whatsoever must retain
# the following acknowledgment:
#
# "This product includes software developed by Digital Creations
# for use in the Z Object Publishing Environment
# (http://www.zope.org/)."
#
# Intact (re-)distributions of any official Zope release do not
# require an external acknowledgement.
#
# 7. Modifications are encouraged but must be packaged separately as
# patches to official Zope releases. Distributions that do not
# clearly separate the patches from the original work must be clearly
# labeled as unofficial distributions. Modifications which do not
# carry the name Zope may be packaged in any form, as long as they
# conform to all of the clauses above.
#
#
# Disclaimer
#
# THIS SOFTWARE IS PROVIDED BY DIGITAL CREATIONS ``AS IS'' AND ANY
# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL DIGITAL CREATIONS OR ITS
# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
# OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
#
#
# This software consists of contributions made by Digital Creations and
# many individuals on behalf of Digital Creations. Specific
# attributions are listed in the accompanying credits file.
#
##############################################################################
__doc__
=
'''Collect rules for access to objects that don
\
'
t have roles.
$Id: SimpleObjectPolicies.py,v 1.2 2000/05/11 18:54:13 jim Exp $'''
__version__
=
'$Revision: 1.2 $'
[
11
:
-
2
]
import
Record
# Allow access to unprotected attributes
Record
.
Record
.
__allow_access_to_unprotected_subobjects__
=
1
ContainerAssertions
=
{
type
(()):
1
,
type
([]):
1
,
type
({}):
1
,
}
from
DocumentTemplate.cDocumentTemplate
import
InstanceDict
ContainerAssertions
[
InstanceDict
]
=
1
Containers
=
ContainerAssertions
.
get
lib/python/AccessControl/SpecialUsers.py
0 → 100644
View file @
12bb20e5
##############################################################################
#
# Zope Public License (ZPL) Version 1.0
# -------------------------------------
#
# Copyright (c) Digital Creations. All rights reserved.
#
# This license has been certified as Open Source(tm).
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are
# met:
#
# 1. Redistributions in source code must retain the above copyright
# notice, this list of conditions, and the following disclaimer.
#
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions, and the following disclaimer in
# the documentation and/or other materials provided with the
# distribution.
#
# 3. Digital Creations requests that attribution be given to Zope
# in any manner possible. Zope includes a "Powered by Zope"
# button that is installed by default. While it is not a license
# violation to remove this button, it is requested that the
# attribution remain. A significant investment has been put
# into Zope, and this effort will continue if the Zope community
# continues to grow. This is one way to assure that growth.
#
# 4. All advertising materials and documentation mentioning
# features derived from or use of this software must display
# the following acknowledgement:
#
# "This product includes software developed by Digital Creations
# for use in the Z Object Publishing Environment
# (http://www.zope.org/)."
#
# In the event that the product being advertised includes an
# intact Zope distribution (with copyright and license included)
# then this clause is waived.
#
# 5. Names associated with Zope or Digital Creations must not be used to
# endorse or promote products derived from this software without
# prior written permission from Digital Creations.
#
# 6. Modified redistributions of any form whatsoever must retain
# the following acknowledgment:
#
# "This product includes software developed by Digital Creations
# for use in the Z Object Publishing Environment
# (http://www.zope.org/)."
#
# Intact (re-)distributions of any official Zope release do not
# require an external acknowledgement.
#
# 7. Modifications are encouraged but must be packaged separately as
# patches to official Zope releases. Distributions that do not
# clearly separate the patches from the original work must be clearly
# labeled as unofficial distributions. Modifications which do not
# carry the name Zope may be packaged in any form, as long as they
# conform to all of the clauses above.
#
#
# Disclaimer
#
# THIS SOFTWARE IS PROVIDED BY DIGITAL CREATIONS ``AS IS'' AND ANY
# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL DIGITAL CREATIONS OR ITS
# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
# OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
#
#
# This software consists of contributions made by Digital Creations and
# many individuals on behalf of Digital Creations. Specific
# attributions are listed in the accompanying credits file.
#
##############################################################################
__doc__
=
'''Place to find special users
This is needed to avoid a circular import problem.
$Id: SpecialUsers.py,v 1.2 2000/05/11 18:54:13 jim Exp $'''
__version__
=
'$Revision: 1.2 $'
[
11
:
-
2
]
lib/python/AccessControl/User.py
View file @
12bb20e5
...
...
@@ -84,9 +84,9 @@
##############################################################################
"""Access control package"""
__version__
=
'$Revision: 1.10
3
$'
[
11
:
-
2
]
__version__
=
'$Revision: 1.10
4
$'
[
11
:
-
2
]
import
Globals
,
App
.
Undo
,
socket
,
regex
import
Globals
,
socket
,
regex
,
SpecialUsers
from
Globals
import
HTMLFile
,
MessageDialog
,
Persistent
,
PersistentMapping
from
string
import
join
,
strip
,
split
,
lower
from
App.Management
import
Navigation
,
Tabs
...
...
@@ -110,7 +110,10 @@ class BasicUser(Implicit):
# ----------------------------
# Public User object interface
# ----------------------------
# Allow (reluctantly) access to unprotected attributes
__allow_access_to_unprotected_subobjects__
=
1
def
__init__
(
self
,
name
,
password
,
roles
,
domains
):
raise
NotImplemented
...
...
@@ -324,14 +327,16 @@ except:
nobody
=
SpecialUser
(
'Anonymous User'
,
''
,(
'Anonymous'
,),
[])
system
=
Super
(
'System Processes'
,
''
,(
'manage'
,),
[])
import
ZPublisher.BaseRequest
# Make anonymous users always pass the watermark test.
nobody
.
_v__marker__
=
ZPublisher
.
BaseRequest
.
_marker
# stuff these in a handier place for importing
SpecialUsers
.
nobody
=
nobody
SpecialUsers
.
system
=
system
SpecialUsers
.
super
=
super
class
BasicUserFolder
(
Implicit
,
Persistent
,
Navigation
,
Tabs
,
RoleManager
,
Item
,
App
.
Undo
.
UndoSupport
):
Item
):
"""Base class for UserFolder-like objects"""
meta_type
=
'User Folder'
...
...
@@ -342,13 +347,13 @@ class BasicUserFolder(Implicit, Persistent, Navigation, Tabs, RoleManager,
isAUserFolder
=
1
manage_options
=
(
{
'label'
:
'Contents'
,
'action'
:
'manage_main'
,
'help'
:(
'OFSP'
,
'User-Folder_Contents.dtml'
)}
,
{
'label'
:
'Security'
,
'action'
:
'manage_access'
,
'help'
:(
'OFSP'
,
'User-Folder_Security.dtml'
)},
{
'label'
:
'Undo'
,
'action'
:
'manage_UndoForm'
,
'help'
:(
'OFSP'
,
'User-Folder_Undo.dtml'
)},
)
(
{
'label'
:
'Contents'
,
'action'
:
'manage_main'
,
'help'
:(
'OFSP'
,
'User-Folder_Contents.dtml'
)}
,
)
+
Item
.
manage_options
+
RoleManager
.
manage_options
)
__ac_permissions__
=
(
(
'Manage users'
,
...
...
@@ -740,18 +745,6 @@ def manage_addUserFolder(self,dtself=None,REQUEST=None,**ignored):
if
REQUEST
:
return
self
.
manage_main
(
self
,
REQUEST
,
update_menu
=
1
)
# This bit performs watermark verification on authenticated users.
from
ZPublisher.BaseRequest
import
_marker
def
verify_watermark
(
auth_user
):
if
not
hasattr
(
auth_user
,
'_v__marker__'
)
or
\
auth_user
.
_v__marker__
is
not
_marker
:
raise
'Unauthorized'
,
(
'You are not authorized to access this resource.'
)
def
rolejoin
(
roles
,
other
):
dict
=
{}
for
role
in
roles
:
...
...
lib/python/AccessControl/ZopeSecurityPolicy.py
0 → 100644
View file @
12bb20e5
##############################################################################
#
# Zope Public License (ZPL) Version 1.0
# -------------------------------------
#
# Copyright (c) Digital Creations. All rights reserved.
#
# This license has been certified as Open Source(tm).
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are
# met:
#
# 1. Redistributions in source code must retain the above copyright
# notice, this list of conditions, and the following disclaimer.
#
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions, and the following disclaimer in
# the documentation and/or other materials provided with the
# distribution.
#
# 3. Digital Creations requests that attribution be given to Zope
# in any manner possible. Zope includes a "Powered by Zope"
# button that is installed by default. While it is not a license
# violation to remove this button, it is requested that the
# attribution remain. A significant investment has been put
# into Zope, and this effort will continue if the Zope community
# continues to grow. This is one way to assure that growth.
#
# 4. All advertising materials and documentation mentioning
# features derived from or use of this software must display
# the following acknowledgement:
#
# "This product includes software developed by Digital Creations
# for use in the Z Object Publishing Environment
# (http://www.zope.org/)."
#
# In the event that the product being advertised includes an
# intact Zope distribution (with copyright and license included)
# then this clause is waived.
#
# 5. Names associated with Zope or Digital Creations must not be used to
# endorse or promote products derived from this software without
# prior written permission from Digital Creations.
#
# 6. Modified redistributions of any form whatsoever must retain
# the following acknowledgment:
#
# "This product includes software developed by Digital Creations
# for use in the Z Object Publishing Environment
# (http://www.zope.org/)."
#
# Intact (re-)distributions of any official Zope release do not
# require an external acknowledgement.
#
# 7. Modifications are encouraged but must be packaged separately as
# patches to official Zope releases. Distributions that do not
# clearly separate the patches from the original work must be clearly
# labeled as unofficial distributions. Modifications which do not
# carry the name Zope may be packaged in any form, as long as they
# conform to all of the clauses above.
#
#
# Disclaimer
#
# THIS SOFTWARE IS PROVIDED BY DIGITAL CREATIONS ``AS IS'' AND ANY
# EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL DIGITAL CREATIONS OR ITS
# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
# ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
# OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
#
#
# This software consists of contributions made by Digital Creations and
# many individuals on behalf of Digital Creations. Specific
# attributions are listed in the accompanying credits file.
#
##############################################################################
__doc__
=
'''Define Zope
\
'
s default security policy
$Id: ZopeSecurityPolicy.py,v 1.2 2000/05/11 18:54:13 jim Exp $'''
__version__
=
'$Revision: 1.2 $'
[
11
:
-
2
]
import
SimpleObjectPolicies
_noroles
=
[]
from
PermissionRole
import
_what_not_even_god_should_do
,
rolesForPermissionOn
class
ZopeSecurityPolicy
:
def
validate
(
self
,
accessed
,
container
,
name
,
value
,
context
,
None
=
None
,
type
=
type
,
IntType
=
type
(
0
),
DictType
=
type
({}),
getattr
=
getattr
,
_noroles
=
_noroles
,
StringType
=
type
(
''
),
Containers
=
SimpleObjectPolicies
.
Containers
,
valid_aq_
=
(
'aq_parent'
,
'aq_explicit'
)):
############################################################
# Provide special rules for the acquisition attributes
if
type
(
name
)
is
StringType
:
if
name
[:
3
]
==
'aq_'
and
name
not
in
valid_aq_
:
return
0
if
container
is
None
:
container
=
accessed
containerbase
=
accessedbase
=
accessed
else
:
containerbase
=
getattr
(
container
,
'aq_base'
,
container
)
accessedbase
=
getattr
(
accessed
,
'aq_base'
,
container
)
############################################################
# Try to get roles
roles
=
getattr
(
value
,
'__roles__'
,
_noroles
)
if
roles
is
_noroles
:
############################################################
# We have an object without roles. Presumabely, it's
# some simple object, like a string or a list.
if
container
is
None
:
return
0
# Bail if no container
roles
=
getattr
(
container
,
'__roles__'
,
_noroles
)
if
roles
is
_noroles
:
aq
=
getattr
(
container
,
'aq_acquire'
,
None
)
if
aq
is
None
:
roles
=
_noroles
if
containerbase
is
not
accessedbase
:
return
0
else
:
# Try to acquire roles
try
:
roles
=
aq
(
'__roles__'
)
except
AttributeError
:
roles
=
_noroles
if
containerbase
is
not
accessedbase
:
return
0
# We need to make sure that we are allowed to
# get unprotected attributes from the container. We are
# allowed for certain simple containers and if the
# container says we can. Simple containers
# may also impose name restrictions.
p
=
Containers
(
type
(
container
),
None
)
if
p
is
None
:
p
=
getattr
(
container
,
'__allow_access_to_unprotected_subobjects__'
,
None
)
if
p
is
not
None
:
tp
=
type
(
p
)
if
tp
is
not
IntType
:
if
tp
is
DictType
:
p
=
p
.
get
(
name
,
None
)
else
:
p
=
p
(
name
,
value
)
if
not
p
:
if
(
containerbase
is
accessedbase
):
raise
'Unauthorized'
,
name
else
:
return
0
if
roles
is
_noroles
:
return
1
# We are going to need a security-aware object to pass
# to hasRole. We'll use the container.
value
=
container
# Short-circuit tests if we can:
if
roles
is
None
or
'Anonymous'
in
roles
:
return
1
# Check executable security
stack
=
context
.
stack
if
stack
:
eo
=
stack
[
-
1
]
# If the executable had an owner, can it execute?
owner
=
eo
.
getOwner
()
if
(
owner
is
not
None
)
and
not
owner
.
hasRole
(
value
,
roles
):
# We don't want someone to acquire if they can't
# get an unacquired!
if
accessed
is
container
:
raise
'Unauthorized'
,
(
'You are not authorized to access <em>%s</em>.'
%
name
)
return
0
# Proxy roles, which are alot safer now.
proxy_roles
=
getattr
(
eo
,
'_proxy_roles'
,
None
)
if
proxy_roles
:
for
r
in
proxy_roles
:
if
r
in
roles
:
return
1
# Proxy roles actually limit access!
if
accessedbase
is
containerbase
:
raise
'Unauthorized'
,
(
'You are not authorized to access <em>%s</em>.'
%
name
)
return
0
try
:
if
context
.
user
.
hasRole
(
value
,
roles
):
return
1
except
AttributeError
:
pass
# We don't want someone to acquire if they can't get an unacquired!
if
accessedbase
is
containerbase
:
raise
'Unauthorized'
,
(
'You are not authorized to access <em>%s</em>.'
%
name
)
return
0
def
checkPermission
(
self
,
permission
,
object
,
context
):
roles
=
rolesForPermissionOn
(
permission
,
object
)
if
roles
is
_what_not_even_god_should_do
:
return
0
return
context
.
user
.
has_role
(
roles
,
object
)
lib/python/AccessControl/__init__.py
View file @
12bb20e5
...
...
@@ -82,3 +82,8 @@
# attributions are listed in the accompanying credits file.
#
##############################################################################
import
DTML
del
DTML
from
SecurityManagement
import
getSecurityManager
,
setSecurityPolicy
lib/python/AccessControl/methodAccess.dtml
View file @
12bb20e5
...
...
@@ -5,12 +5,26 @@
<dtml-var
manage_tabs
>
</dtml-if
manage_tabs
>
<p>
This interface is used to define how the operations of this object
(or objects that acquire permission settings from this object)
correspond to the operations defined by your product or ZClass.
</p>
<p>
The table below has two columns. The first column
lists the permissions for this object. The second column specifies
the permissions that should have this permission in this product or
ZClass. For ZClass methods, only permissions that are defined for the
ZClass are permitted.
</p>
<p>
In general, any permissions that include operations that change
(mutate) an object should be disabled.
</p>
<p>
The listing below shows the current permission mappings for this item.
</p>
<dtml-with
"
_(valid=
permissionMappingPossibleValues())"
>
<form
action=
"manage_setPermissionMapping"
method=
"POST"
>
<table>
<tr><th
align=
left
>
Permission
</th>
<th
align=
left
>
is mapped to
</th></tr>
<tr><th
align=
left
>
Permission for this object
</th>
<th
align=
left
>
Permissions that correspond to
<br>
(i.e. have) this permission
</th></tr>
<dtml-in
manage_getPermissionMapping
mapping
>
<tr>
<th
align=
left
><dtml-var
permission_name
></th>
...
...
lib/python/AccessControl/owner.dtml
0 → 100644
View file @
12bb20e5
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">
<HTML
lang=
"en"
>
<HEAD>
<TITLE>
&dtml-id;
Owner
</TITLE>
</HEAD>
<BODY
BGCOLOR=
"#FFFFFF"
LINK=
"#000099"
VLINK=
"#555555"
>
<dtml-var
manage_tabs
>
<dtml-var
title_and_id
>
is
<dtml-if
owner_info
>
<dtml-with
owner_info
mapping
>
owned
<dtml-if
explicit
>
directly
<dtml-else>
indirectly (through acquisition)
</dtml-if>
by
&dtml-id;
(
&dtml-path;
).
<dtml-if
userCanChangeOwnershipType
>
<form
action=
"manage_changeOwnershipType"
>
<dtml-if
explicit
>
<input
type=
"hidden"
name=
"explicit"
value=
""
>
<input
type=
"submit"
value=
"Make ownership implicit (acquired)"
>
<dtml-else>
<input
type=
"hidden"
name=
"explicit"
value=
"y"
>
<input
type=
"submit"
value=
"Make ownership explicit"
>
</dtml-if>
</form>
</dtml-if>
</dtml-with>
<dtml-else>
unowned.
</dtml-if>
<dtml-if
userCanTakeOwnership
>
<form
action=
"manage_takeOwnership"
>
<input
type=
"submit"
value=
"Take ownership"
>
</form>
</dtml-if>
</BODY></HTML>
lib/python/App/ApplicationManager.py
View file @
12bb20e5
...
...
@@ -83,10 +83,10 @@
#
##############################################################################
__doc__
=
"""System management components"""
__version__
=
'$Revision: 1.5
8
$'
[
11
:
-
2
]
__version__
=
'$Revision: 1.5
9
$'
[
11
:
-
2
]
import
sys
,
os
,
time
,
string
,
Globals
,
Acquisition
,
os
import
sys
,
os
,
time
,
string
,
Globals
,
Acquisition
,
os
,
Undo
from
Globals
import
HTMLFile
from
OFS.ObjectManager
import
ObjectManager
from
OFS.Folder
import
Folder
...
...
@@ -114,15 +114,18 @@ class DatabaseManager(Fake, SimpleItem.Item, Acquisition.Implicit):
icon
=
'p_/DatabaseManagement_icon'
manage_options
=
(
(
{
'label'
:
'Database'
,
'action'
:
'manage_main'
,
'help'
:(
'OFSP'
,
'Database-Management_Database.dtml'
)},
'help'
:(
'OFSP'
,
'Database-Management_Database.dtml'
)},
{
'label'
:
'Cache Parameters'
,
'action'
:
'manage_cacheParameters'
,
'help'
:(
'OFSP'
,
'Database-Management_Cache-Parameters.dtml'
)},
'help'
:(
'OFSP'
,
'Database-Management_Cache-Parameters.dtml'
)},
{
'label'
:
'Flush Cache'
,
'action'
:
'manage_cacheGC'
,
'help'
:(
'OFSP'
,
'Database-Management_Flush-Cache.dtml'
)},
{
'label'
:
'Undo'
,
'action'
:
'manage_UndoForm'
,
'help'
:(
'OFSP'
,
'Database-Management_Undo.dtml'
)},
'help'
:(
'OFSP'
,
'Database-Management_Flush-Cache.dtml'
)},
)
+
SimpleItem
.
Item
.
manage_options
)
Globals
.
default__class_init__
(
DatabaseManager
)
class
VersionManager
(
Fake
,
SimpleItem
.
Item
,
Acquisition
.
Implicit
):
"""Version management"""
...
...
@@ -133,10 +136,14 @@ class VersionManager(Fake, SimpleItem.Item, Acquisition.Implicit):
icon
=
'p_/VersionManagement_icon'
manage_options
=
(
(
{
'label'
:
'Version'
,
'action'
:
'manage_main'
,
'help'
:(
'OFSP'
,
'Version-Management_Version.dtml'
)},
)
+
SimpleItem
.
Item
.
manage_options
)
Globals
.
default__class_init__
(
VersionManager
)
...
...
@@ -148,7 +155,7 @@ _v_rst=None
class
ApplicationManager
(
Folder
,
CacheManager
):
"""System management"""
__roles__
=
[
'Manager'
]
__roles__
=
(
'Manager'
,)
isPrincipiaFolderish
=
1
Database
=
DatabaseManager
()
Versions
=
VersionManager
()
...
...
@@ -175,12 +182,13 @@ class ApplicationManager(Folder,CacheManager):
)
manage_options
=
(
(
{
'label'
:
'Contents'
,
'action'
:
'manage_main'
,
'help'
:(
'OFSP'
,
'Control-Panel_Contents.dtml'
)},
{
'label'
:
'Undo'
,
'action'
:
'manage_UndoForm'
,
'help'
:(
'OFSP'
,
'Control-Panel_Undo.dtml'
)},
)
+
Undo
.
UndoSupport
.
manage_options
)
id
=
'Control_Panel'
name
=
title
=
'Control Panel'
meta_type
=
'Control Panel'
...
...
lib/python/App/CacheManager.py
View file @
12bb20e5
...
...
@@ -85,8 +85,8 @@
__doc__
=
'''Cache management support
$Id: CacheManager.py,v 1.1
6 1999/10/07 19:53:25
jim Exp $'''
__version__
=
'$Revision: 1.1
6
$'
[
11
:
-
2
]
$Id: CacheManager.py,v 1.1
7 2000/05/11 18:54:13
jim Exp $'''
__version__
=
'$Revision: 1.1
7
$'
[
11
:
-
2
]
import
Globals
,
time
,
sys
...
...
@@ -298,3 +298,6 @@ class CacheManager:
else
:
# ZODB 3
return
db
.
cacheExtremeDetail
()
Globals
.
default__class_init__
(
CacheManager
)
lib/python/App/Factory.py
View file @
12bb20e5
...
...
@@ -84,8 +84,8 @@
##############################################################################
__doc__
=
'''Factory objects
$Id: Factory.py,v 1.1
6 2000/03/20 16:24:07
jim Exp $'''
__version__
=
'$Revision: 1.1
6
$'
[
11
:
-
2
]
$Id: Factory.py,v 1.1
7 2000/05/11 18:54:13
jim Exp $'''
__version__
=
'$Revision: 1.1
7
$'
[
11
:
-
2
]
import
OFS.SimpleItem
,
Acquisition
,
Globals
,
AccessControl
.
Role
import
Products
,
Product
...
...
@@ -108,11 +108,14 @@ class Factory(
)
manage_options
=
(
(
{
'label'
:
'Edit'
,
'action'
:
'manage_main'
,
'help'
:(
'OFSP'
,
'Zope-Factory_Edit.dtml'
)},
{
'label'
:
'
Security
'
,
'action'
:
'manage_access'
,
{
'label'
:
'
Define Permissions
'
,
'action'
:
'manage_access'
,
'help'
:(
'OFSP'
,
'Zope-Factory_Define-Permissions.dtml'
)},
)
)
+
OFS
.
SimpleItem
.
Item
.
manage_options
)
def
__init__
(
self
,
id
,
title
,
object_type
,
initial
,
permission
=
''
):
self
.
id
=
id
...
...
lib/python/App/FactoryDispatcher.py
View file @
12bb20e5
...
...
@@ -145,7 +145,7 @@ class FactoryDispatcher(Acquisition.Implicit):
raise
AttributeError
,
name
# Provide acquired indicators for critical OM methods:
_setObject
=
Acquisition
.
Acquired
_setObject
=
_getOb
=
Acquisition
.
Acquired
# Provide a replacement for manage_main that does a redirection:
def
manage_main
(
trueself
,
self
,
REQUEST
,
update_menu
=
0
):
...
...
lib/python/App/Management.py
View file @
12bb20e5
...
...
@@ -85,14 +85,15 @@
"""Standard management interface support
$Id: Management.py,v 1.3
0 1999/09/27 14:07:05
jim Exp $"""
$Id: Management.py,v 1.3
1 2000/05/11 18:54:13
jim Exp $"""
__version__
=
'$Revision: 1.3
0
$'
[
11
:
-
2
]
__version__
=
'$Revision: 1.3
1
$'
[
11
:
-
2
]
import
sys
,
Globals
,
ExtensionClass
,
urllib
from
Dialogs
import
MessageDialog
from
Globals
import
HTMLFile
from
string
import
split
,
join
,
find
from
AccessControl
import
getSecurityManager
class
Tabs
(
ExtensionClass
.
Base
):
"""Mix-in provides management folder tab support."""
...
...
@@ -100,92 +101,37 @@ class Tabs(ExtensionClass.Base):
manage_tabs__roles__
=
(
'Anonymous'
,)
manage_tabs
=
HTMLFile
(
'manage_tabs'
,
globals
())
#__ac_permissions__=(
# ('View management screens', ('manage_help', )),
# )
manage_help__roles__
=
()
def
manage_help
(
self
,
RESPONSE
,
SCRIPT_NAME
):
"Help!"
RESPONSE
.
redirect
(
SCRIPT_NAME
+
'/HelpSys/hs_index'
)
return
''
manage_options
=
()
filtered_manage_options__roles__
=
None
def
filtered_manage_options
(
self
,
REQUEST
=
None
):
def
filtered_manage_options
(
self
,
REQUEST
=
None
,
help_option_
=
({
'label'
:
'Help'
,
'action'
:
'manage_help'
,
'target'
:
"z_help_wnd"
},),
):
if
REQUEST
is
None
and
hasattr
(
self
,
'aq_acquire'
):
try
:
REQUEST
=
self
.
aq_acquire
(
'REQUEST'
)
except
:
pass
try
:
user
=
REQUEST
[
'AUTHENTICATED_USER'
]
except
:
user
=
None
validate
=
getSecurityManager
().
validate
result
=
[]
seen_roles
=
{}
try
:
options
=
tuple
(
self
.
manage_options
)
+
help_option_
except
:
options
=
tuple
(
self
.
manage_options
())
+
help_option_
try
:
options
=
tuple
(
self
.
manage_options
)
except
:
options
=
tuple
(
self
.
manage_options
())
for
d
in
options
:
label
=
d
.
get
(
'label'
,
None
)
if
(
label
==
'Security'
and
hasattr
(
self
,
'_isBeingUsedAsAMethod'
)
and
self
.
_isBeingUsedAsAMethod
()):
d
[
'label'
]
=
'Define Permissions'
filter
=
d
.
get
(
'filter'
,
None
)
if
filter
is
not
None
and
not
filter
(
self
):
continue
path
=
d
.
get
(
'path'
,
None
)
if
path
is
None
:
path
=
d
[
'action'
]
o
=
self
.
unrestrictedTraverse
(
path
,
None
)
if
o
is
None
:
continue
try
:
# Traverse to get the action:
o
=
self
for
a
in
split
(
path
,
'/'
):
if
not
a
:
continue
if
a
==
'..'
:
o
=
o
.
aq_parent
continue
if
hasattr
(
o
,
'__bobo_traverse__'
):
o
=
o
.
__bobo_traverse__
(
REQUEST
,
a
)
elif
hasattr
(
o
,
a
):
o
=
getattr
(
o
,
a
)
else
:
o
=
o
[
a
]
if
validate
(
value
=
o
):
result
.
append
(
d
)
except
:
o
=
None
if
o
is
None
:
continue
result
.
append
(
d
)
# Waaaa
# Get the roles and check for public methods
try
:
roles
=
o
.
__roles__
except
:
roles
=
None
if
roles
is
None
or
'Anonymous'
in
roles
:
result
.
append
(
d
)
continue
# Do the validation check, trying to
# optimize things for the common case of
# many actions with the same roles.
for
r
in
roles
:
ok
=
seen_roles
.
get
(
r
,
None
)
if
ok
is
None
:
if
user
is
None
:
break
else
:
try
:
ok
=
user
.
allowed
(
o
,
(
r
,))
except
:
ok
=
0
seen_roles
[
r
]
=
ok
if
ok
:
if
not
hasattr
(
o
,
'__roles__'
):
result
.
append
(
d
)
break
return
result
...
...
lib/python/App/Permission.py
View file @
12bb20e5
...
...
@@ -84,8 +84,8 @@
##############################################################################
__doc__
=
'''Zope registerable permissions
$Id: Permission.py,v 1.
2 2000/01/10 20:21:11 amos
Exp $'''
__version__
=
'$Revision: 1.
2
$'
[
11
:
-
2
]
$Id: Permission.py,v 1.
3 2000/05/11 18:54:13 jim
Exp $'''
__version__
=
'$Revision: 1.
3
$'
[
11
:
-
2
]
import
OFS.SimpleItem
,
Acquisition
,
Globals
,
ExtensionClass
,
AccessControl
.
Role
...
...
@@ -98,11 +98,15 @@ class Permission(
icon
=
'p_/Permission_icon'
manage_options
=
(
(
{
'label'
:
'Edit'
,
'action'
:
'manage_main'
,
'help'
:(
'OFSP'
,
'Zope-Permission_Edit.dtml'
)},
{
'label'
:
'
Security
'
,
'action'
:
'manage_access'
,
{
'label'
:
'
Define Permissions
'
,
'action'
:
'manage_access'
,
'help'
:(
'OFSP'
,
'Zope-Permission_Define-Permissions.dtml'
)},
)
)
+
OFS
.
SimpleItem
.
Item
.
manage_options
)
def
__init__
(
self
,
id
,
title
,
name
):
self
.
id
=
id
...
...
lib/python/App/Product.py
View file @
12bb20e5
...
...
@@ -107,8 +107,10 @@
import
Globals
,
OFS
.
Folder
,
OFS
.
SimpleItem
,
os
,
string
,
Acquisition
,
Products
from
OFS.Folder
import
Folder
import
regex
,
zlib
,
Globals
,
cPickle
,
marshal
,
rotor
import
ZClasses
,
ZClasses
.
ZClass
,
AccessControl
.
Owned
from
OFS.Folder
import
Folder
from
string
import
rfind
,
atoi
,
find
,
strip
,
join
from
Factory
import
Factory
from
Permission
import
PermissionManager
...
...
@@ -124,24 +126,12 @@ class ProductFolder(Folder):
meta_type
=
'Product Management'
icon
=
'p_/ProductFolder_icon'
manage_options
=
(
{
'label'
:
'Contents'
,
'action'
:
'manage_main'
,
'help'
:(
'OFSP'
,
'Product-Management_Contents.dtml'
)},
{
'label'
:
'Properties'
,
'action'
:
'manage_propertiesForm'
,
'help'
:(
'OFSP'
,
'Product-Management_Properties.dtml'
)},
{
'label'
:
'Import/Export'
,
'action'
:
'manage_importExportForm'
,
'help'
:(
'OFSP'
,
'Product-Management_Import-Export.dtml'
)},
{
'label'
:
'Security'
,
'action'
:
'manage_access'
,
'help'
:(
'OFSP'
,
'Product-Management_Security.dtml'
)},
{
'label'
:
'Undo'
,
'action'
:
'manage_UndoForm'
,
'help'
:(
'OFSP'
,
'Product-Management_Undo.dtml'
)},
{
'label'
:
'Find'
,
'action'
:
'manage_findFrame'
,
'help'
:(
'OFSP'
,
'Product-Management_Find.dtml'
)},
)
all_meta_types
=
{
'name'
:
'Product'
,
'action'
:
'manage_addProductForm'
},
meta_types
=
all_meta_types
# This prevents subobjects from being owned!
_owner
=
AccessControl
.
Owned
.
UnownableOwner
def
_product
(
self
,
name
):
return
getattr
(
self
,
name
)
manage_addProductForm
=
Globals
.
HTMLFile
(
'addProduct'
,
globals
())
...
...
@@ -192,19 +182,12 @@ class Product(Folder, PermissionManager):
'manage_subclassableClassNames'
]
manage_options
=
(
{
'label'
:
'Contents'
,
'action'
:
'manage_main'
,
'help'
:(
'OFSP'
,
'Product_Contents.dtml'
)},
{
'label'
:
'Properties'
,
'action'
:
'manage_propertiesForm'
,
'help'
:(
'OFSP'
,
'Product_Properties.dtml'
)},
{
'label'
:
'Security'
,
'action'
:
'manage_access'
,
'help'
:(
'OFSP'
,
'Product_Define-Permissions.dtml'
)},
{
'label'
:
'Undo'
,
'action'
:
'manage_UndoForm'
,
'help'
:(
'OFSP'
,
'Product_Undo.dtml'
)},
{
'label'
:
'Find'
,
'action'
:
'manage_findFrame'
,
'help'
:(
'OFSP'
,
'Product_Find.dtml'
)},
{
'label'
:
'Distribution'
,
'action'
:
'manage_distributionView'
,
'help'
:(
'OFSP'
,
'Product_Distribution.dtml'
)},
)
Folder
.
manage_options
+
(
{
'label'
:
'Distribution'
,
'action'
:
'manage_distributionView'
,
'help'
:(
'OFSP'
,
'Product_Distribution.dtml'
)},
)
)
manage_distributionView
=
Globals
.
HTMLFile
(
'distributionView'
,
globals
())
...
...
lib/python/App/Undo.py
View file @
12bb20e5
...
...
@@ -84,9 +84,8 @@
##############################################################################
__doc__
=
'''short description
$Id: Undo.py,v 1.19 2000/05/09 19:06:39 jim Exp $'''
__version__
=
'$Revision: 1.19 $'
[
11
:
-
2
]
$Id: Undo.py,v 1.20 2000/05/11 18:54:14 jim Exp $'''
__version__
=
'$Revision: 1.20 $'
[
11
:
-
2
]
import
Globals
,
ExtensionClass
from
DateTime
import
DateTime
...
...
@@ -101,6 +100,11 @@ class UndoSupport(ExtensionClass.Base):
)),
)
manage_options
=
(
{
'label'
:
'Undo'
,
'action'
:
'manage_UndoForm'
,
'help'
:(
'OFSP'
,
'Undo.dtml'
)},
)
manage_UndoForm
=
Globals
.
HTMLFile
(
'undo'
,
globals
(),
PrincipiaUndoBatchSize
=
20
,
...
...
lib/python/DateTime/DateTime.py
View file @
12bb20e5
...
...
@@ -84,7 +84,7 @@
##############################################################################
"""Encapsulation of date/time values"""
__version__
=
'$Revision: 1.4
7
$'
[
11
:
-
2
]
__version__
=
'$Revision: 1.4
8
$'
[
11
:
-
2
]
import
sys
,
os
,
math
,
regex
,
ts_regex
,
DateTimeZone
...
...
@@ -477,6 +477,10 @@ class DateTime:
and numeric operations return a new DateTime object rather than
modify the current object."""
# For security machinery:
__roles__=None
__allow_access_to_unprotected_subobjects__=1
def __init__(self,*args):
"""Return a new date-time object
...
...
lib/python/DocumentTemplate/DT_In.py
View file @
12bb20e5
...
...
@@ -382,8 +382,8 @@
'''
#'
__rcs_id__
=
'$Id: DT_In.py,v 1.3
8 1999/08/27 14:56:27 petrilli
Exp $'
__version__
=
'$Revision: 1.3
8
$'
[
11
:
-
2
]
__rcs_id__
=
'$Id: DT_In.py,v 1.3
9 2000/05/11 18:54:14 jim
Exp $'
__version__
=
'$Revision: 1.3
9
$'
[
11
:
-
2
]
from
DT_Util
import
ParseError
,
parse_params
,
name_param
,
str
from
DT_Util
import
render_blocks
,
InstanceDict
,
ValidationError
...
...
@@ -592,7 +592,7 @@ class InClass:
client
=
sequence
[
index
]
if
validate
is
not
None
:
try
:
vv
=
validate
(
sequence
,
sequence
,
index
,
client
,
md
)
try
:
vv
=
validate
(
sequence
,
sequence
,
None
,
client
,
md
)
except
:
vv
=
0
if
not
vv
:
if
(
params
.
has_key
(
'skip_unauthorized'
)
and
...
...
@@ -672,7 +672,7 @@ class InClass:
client
=
sequence
[
index
]
if
validate
is
not
None
:
try
:
vv
=
validate
(
sequence
,
sequence
,
index
,
client
,
md
)
try
:
vv
=
validate
(
sequence
,
sequence
,
None
,
client
,
md
)
except
:
vv
=
0
if
not
vv
:
if
(
self
.
args
.
has_key
(
'skip_unauthorized'
)
and
...
...
lib/python/DocumentTemplate/DT_String.py
View file @
12bb20e5
...
...
@@ -82,7 +82,7 @@
# attributions are listed in the accompanying credits file.
#
##############################################################################
"$Id: DT_String.py,v 1.3
4 2000/03/09 20:07:56 brian
Exp $"
"$Id: DT_String.py,v 1.3
5 2000/05/11 18:54:14 jim
Exp $"
from
string
import
split
,
strip
import
regex
,
ts_regex
...
...
@@ -464,8 +464,6 @@ class String:
if globals: push(globals)
if mapping:
push(mapping)
if hasattr(mapping,'AUTHENTICATED_USER'):
md.AUTHENTICATED_USER=mapping['AUTHENTICATED_USER']
md.validate=self.validate
if client is not None:
if type(client)==type(()):
...
...
lib/python/DocumentTemplate/DT_Util.py
View file @
12bb20e5
...
...
@@ -82,8 +82,8 @@
# attributions are listed in the accompanying credits file.
#
##############################################################################
'''$Id: DT_Util.py,v 1.6
1 1999/10/22 18:08:45
jim Exp $'''
__version__
=
'$Revision: 1.6
1
$'
[
11
:
-
2
]
'''$Id: DT_Util.py,v 1.6
2 2000/05/11 18:54:14
jim Exp $'''
__version__
=
'$Revision: 1.6
2
$'
[
11
:
-
2
]
import
regex
,
string
,
math
,
os
from
string
import
strip
,
join
,
atoi
,
lower
,
split
,
find
...
...
@@ -163,7 +163,7 @@ def careful_getitem(md, mapping, key):
if
type
(
v
)
is
type
(
''
):
return
v
# Short-circuit common case
validate
=
md
.
validate
if
validate
is
None
or
validate
(
mapping
,
mapping
,
key
,
v
,
md
):
return
v
if
validate
is
None
or
validate
(
mapping
,
mapping
,
None
,
v
,
md
):
return
v
raise
ValidationError
,
key
def
careful_getslice
(
md
,
seq
,
*
indexes
):
...
...
@@ -179,7 +179,7 @@ def careful_getslice(md, seq, *indexes):
validate
=
md
.
validate
if
validate
is
not
None
:
for
e
in
v
:
if
not
validate
(
seq
,
seq
,
''
,
e
,
md
):
if
not
validate
(
seq
,
seq
,
None
,
e
,
md
):
raise
ValidationError
,
'unauthorized access to slice member'
return
v
...
...
@@ -201,7 +201,6 @@ def careful_range(md, iFirst, *args):
if
iLen
>=
RANGELIMIT
:
raise
ValueError
,
'range() too large'
return
range
(
iStart
,
iEnd
,
iStep
)
import
string
,
math
,
whrandom
try
:
...
...
@@ -210,6 +209,7 @@ try:
from
cDocumentTemplate
import
cDocument
except
:
from
pDocumentTemplate
import
InstanceDict
,
TemplateDict
,
render_blocks
d
=
TemplateDict
.
__dict__
for
name
in
(
'None'
,
'abs'
,
'chr'
,
'divmod'
,
'float'
,
'hash'
,
'hex'
,
'int'
,
'len'
,
'max'
,
'min'
,
'oct'
,
'ord'
,
'round'
,
'str'
):
...
...
@@ -224,8 +224,6 @@ def careful_pow(self, x, y, z):
d
[
'pow'
]
=
careful_pow
try
:
import
random
d
[
'random'
]
=
random
...
...
lib/python/DocumentTemplate/DT_With.py
View file @
12bb20e5
...
...
@@ -105,8 +105,8 @@
'''
__rcs_id__
=
'$Id: DT_With.py,v 1.1
0 1999/03/10 00:15:08 kl
m Exp $'
__version__
=
'$Revision: 1.1
0
$'
[
11
:
-
2
]
__rcs_id__
=
'$Id: DT_With.py,v 1.1
1 2000/05/11 18:54:14 ji
m Exp $'
__version__
=
'$Revision: 1.1
1
$'
[
11
:
-
2
]
from
DT_Util
import
parse_params
,
name_param
,
InstanceDict
,
render_blocks
,
str
from
DT_Util
import
TemplateDict
...
...
@@ -139,8 +139,6 @@ class With:
if
self
.
only
:
_md
=
md
md
=
TemplateDict
()
if
hasattr
(
_md
,
'AUTHENTICATED_USER'
):
md
.
AUTHENTICATED_USER
=
_md
.
AUTHENTICATED_USER
if
hasattr
(
_md
,
'validate'
):
md
.
validate
=
_md
.
validate
...
...
lib/python/DocumentTemplate/cDocumentTemplate.c
View file @
12bb20e5
...
...
@@ -84,7 +84,7 @@
****************************************************************************/
static
char
cDocumentTemplate_module_documentation
[]
=
""
"
\n
$Id: cDocumentTemplate.c,v 1.3
1 2000/01/04 16:24:42
jim Exp $"
"
\n
$Id: cDocumentTemplate.c,v 1.3
2 2000/05/11 18:54:14
jim Exp $"
;
#include "ExtensionClass.h"
...
...
@@ -1063,11 +1063,13 @@ void
initcDocumentTemplate
()
{
PyObject
*
m
,
*
d
;
char
*
rev
=
"$Revision: 1.3
1
$"
;
char
*
rev
=
"$Revision: 1.3
2
$"
;
PURE_MIXIN_CLASS
(
cDocument
,
"Base class for documents that adds fast validation method"
,
Document_methods
);
DictInstanceType
.
ob_type
=&
PyType_Type
;
UNLESS
(
py_isDocTemp
=
PyString_FromString
(
"isDocTemp"
))
return
;
UNLESS
(
py_blocks
=
PyString_FromString
(
"blocks"
))
return
;
UNLESS
(
py_acquire
=
PyString_FromString
(
"aq_acquire"
))
return
;
...
...
lib/python/OFS/Application.py
View file @
12bb20e5
...
...
@@ -85,9 +85,8 @@
__doc__
=
'''Application support
$Id: Application.py,v 1.122 2000/05/04 15:31:44 shane Exp $'''
__version__
=
'$Revision: 1.122 $'
[
11
:
-
2
]
$Id: Application.py,v 1.123 2000/05/11 18:54:14 jim Exp $'''
__version__
=
'$Revision: 1.123 $'
[
11
:
-
2
]
import
Globals
,
Folder
,
os
,
sys
,
App
.
Product
,
App
.
ProductRegistry
,
misc_
import
time
,
traceback
,
os
,
string
,
Products
...
...
@@ -193,6 +192,9 @@ class Application(Globals.ApplicationDefaultPermissions,
__allow_groups__
=
UserFolder
()
def
title_and_id
(
self
):
return
self
.
title
def
title_or_id
(
self
):
return
self
.
title
def
__init__
(
self
):
# Initialize users
self
.
__allow_groups__
=
UserFolder
()
...
...
lib/python/OFS/CopySupport.py
View file @
12bb20e5
...
...
@@ -83,13 +83,14 @@
#
##############################################################################
__doc__
=
"""Copy interface"""
__version__
=
'$Revision: 1.4
7
$'
[
11
:
-
2
]
__version__
=
'$Revision: 1.4
8
$'
[
11
:
-
2
]
import
sys
,
string
,
Globals
,
Moniker
,
tempfile
,
ExtensionClass
from
marshal
import
loads
,
dumps
from
urllib
import
quote
,
unquote
from
zlib
import
compress
,
decompress
from
App.Dialogs
import
MessageDialog
from
AccessControl
import
getSecurityManager
CopyError
=
'Copy Error'
...
...
@@ -341,35 +342,11 @@ class CopyContainer(ExtensionClass.Base):
if
method_name
is
not
None
:
meth
=
None
if
hasattr
(
self
,
method_name
):
meth
=
getattr
(
self
,
method_name
)
else
:
# Handle strange names that come from the Product
# machinery ;(
mn
=
string
.
split
(
method_name
,
'/'
)
if
len
(
mn
)
>
1
:
pname
=
mn
[
1
]
product
=
self
.
manage_addProduct
[
pname
]
fname
=
mn
[
2
]
factory
=
getattr
(
product
,
fname
)
try
:
meth
=
getattr
(
factory
,
factory
.
initial
)
except
:
meth
=
factory
# if we still have a factory, get the add method
try
:
meth
=
getattr
(
meth
,
meth
.
initial
)
except
:
pass
if
hasattr
(
meth
,
'__roles__'
):
roles
=
meth
.
__roles__
user
=
REQUEST
.
get
(
'AUTHENTICATED_USER'
,
None
)
if
(
not
hasattr
(
user
,
'has_role'
)
or
not
user
.
has_role
(
roles
,
self
)):
raise
'Unauthorized'
,
(
"""You are not authorized to perform this
operation."""
)
meth
=
self
.
unrestrictedTraverse
(
method_name
)
if
getSecurityManager
().
validateValue
(
meth
):
return
raise
CopyError
,
MessageDialog
(
title
=
'Not Supported'
,
message
=
'The object <EM>%s</EM> does not support this '
\
...
...
lib/python/OFS/DTMLDocument.py
View file @
12bb20e5
...
...
@@ -84,7 +84,7 @@
##############################################################################
"""DTML Document objects."""
__version__
=
'$Revision: 1.3
2
$'
[
11
:
-
2
]
__version__
=
'$Revision: 1.3
3
$'
[
11
:
-
2
]
from
DocumentTemplate.DT_Util
import
InstanceDict
,
TemplateDict
from
ZPublisher.Converters
import
type_converters
from
Globals
import
HTML
,
HTMLFile
,
MessageDialog
...
...
@@ -96,6 +96,7 @@ from sgmllib import SGMLParser
from
string
import
find
from
urllib
import
quote
import
Globals
from
AccessControl
import
getSecurityManager
done
=
'done'
...
...
@@ -107,19 +108,10 @@ class DTMLDocument(PropertyManager, DTMLMethod):
meta_type
=
'DTML Document'
icon
=
'p_/dtmldoc'
manage_options
=
({
'label'
:
'Edit'
,
'action'
:
'manage_main'
,
'help'
:(
'OFSP'
,
'DTML-Document_Edit.dtml'
)},
{
'label'
:
'Upload'
,
'action'
:
'manage_uploadForm'
,
'help'
:(
'OFSP'
,
'DTML-Document_Upload.dtml'
)},
{
'label'
:
'Properties'
,
'action'
:
'manage_propertiesForm'
,
'help'
:(
'OFSP'
,
'DTML-Document_Properties.dtml'
)},
{
'label'
:
'View'
,
'action'
:
''
,
'help'
:(
'OFSP'
,
'DTML-Document_View.dtml'
)},
{
'label'
:
'Proxy'
,
'action'
:
'manage_proxyForm'
,
'help'
:(
'OFSP'
,
'DTML-Document_Proxy.dtml'
)},
{
'label'
:
'Security'
,
'action'
:
'manage_access'
,
'help'
:(
'OFSP'
,
'DTML-Document_Security.dtml'
)},
)
manage_options
=
(
DTMLMethod
.
manage_options
+
PropertyManager
.
manage_options
)
__ac_permissions__
=
(
(
'Change DTML Documents'
,
(
'manage_edit'
,
'manage_upload'
,
'PUT'
)),
...
...
@@ -163,6 +155,10 @@ class DTMLDocument(PropertyManager, DTMLMethod):
kw
[
'document_title'
]
=
self
.
title
if
hasattr
(
self
,
'aq_explicit'
):
bself
=
self
.
aq_explicit
else
:
bself
=
self
security
=
getSecurityManager
()
security
.
addContext
(
self
)
if
client
is
None
:
# Called as subtemplate, so don't need error propigation!
r
=
apply
(
HTML
.
__call__
,
(
self
,
bself
,
REQUEST
),
kw
)
...
...
lib/python/OFS/DTMLMethod.py
View file @
12bb20e5
...
...
@@ -84,7 +84,7 @@
##############################################################################
"""DTML Method objects."""
__version__
=
'$Revision: 1.4
2
$'
[
11
:
-
2
]
__version__
=
'$Revision: 1.4
3
$'
[
11
:
-
2
]
from
Globals
import
HTML
,
HTMLFile
,
MessageDialog
from
string
import
join
,
split
,
strip
,
rfind
,
atoi
,
lower
...
...
@@ -93,12 +93,13 @@ from OFS.content_types import guess_content_type
from
DocumentTemplate.DT_Util
import
cDocument
from
PropertyManager
import
PropertyManager
from
AccessControl.Role
import
RoleManager
from
AccessControl.User
import
verify_watermark
from
webdav.common
import
rfc1123_date
from
ZDOM
import
ElementWithTitle
from
DateTime.DateTime
import
DateTime
from
urllib
import
quote
import
ts_regex
,
Globals
,
sys
,
Acquisition
from
AccessControl
import
getSecurityManager
class
DTMLMethod
(
cDocument
,
HTML
,
Acquisition
.
Implicit
,
RoleManager
,
...
...
@@ -115,17 +116,20 @@ class DTMLMethod(cDocument, HTML, Acquisition.Implicit, RoleManager,
func_code
.
co_varnames
=
'self'
,
'REQUEST'
,
'RESPONSE'
func_code
.
co_argcount
=
3
manage_options
=
({
'label'
:
'Edit'
,
'action'
:
'manage_main'
,
'help'
:(
'OFSP'
,
'DTML-Method_Edit.dtml'
)},
{
'label'
:
'Upload'
,
'action'
:
'manage_uploadForm'
,
'help'
:(
'OFSP'
,
'DTML-Method_Upload.dtml'
)},
{
'label'
:
'View'
,
'action'
:
''
,
'help'
:(
'OFSP'
,
'DTML-Method_View.dtml'
)},
{
'label'
:
'Proxy'
,
'action'
:
'manage_proxyForm'
,
'help'
:(
'OFSP'
,
'DTML-Method_Proxy.dtml'
)},
{
'label'
:
'Security'
,
'action'
:
'manage_access'
,
'help'
:(
'OFSP'
,
'DTML-Method_Security.dtml'
)},
)
manage_options
=
(
(
{
'label'
:
'Edit'
,
'action'
:
'manage_main'
,
'help'
:(
'OFSP'
,
'DTML-DocumentOrMethod_Edit.dtml'
)},
{
'label'
:
'Upload'
,
'action'
:
'manage_uploadForm'
,
'help'
:(
'OFSP'
,
'DTML-DocumentOrMethod_Upload.dtml'
)},
{
'label'
:
'View'
,
'action'
:
''
,
'help'
:(
'OFSP'
,
'DTML-DocumentOrMethod_View.dtml'
)},
{
'label'
:
'Proxy'
,
'action'
:
'manage_proxyForm'
,
'help'
:(
'OFSP'
,
'DTML-DocumentOrMethod_Proxy.dtml'
)},
)
+
RoleManager
.
manage_options
+
Item_w__name__
.
manage_options
)
__ac_permissions__
=
(
(
'View management screens'
,
...
...
@@ -143,20 +147,22 @@ class DTMLMethod(cDocument, HTML, Acquisition.Implicit, RoleManager,
kw
[
'document_id'
]
=
self
.
id
kw
[
'document_title'
]
=
self
.
title
# Verify the authenticated user object.
if
REQUEST
.
has_key
(
'AUTHENTICATED_USER'
):
verify_watermark
(
REQUEST
[
'AUTHENTICATED_USER'
])
security
=
getSecurityManager
()
security
.
addContext
(
self
)
try
:
if
client
is
None
:
# Called as subtemplate, so don't need error propigation!
r
=
apply
(
HTML
.
__call__
,
(
self
,
client
,
REQUEST
),
kw
)
if
RESPONSE
is
None
:
return
r
return
decapitate
(
r
,
RESPONSE
)
if
client
is
None
:
# Called as subtemplate, so don't need error propigation!
r
=
apply
(
HTML
.
__call__
,
(
self
,
client
,
REQUEST
),
kw
)
if
type
(
r
)
is
not
type
(
''
):
return
r
if
RESPONSE
is
None
:
return
r
return
decapitate
(
r
,
RESPONSE
)
r
=
apply
(
HTML
.
__call__
,
(
self
,
client
,
REQUEST
),
kw
)
if
type
(
r
)
is
not
type
(
''
):
return
r
if
RESPONSE
is
None
:
return
r
finally
:
security
.
removeContext
(
self
)
# Ick. I don't like this. But someone can override it with
# a header if they have to.
...
...
@@ -170,54 +176,8 @@ class DTMLMethod(cDocument, HTML, Acquisition.Implicit, RoleManager,
return
len
(
self
.
raw
)
getSize
=
get_size
def
oldvalidate
(
self
,
inst
,
parent
,
name
,
value
,
md
):
#################################################################
# Note that this method is not used normally. It is simply a
# Python rendition of the validate method implemented in
# DocumentTemplate.cDocumentTemplate. The Python version
# serves the role of a requirements spec for the C version and
# can also be useful (if temporarily renamed to validate) for
# debugging.
#################################################################
try
:
if
(
name
[:
3
]
==
'aq_'
and
name
!=
'aq_parent'
and
name
!=
'aq_explicit'
):
return
0
except
:
pass
# name might not be a string!
# Try to get roles
if
hasattr
(
value
,
'__roles__'
):
roles
=
value
.
__roles__
else
:
if
hasattr
(
parent
,
'__roles__'
):
roles
=
parent
.
__roles__
elif
hasattr
(
parent
,
'aq_acquire'
):
try
:
roles
=
parent
.
aq_acquire
(
'__roles__'
)
except
AttributeError
:
if
hasattr
(
inst
,
'aq_base'
):
inst
=
inst
.
aq_base
if
hasattr
(
parent
,
'aq_base'
):
parent
=
parent
.
aq_base
return
inst
is
parent
else
:
if
hasattr
(
inst
,
'aq_base'
):
inst
=
inst
.
aq_base
if
hasattr
(
parent
,
'aq_base'
):
parent
=
parent
.
aq_base
return
inst
is
parent
value
=
parent
if
roles
is
None
:
return
1
try
:
if
md
.
AUTHENTICATED_USER
.
hasRole
(
value
,
roles
):
return
1
except
AttributeError
:
pass
for
r
in
self
.
_proxy_roles
:
if
r
in
roles
:
return
1
if
inst
is
parent
:
raise
'Unauthorized'
,
(
'You are not authorized to access <em>%s</em>.'
%
name
)
return
0
def
validate
(
self
,
inst
,
parent
,
name
,
value
,
md
):
return
getSecurityManager
().
validate
(
inst
,
parent
,
name
,
value
)
manage_editForm
=
HTMLFile
(
'documentEdit'
,
globals
())
manage_uploadForm
=
HTMLFile
(
'documentUpload'
,
globals
())
...
...
@@ -285,16 +245,14 @@ class DTMLMethod(cDocument, HTML, Acquisition.Implicit, RoleManager,
def
_validateProxy
(
self
,
request
,
roles
=
None
):
if
roles
is
None
:
roles
=
self
.
_proxy_roles
if
not
roles
:
return
user
=
u
=
request
.
get
(
'AUTHENTICATED_USER'
,
None
)
if
user
is
not
None
:
verify_watermark
(
user
)
user
=
user
.
hasRole
for
r
in
roles
:
if
r
and
not
user
(
self
,
(
r
,)):
user
=
None
break
if
user
is
not
None
:
return
user
=
u
=
getSecurityManager
().
getUser
()
user
=
user
.
hasRole
for
r
in
roles
:
if
r
and
not
user
(
self
,
(
r
,)):
user
=
None
break
if
user
is
not
None
:
return
raise
'Forbidden'
,
(
'You are not authorized to change <em>%s</em> because you '
...
...
lib/python/OFS/FindSupport.py
View file @
12bb20e5
...
...
@@ -83,7 +83,7 @@
#
##############################################################################
__doc__
=
"""Find support"""
__version__
=
'$Revision: 1.1
5
$'
[
11
:
-
2
]
__version__
=
'$Revision: 1.1
6
$'
[
11
:
-
2
]
import
sys
,
os
,
string
,
time
,
Globals
,
ExtensionClass
...
...
@@ -93,8 +93,7 @@ from Globals import HTMLFile
from
DocumentTemplate.DT_Util
import
InstanceDict
,
TemplateDict
,
cDocument
from
DateTime
import
DateTime
from
string
import
find
from
AccessControl
import
getSecurityManager
class
FindSupport
(
ExtensionClass
.
Base
):
"""Find support for Zope Folders"""
...
...
@@ -110,6 +109,11 @@ class FindSupport(ExtensionClass.Base):
'manage_findResult'
)),
)
manage_options
=
(
{
'label'
:
'Find'
,
'action'
:
'manage_findFrame'
,
'target'
:
'manage_main'
,
'help'
:(
'OFSP'
,
'Find.dtml'
)},
)
def
ZopeFind
(
self
,
obj
,
obj_ids
=
None
,
obj_metatypes
=
None
,
obj_searchterm
=
None
,
obj_expr
=
None
,
obj_mtime
=
None
,
obj_mspec
=
None
,
...
...
@@ -136,8 +140,6 @@ class FindSupport(ExtensionClass.Base):
if
obj_expr
:
# Setup expr machinations
md
=
td
()
if
hasattr
(
REQUEST
,
'AUTHENTICATED_USER'
):
md
.
AUTHENTICATED_USER
=
REQUEST
.
AUTHENTICATED_USER
obj_expr
=
(
Eval
(
obj_expr
,
expr_globals
),
md
,
md
.
_push
,
md
.
_pop
)
base
=
obj
...
...
@@ -230,8 +232,6 @@ class FindSupport(ExtensionClass.Base):
if
obj_expr
:
# Setup expr machinations
md
=
td
()
if
hasattr
(
REQUEST
,
'AUTHENTICATED_USER'
):
md
.
AUTHENTICATED_USER
=
REQUEST
.
AUTHENTICATED_USER
obj_expr
=
(
Eval
(
obj_expr
,
expr_globals
),
md
,
md
.
_push
,
md
.
_pop
)
base
=
obj
...
...
@@ -299,9 +299,10 @@ class FindSupport(ExtensionClass.Base):
class
td
(
TemplateDict
,
cDocument
):
pass
class
td
(
TemplateDict
):
def
validate
(
self
,
inst
,
parent
,
name
,
value
,
md
):
return
getSecurityManager
().
validate
(
inst
,
parent
,
name
,
value
)
def
expr_match
(
ob
,
ed
,
c
=
InstanceDict
,
r
=
0
):
...
...
lib/python/OFS/Folder.py
View file @
12bb20e5
...
...
@@ -87,17 +87,15 @@
Folders are the basic container objects and are analogous to directories.
$Id: Folder.py,v 1.8
6 2000/03/28 16:58:55 michel
Exp $"""
$Id: Folder.py,v 1.8
7 2000/05/11 18:54:14 jim
Exp $"""
__version__
=
'$Revision: 1.86 $'
[
11
:
-
2
]
__version__
=
'$Revision: 1.87 $'
[
11
:
-
2
]
import
Globals
,
SimpleItem
,
ObjectManager
,
PropertyManager
import
AccessControl.Role
,
webdav
.
Collection
,
FindSupport
import
Globals
,
SimpleItem
from
ObjectManager
import
ObjectManager
from
PropertyManager
import
PropertyManager
from
AccessControl.Role
import
RoleManager
from
webdav.Collection
import
Collection
from
FindSupport
import
FindSupport
from
Globals
import
HTMLFile
from
AccessControl
import
getSecurityManager
manage_addFolderForm
=
HTMLFile
(
'folderAdd'
,
globals
())
...
...
@@ -116,29 +114,37 @@ def manage_addFolder(self, id, title='',
ob
.
id
=
id
ob
.
title
=
title
self
.
_setObject
(
id
,
ob
)
try
:
user
=
REQUEST
[
'AUTHENTICATED_USER'
]
except
:
user
=
None
ob
=
self
.
_getOb
(
id
)
checkPermission
=
getSecurityManager
().
checkPermission
if
createUserF
:
if
(
user
is
not
None
)
and
not
(
user
.
has_permission
(
'Add User Folders'
,
self
)):
if
not
checkPermission
(
'Add User Folders'
,
ob
):
raise
'Unauthorized'
,
(
'You are not authorized to add User Folders.'
)
ob
.
manage_addUserFolder
()
if
createPublic
:
if
(
user
is
not
None
)
and
not
(
user
.
has_permission
(
'Add Documents, Images, and Files'
,
self
)):
if
not
checkPermission
(
'Add Documents, Images, and Files'
,
ob
):
raise
'Unauthorized'
,
(
'You are not authorized to add DTML Documents.'
)
ob
.
manage_addDTMLDocument
(
id
=
'index_html'
,
title
=
''
)
if
REQUEST
is
not
None
:
return
self
.
manage_main
(
self
,
REQUEST
,
update_menu
=
1
)
class
Folder
(
ObjectManager
,
PropertyManager
,
RoleManager
,
Collection
,
SimpleItem
.
Item
,
FindSupport
):
class
Folder
(
ObjectManager
.
ObjectManager
,
PropertyManager
.
PropertyManager
,
AccessControl
.
Role
.
RoleManager
,
webdav
.
Collection
.
Collection
,
SimpleItem
.
Item
,
FindSupport
.
FindSupport
,
):
"""
Folders are basic container objects that provide a standard
interface for object management. Folder objects also implement
...
...
@@ -149,21 +155,16 @@ class Folder(ObjectManager, PropertyManager, RoleManager, Collection,
_properties
=
({
'id'
:
'title'
,
'type'
:
'string'
},)
manage_options
=
(
{
'label'
:
'Contents'
,
'action'
:
'manage_main'
,
'help'
:(
'OFSP'
,
'Folder_Contents.dtml'
)},
ObjectManager
.
ObjectManager
.
manage_options
+
PropertyManager
.
PropertyManager
.
manage_options
+
(
{
'label'
:
'View'
,
'action'
:
'index_html'
,
'help'
:(
'OFSP'
,
'Folder_View.dtml'
)},
{
'label'
:
'Properties'
,
'action'
:
'manage_propertiesForm'
,
'help'
:(
'OFSP'
,
'Folder_Properties.dtml'
)},
{
'label'
:
'Import/Export'
,
'action'
:
'manage_importExportForm'
,
'help'
:(
'OFSP'
,
'Folder_Import-Export.dtml'
)},
{
'label'
:
'Security'
,
'action'
:
'manage_access'
,
'help'
:(
'OFSP'
,
'Folder_Security.dtml'
)},
{
'label'
:
'Undo'
,
'action'
:
'manage_UndoForm'
,
'help'
:(
'OFSP'
,
'Folder_Undo.dtml'
)},
{
'label'
:
'Find'
,
'action'
:
'manage_findFrame'
,
'target'
:
'manage_main'
,
'help'
:(
'OFSP'
,
'Folder_Find.dtml'
)},
)
)
+
FindSupport
.
FindSupport
.
manage_options
+
AccessControl
.
Role
.
RoleManager
.
manage_options
+
SimpleItem
.
Item
.
manage_options
)
__ac_permissions__
=
()
...
...
lib/python/OFS/Image.py
View file @
12bb20e5
...
...
@@ -84,7 +84,7 @@
##############################################################################
"""Image object"""
__version__
=
'$Revision: 1.
99
$'
[
11
:
-
2
]
__version__
=
'$Revision: 1.
100
$'
[
11
:
-
2
]
import
Globals
,
string
,
struct
,
content_types
from
OFS.content_types
import
guess_content_type
...
...
@@ -136,18 +136,20 @@ class File(Persistent,Implicit,PropertyManager,
manage_editForm
=
HTMLFile
(
'fileEdit'
,
globals
(),
Kind
=
'File'
,
kind
=
'file'
)
manage_uploadForm
=
HTMLFile
(
'imageUpload'
,
globals
(),
Kind
=
'File'
,
kind
=
'file'
)
manage
=
manage_main
=
manage_editForm
manage_options
=
({
'label'
:
'Edit'
,
'action'
:
'manage_main'
,
'help'
:(
'OFSP'
,
'File_Edit.dtml'
)},
{
'label'
:
'Upload'
,
'action'
:
'manage_uploadForm'
,
'help'
:(
'OFSP'
,
'File_Upload.dtml'
)},
{
'label'
:
'Properties'
,
'action'
:
'manage_propertiesForm'
,
'help'
:(
'OFSP'
,
'File_Properties.dtml'
)},
{
'label'
:
'View'
,
'action'
:
''
,
'help'
:(
'OFSP'
,
'File_View.dtml'
)},
{
'label'
:
'Security'
,
'action'
:
'manage_access'
,
'help'
:(
'OFSP'
,
'File_Security.dtml'
)},
)
manage_options
=
(
(
{
'label'
:
'Edit'
,
'action'
:
'manage_main'
,
'help'
:(
'OFSP'
,
'File_Edit.dtml'
)},
{
'label'
:
'Upload'
,
'action'
:
'manage_uploadForm'
,
'help'
:(
'OFSP'
,
'File_Upload.dtml'
)},
{
'label'
:
'View'
,
'action'
:
''
,
'help'
:(
'OFSP'
,
'File_View.dtml'
)},
)
+
PropertyManager
.
manage_options
+
Item_w__name__
.
manage_options
+
RoleManager
.
manage_options
)
__ac_permissions__
=
(
(
'View management screens'
,
...
...
@@ -434,18 +436,17 @@ class Image(File):
{
'id'
:
'height'
,
'type'
:
'string'
},
{
'id'
:
'width'
,
'type'
:
'string'
},
)
manage_options
=
({
'label'
:
'Edit'
,
'action'
:
'manage_main'
,
'help'
:(
'OFSP'
,
'Image_Edit.dtml'
)},
{
'label'
:
'Upload'
,
'action'
:
'manage_uploadForm'
,
'help'
:(
'OFSP'
,
'Image_Upload.dtml'
)},
{
'label'
:
'Properties'
,
'action'
:
'manage_propertiesForm'
,
'help'
:(
'OFSP'
,
'Image_Properties.dtml'
)},
{
'label'
:
'View'
,
'action'
:
'view_image_or_file'
,
'help'
:(
'OFSP'
,
'Image_View.dtml'
)},
{
'label'
:
'Security'
,
'action'
:
'manage_access'
,
'help'
:(
'OFSP'
,
'Image_Security.dtml'
)},
)
# Grrrrr, need to replace the view option.
manage_options
=
tuple
(
map
(
lambda
o
:
(
o
[
'label'
]
==
'View'
and
{
'label'
:
'View'
,
'action'
:
'view_image_or_file'
,
'help'
:(
'OFSP'
,
'Image_View.dtml'
)}
or
o
)
,
File
.
manage_options
))
manage_editForm
=
HTMLFile
(
'imageEdit'
,
globals
(),
Kind
=
'Image'
,
kind
=
'image'
)
view_image_or_file
=
HTMLFile
(
'imageView'
,
globals
())
...
...
lib/python/OFS/ObjectManager.py
View file @
12bb20e5
...
...
@@ -84,11 +84,11 @@
##############################################################################
__doc__
=
"""Object Manager
$Id: ObjectManager.py,v 1.8
8 2000/05/11 16:24:44 tseaver
Exp $"""
$Id: ObjectManager.py,v 1.8
9 2000/05/11 18:54:14 jim
Exp $"""
__version__
=
'$Revision: 1.8
8
$'
[
11
:
-
2
]
__version__
=
'$Revision: 1.8
9
$'
[
11
:
-
2
]
import
App.Management
,
Acquisition
,
App
.
Undo
,
Globals
,
CopySupport
,
Products
import
App.Management
,
Acquisition
,
Globals
,
CopySupport
,
Products
import
os
,
App
.
FactoryDispatcher
,
ts_regex
,
Products
from
Globals
import
HTMLFile
,
HTMLFile
,
Persistent
from
Globals
import
MessageDialog
,
default__class_init__
...
...
@@ -98,6 +98,7 @@ from urllib import quote
from
cStringIO
import
StringIO
import
marshal
import
App.Common
from
AccessControl
import
getSecurityManager
bad_id
=
ts_regex
.
compile
(
'[^a-zA-Z0-9-_~
\
,
\
. ]'
).
search
#TS
...
...
@@ -108,7 +109,6 @@ class ObjectManager(
App
.
Management
.
Tabs
,
Acquisition
.
Implicit
,
Persistent
,
App
.
Undo
.
UndoSupport
,
Collection
,
):
"""Generic object manager
...
...
@@ -139,10 +139,12 @@ class ObjectManager(
manage_main
=
HTMLFile
(
'main'
,
globals
())
manage_options
=
(
{
'label'
:
'Contents'
,
'action'
:
'manage_main'
},
)
{
'label'
:
'Contents'
,
'action'
:
'manage_main'
,
'help'
:(
'OFSP'
,
'ObjectManager_Contents.dtml'
)},
{
'label'
:
'Import/Export'
,
'action'
:
'manage_importExportForm'
,
'help'
:(
'OFSP'
,
'ObjectManager_Import-Export.dtml'
)},
)
isAnObjectManager
=
1
...
...
@@ -175,8 +177,11 @@ class ObjectManager(
)
def
filtered_meta_types
(
self
,
user
):
def
filtered_meta_types
(
self
,
user
=
None
):
"Those meta types for which a user has adequite permissions."
user
=
getSecurityManager
().
getUser
()
meta_types
=
[]
if
callable
(
self
.
all_meta_types
):
all
=
self
.
all_meta_types
()
...
...
@@ -235,14 +240,14 @@ class ObjectManager(
self
.
_objects
=
self
.
_objects
+
({
'id'
:
id
,
'meta_type'
:
t
},)
self
.
_setOb
(
id
,
object
)
object
=
self
.
_getOb
(
id
)
object
.
manage_fixupOwnershipAfterAdd
()
object
.
manage_afterAdd
(
object
,
self
)
# Try to give user the local role "Owner", but only if
# no local roles have been set on the object yet.
if
hasattr
(
self
,
'REQUEST'
)
and
type
(
self
.
REQUEST
)
!=
type
(
''
)
and
\
hasattr
(
object
,
'__ac_local_roles__'
):
if
hasattr
(
object
,
'__ac_local_roles__'
):
if
object
.
__ac_local_roles__
is
None
:
user
=
self
.
REQUEST
[
'AUTHENTICATED_USER'
]
user
=
getSecurityManager
().
getUser
()
name
=
user
.
getUserName
()
if
name
!=
'Anonymous User'
:
object
.
manage_setLocalRoles
(
name
,
[
'Owner'
])
...
...
@@ -537,10 +542,10 @@ class ObjectManager(
# check to see if we are acquiring our objectValues or not
if
not
(
len
(
REQUEST
.
PARENTS
)
>
1
and
self
.
objectValues
()
==
REQUEST
.
PARENTS
[
1
].
objectValues
()):
if
REQUEST
[
'AUTHENTICATED_USER'
].
allowed
(
self
.
manage_FTPlist
,
self
.
manage_FTPlist
.
__roles__
):
mode
=
mode
|
0770
try
:
if
getSecurityManager
().
validateValue
(
self
.
manage_FTPlist
):
mode
=
mode
|
0770
except
:
pass
if
nobody
.
allowed
(
self
.
manage_FTPlist
,
self
.
manage_FTPlist
.
__roles__
):
...
...
lib/python/OFS/PropertyManager.py
View file @
12bb20e5
...
...
@@ -84,7 +84,7 @@
##############################################################################
"""Property management"""
__version__
=
'$Revision: 1.
19
$'
[
11
:
-
2
]
__version__
=
'$Revision: 1.
20
$'
[
11
:
-
2
]
import
ExtensionClass
,
Globals
import
ZDOM
...
...
@@ -161,6 +161,12 @@ class PropertyManager(ExtensionClass.Base, ZDOM.ElementWithAttributes):
'manage_delProperties',
'manage_changeProperties',)),
"""
manage_options
=
(
{
'label'
:
'Properties'
,
'action'
:
'manage_propertiesForm'
,
'help'
:(
'OFSP'
,
'Properties.dtml'
)},
)
manage_propertiesForm
=
HTMLFile
(
'properties'
,
globals
(),
property_extensible_schema__
=
1
)
...
...
lib/python/OFS/SimpleItem.py
View file @
12bb20e5
...
...
@@ -89,11 +89,11 @@ Aqueduct database adapters, etc.
This module can also be used as a simple template for implementing new
item types.
$Id: SimpleItem.py,v 1.6
8 2000/04/04 22:41:52
jim Exp $'''
__version__
=
'$Revision: 1.6
8
$'
[
11
:
-
2
]
$Id: SimpleItem.py,v 1.6
9 2000/05/11 18:54:14
jim Exp $'''
__version__
=
'$Revision: 1.6
9
$'
[
11
:
-
2
]
import
regex
,
sys
,
Globals
,
App
.
Management
,
Acquisition
import
AccessControl.Role
import
regex
,
sys
,
Globals
,
App
.
Management
,
Acquisition
,
App
.
Undo
import
AccessControl.Role
,
AccessControl
.
Owned
,
App
.
Common
from
webdav.Resource
import
Resource
from
ExtensionClass
import
Base
from
DateTime
import
DateTime
...
...
@@ -102,20 +102,24 @@ from string import join, lower, find, split
from
types
import
InstanceType
,
StringType
from
ComputedAttribute
import
ComputedAttribute
from
urllib
import
quote
import
App.Common
from
AccessControl
import
getSecurityManager
import
marshal
import
ZDOM
HTML
=
Globals
.
HTML
_marker
=
[]
StringType
=
type
(
''
)
class
Item
(
Base
,
Resource
,
CopySource
,
App
.
Management
.
Tabs
,
ZDOM
.
Element
):
ZDOM
.
Element
,
AccessControl
.
Owned
.
Owned
,
App
.
Undo
.
UndoSupport
,
):
"""A common base class for simple, non-container objects."""
isPrincipiaFolderish
=
0
isTopLevelPrincipiaApplicationObject
=
0
def
manage_afterAdd
(
self
,
item
,
container
):
pass
def
manage_beforeDelete
(
self
,
item
,
container
):
pass
def
manage_afterClone
(
self
,
item
):
pass
...
...
@@ -140,11 +144,17 @@ class Item(Base, Resource, CopySource, App.Management.Tabs,
# Default propertysheet info:
__propsets__
=
()
manage_options
=
()
manage_options
=
(
App
.
Undo
.
UndoSupport
.
manage_options
+
AccessControl
.
Owned
.
Owned
.
manage_options
)
# Attributes that must be acquired
REQUEST
=
Acquisition
.
Acquired
# Allow (reluctantly) access to unprotected attributes
__allow_access_to_unprotected_subobjects__
=
1
getPhysicalRoot
=
Acquisition
.
Acquired
getPhysicalRoot__roles__
=
()
...
...
@@ -268,21 +278,28 @@ class Item(Base, Resource, CopySource, App.Management.Tabs,
"psuedo stat, used by FTP for directory listings"
from
AccessControl.User
import
nobody
mode
=
0100000
# check read permissions
if
hasattr
(
self
.
aq_base
,
'manage_FTPget'
)
and
\
hasattr
(
self
.
manage_FTPget
,
'__roles__'
):
if
REQUEST
[
'AUTHENTICATED_USER'
].
allowed
(
self
.
manage_FTPget
,
self
.
manage_FTPget
.
__roles__
):
mode
=
mode
|
0440
if
nobody
.
allowed
(
self
.
manage_FTPget
,
self
.
manage_FTPget
.
__roles__
):
if
(
hasattr
(
self
.
aq_base
,
'manage_FTPget'
)
and
hasattr
(
self
.
manage_FTPget
,
'__roles__'
)):
try
:
if
getSecurityManager
().
validateValue
(
self
.
manage_FTPget
):
mode
=
mode
|
0440
except
:
pass
if
nobody
.
allowed
(
self
.
manage_FTPget
,
self
.
manage_FTPget
.
__roles__
):
mode
=
mode
|
0004
# check write permissions
if
hasattr
(
self
.
aq_base
,
'PUT'
)
and
hasattr
(
self
.
PUT
,
'__roles__'
):
if
REQUEST
[
'AUTHENTICATED_USER'
].
allowed
(
self
.
PUT
,
self
.
PUT
.
__roles__
):
mode
=
mode
|
0220
try
:
if
getSecurityManager
().
validateValue
(
self
.
PUT
):
mode
=
mode
|
0220
except
:
pass
if
nobody
.
allowed
(
self
.
PUT
,
self
.
PUT
.
__roles__
):
mode
=
mode
|
0002
# get size
if
hasattr
(
self
,
'get_size'
):
size
=
self
.
get_size
()
...
...
@@ -332,12 +349,31 @@ class Item(Base, Resource, CopySource, App.Management.Tabs,
unrestrictedTraverse__roles__
=
()
def
unrestrictedTraverse
(
self
,
path
,
default
=
_marker
):
if
not
path
:
return
self
object
=
self
get
=
getattr
N
=
None
M
=
_marker
if
type
(
path
)
is
StringType
:
path
=
split
(
path
,
'/'
)
else
:
path
=
list
(
path
)
REQUEST
=
{
'path'
:
path
}
path
.
reverse
()
pop
=
path
.
pop
try
:
for
name
in
path
:
while
path
:
name
=
pop
()
if
name
==
'..'
:
o
=
getattr
(
object
,
'aq_parent'
,
M
)
if
o
is
not
M
:
object
=
o
continue
t
=
get
(
object
,
'__bobo_traverse__'
,
N
)
if
t
is
not
N
:
object
=
t
(
N
,
name
)
...
...
@@ -416,7 +452,6 @@ def pretty_tb(t,v,tb):
tb
=
join
(
tb
,
'
\
n
'
)
return
tb
class
SimpleItem
(
Item
,
Globals
.
Persistent
,
Acquisition
.
Implicit
,
AccessControl
.
Role
.
RoleManager
,
...
...
@@ -425,7 +460,7 @@ class SimpleItem(Item, Globals.Persistent,
"""Mix-in class combining the most common set of basic mix-ins
"""
manage_options
=
(
manage_options
=
Item
.
manage_options
+
(
{
'label'
:
'Security'
,
'action'
:
'manage_access'
},
)
...
...
lib/python/OFS/documentProxy.dtml
View file @
12bb20e5
...
...
@@ -6,11 +6,10 @@
<BODY
BGCOLOR=
"#FFFFFF"
LINK=
"#000099"
VLINK=
"#555555"
>
<dtml-var
manage_tabs
>
<P>
Proxy Roles allow a DTML Document or Method to access
restricted Zope resources. Normally a DTML Method or Document
can only access resources for which the user is authorized.
By adding Proxy Roles, you allow the DTML Document or Method
to act with additional roles, beyond what the user may have.
Proxy roles allow you to control the access that a DTML document or
method has. Proxy roles replace the roles of the user who is viewing
the document or method. This can be used to both expand and limit
access to resources.
</P>
<P>
Use the form below to select which roles this DTML document
...
...
lib/python/OFS/folderAdd.dtml
View file @
12bb20e5
...
...
@@ -42,7 +42,7 @@ information for the Folder.
</TR>
<TR><TD
COLSPAN=
"2"
><BR></TD></TR>
<dtml-if
"
AUTHENTICATED_USER
.
has_p
ermission
('
Add
Documents
,
Images
,
and
Files
',
this
())"
>
<dtml-if
"
_
.
SecurityCheckP
ermission
('
Add
Documents
,
Images
,
and
Files
',
this
())"
>
<TR>
<TD
ALIGN=
"TOP"
COLSPAN=
"2"
>
<INPUT
TYPE=
"CHECKBOX"
NAME=
"createPublic:int"
VALUE=
"1"
CHECKED
ID=
"cbCreatePublic"
>
...
...
@@ -51,7 +51,7 @@ information for the Folder.
</TR>
</dtml-if>
<dtml-if
"
AUTHENTICATED_USER
.
has_p
ermission
('
Add
User
Folders
',
this
())"
>
<dtml-if
"
_
.
SecurityCheckP
ermission
('
Add
User
Folders
',
this
())"
>
<TR>
<TD
ALIGN=
"TOP"
COLSPAN=
"2"
>
<INPUT
TYPE=
"CHECKBOX"
NAME=
"createUserF:int"
VALUE=
"1"
CHECKED
ID=
"cbCreateUserF"
>
...
...
lib/python/OFS/main.dtml
View file @
12bb20e5
...
...
@@ -54,10 +54,10 @@
<INPUT
TYPE=
"SUBMIT"
NAME=
"manage_pasteObjects:method"
VALUE=
"Paste"
>
</dtml-if>
</dtml-unless>
<dtml-if
"
AUTHENTICATED_USER
.
has_permission
('
Delete
objects
',
this
())"
>
<dtml-if
"
_
.
SecurityCheckPermission
('
Delete
objects
',
this
())"
>
<INPUT
TYPE=
"SUBMIT"
NAME=
"manage_delObjects:method"
VALUE=
"Delete"
>
</dtml-if>
<dtml-if
"
AUTHENTICATED_USER
.
has_p
ermission
('
Import
/
Export
objects
',
this
())"
>
<dtml-if
"
_
.
SecurityCheckP
ermission
('
Import
/
Export
objects
',
this
())"
>
<INPUT
TYPE=
"SUBMIT"
NAME=
"manage_importExportForm:method"
VALUE=
"Export..."
>
</dtml-if>
</TD>
...
...
@@ -79,9 +79,9 @@ There are currently no items in <EM><dtml-var title_or_id></EM>
</dtml-if>
</FORM>
<dtml-if
"
filtered_meta_types
(
AUTHENTICATED_USER
)"
>
<dtml-if
filtered_meta_types
>
<dtml-if
"
_
.
len
(
filtered_meta_types
(
AUTHENTICATED_USER
)
)
>
1">
<dtml-if
"
_
.
len
(
filtered_meta_types
)
>
1">
<TABLE
ALIGN=
"LEFT"
>
<TR>
<TD
VALIGN=
"MIDDLE"
>
...
...
@@ -95,7 +95,7 @@ There are currently no items in <EM><dtml-var title_or_id></EM>
<SELECT
NAME=
":method"
ONCHANGE=
"location.href='<dtml-var URL1
>/'+this.options[this.selectedIndex].value"
>
<OPTION
value=
"manage_workspace"
DISABLED
>
Available Objects
<dtml-in
"
filtered_meta_types
(
AUTHENTICATED_USER
)"
mapping
sort=
name
>
<dtml-in
filtered_meta_types
mapping
sort=
name
>
<OPTION
value=
"<dtml-var action fmt="
url-quote
"
>
">
<dtml-var
name
>
</dtml-in>
</SELECT>
...
...
@@ -107,7 +107,7 @@ There are currently no items in <EM><dtml-var title_or_id></EM>
<dtml-else>
<FORM
ACTION=
"<dtml-var URL1>/"
METHOD=
"GET"
>
To add a new item click
"
Add
"
.
<dtml-in
"
filtered_meta_types
(
AUTHENTICATED_USER
)"
mapping
sort=
name
>
<dtml-in
filtered_meta_types
mapping
sort=
name
>
<input
type=
hidden
name=
":method"
value=
"<dtml-var action fmt="
url-quote
"
>
">
<INPUT
TYPE=
"SUBMIT"
VALUE=
" Add "
>
</dtml-in>
...
...
lib/python/Products/ExternalMethod/ExternalMethod.py
View file @
12bb20e5
...
...
@@ -88,7 +88,7 @@
This product provides support for external methods, which allow
domain-specific customization of web environments.
"""
__version__
=
'$Revision: 1.3
6
$'
[
11
:
-
2
]
__version__
=
'$Revision: 1.3
7
$'
[
11
:
-
2
]
from
Globals
import
Persistent
,
HTMLFile
,
MessageDialog
,
HTML
import
OFS.SimpleItem
,
Acquisition
from
string
import
split
,
join
,
find
,
lower
...
...
@@ -152,12 +152,14 @@ class ExternalMethod(OFS.SimpleItem.Item, Persistent, Acquisition.Explicit,
HelpSys
=
Acquisition
.
Acquired
manage_options
=
(
(
{
'label'
:
'Properties'
,
'action'
:
'manage_main'
,
'help'
:(
'ExternalMethod'
,
'External-Method_Properties.dtml'
)},
{
'label'
:
'Try It'
,
'action'
:
''
,
'help'
:(
'ExternalMethod'
,
'External-Method_Try-It.dtml'
)},
{
'label'
:
'Security'
,
'action'
:
'manage_access'
,
'help'
:(
'ExternalMethod'
,
'External-Method_Security.dtml'
)},
)
+
OFS
.
SimpleItem
.
Item
.
manage_options
+
AccessControl
.
Role
.
RoleManager
.
manage_options
)
__ac_permissions__
=
(
...
...
lib/python/Products/MailHost/MailHost.py
View file @
12bb20e5
...
...
@@ -82,7 +82,10 @@
# attributions are listed in the accompanying credits file.
#
##############################################################################
"""SMTP mail objects"""
"""SMTP mail objects
$Id: MailHost.py,v 1.48 2000/05/11 18:54:15 jim Exp $"
__version__ = "$Revision: 1.48 $"[11:-2]
from Globals import Persistent, HTMLFile, HTML, MessageDialog
from smtplib import SMTP
...
...
@@ -93,8 +96,6 @@ import OFS.SimpleItem, re, quopri, rfc822
import Globals
from cStringIO import StringIO
#$Id: MailHost.py,v 1.47 2000/04/21 14:10:20 tseaver Exp $
__version__
=
"$Revision: 1.47 $"
[
11
:
-
2
]
smtpError = "SMTP Error"
MailHostError = "MailHost Error"
...
...
@@ -118,16 +119,18 @@ class MailBase(Acquisition.Implicit, OFS.SimpleItem.Item, RoleManager):
timeout=1.0
manage_options
=
({
'icon'
:
''
,
'label'
:
'Edit'
,
'action'
:
'manage_main'
,
'target'
:
'manage_main'
,
'help'
:(
'MailHost'
,
'Mail-Host_Edit.dtml'
)},
{
'icon'
:
''
,
'label'
:
'Security'
,
'action'
:
'manage_access'
,
'target'
:
'manage_main'
,
'help'
:(
'MailHost'
,
'Mail-Host_Security.dtml'
)},
)
manage_options=(
(
{'icon':'', 'label':'Edit',
'action':'manage_main', 'target':'manage_main',
'help':('MailHost','Mail-Host_Edit.dtml')},
)
+OFS.SimpleItem.Item.manage_options
+RoleManager.manage_options
)
__ac_permissions__=(
(
'View management screens'
,
(
'manage'
,)),
('View management screens', ('manage',
'manage_main'
)),
('Change configuration', ('manage_makeChanges',)),
('Use mailhost services',('',)),
)
...
...
@@ -221,10 +224,14 @@ class MailBase(Acquisition.Implicit, OFS.SimpleItem.Item, RoleManager):
smtpserver.sendmail(headers['from'], headers['to'], messageText)
def simple_send(self, mto, mfrom, subject, body):
body
=
"from: %s
\
n
to: %s
\
n
subject: %s
\
n
\
n
%s"
%
(
mfrom
,
mto
,
subject
,
body
)
body="from: %s
\
n
to: %s
\
n
subject: %s
\
n
\
n
%s" % (
mfrom, mto, subject, body)
mailserver = SMTP(self.smtphost, self.smtpport)
mailserver.sendmail(mfrom, mto, body)
Globals.default__class_init__(MailBase)
class MailHost(Persistent, MailBase):
"persistent version"
...
...
lib/python/Products/OFSP/Version.py
View file @
12bb20e5
...
...
@@ -84,7 +84,7 @@
##############################################################################
"""Version object"""
__version__
=
'$Revision: 1.3
7
$'
[
11
:
-
2
]
__version__
=
'$Revision: 1.3
8
$'
[
11
:
-
2
]
import
Globals
,
time
from
AccessControl.Role
import
RoleManager
...
...
@@ -111,14 +111,16 @@ class Version(Persistent,Implicit,RoleManager,Item):
meta_type
=
'Version'
manage_options
=
(
(
{
'label'
:
'Join/Leave'
,
'action'
:
'manage_main'
,
'help'
:(
'OFSP'
,
'Version_Join-Leave.dtml'
)},
{
'label'
:
'Save/Discard'
,
'action'
:
'manage_end'
,
'help'
:(
'OFSP'
,
'Version_Save-Discard.dtml'
)},
{
'label'
:
'Properties'
,
'action'
:
'manage_editForm'
,
'help'
:(
'OFSP'
,
'Version_Properties.dtml'
)},
{
'label'
:
'Security'
,
'action'
:
'manage_access'
,
'help'
:(
'OFSP'
,
'Version_Security.dtml'
)},
)
+
Item
.
manage_options
+
RoleManager
.
manage_options
)
__ac_permissions__
=
(
...
...
lib/python/Products/OFSP/help/
Folder_
Advanced-Find.dtml
→
lib/python/Products/OFSP/help/Advanced-Find.dtml
View file @
12bb20e5
<dtml-var standard_html_header><h1>
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Folder.dtml">Folder</a>>Advanced Find</h1>
<dtml-var standard_html_header><h1>Advanced Find</h1>
<p> This view allows you to search for Zope objects. </p>
<p> To find objects you specify search criteria in the top frame and
then click the <tt>Find</tt> button. The find results will appear in
...
...
@@ -21,4 +20,4 @@
restrict found objects to those for which the selected roles have the selected
permission. Finally you may choose to either the <tt>Search only in this
folder</tt> or the <tt>Search all subfolders</tt> radio box to
control where Zope should look for found items. </p><dtml-var standard_html_footer>
\ No newline at end of file
control where Zope should look for found items. </p><dtml-var standard_html_footer>
lib/python/Products/OFSP/help/Common-Instance-Property-Sheet_Properties.dtml
deleted
100644 → 0
View file @
8dc0c578
<dtml-var standard_html_header><h1>
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Common-Instance-Property-Sheet.dtml">Common Instance Property Sheet</a>>Properties</h1>
<p> See <a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Folder_Properties.dtml">Folder>Properties</a>. </p><dtml-var standard_html_footer>
\ No newline at end of file
lib/python/Products/OFSP/help/Control-Panel_Undo.dtml
deleted
100644 → 0
View file @
8dc0c578
<dtml-var standard_html_header><h1>
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Control-Panel.dtml">Control Panel</a>>Undo</h1>
<p> See <a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Folder_Undo.dtml">Folder>Undo</a>. </p><dtml-var standard_html_footer>
\ No newline at end of file
lib/python/Products/OFSP/help/DTML-Document_Edit.dtml
→
lib/python/Products/OFSP/help/DTML-Document
OrMethod
_Edit.dtml
View file @
12bb20e5
<dtml-var standard_html_header><h1>
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/DTML-Document.dtml">DTML Document</a>>Edit</h1>
<p> This view allows you to edit the contents of a document. </p>
DTML
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/DTML-Document.dtml">Document</a>
or
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/DTML-Method.dtml">Method</a>
Edit</h1>
<p> This view allows you to edit the contents of a DTML document or method. </p>
<p> The <tt>id</tt> field indicates the id of the document.
The <tt>Title</tt> field allows you to edit the title of the
document. The <tt>Size</tt> field indicates the size of the
...
...
@@ -11,4 +15,4 @@
click the <tt>Taller</tt>, <tt>Shorter</tt>,
<tt>Wider</tt>, or <tt>Narrower</tt> buttons repeatedly
until the size is correctly adjusted. To change the contents of the document
click the <tt>Change</tt> button. </p><dtml-var standard_html_footer>
\ No newline at end of file
click the <tt>Change</tt> button. </p><dtml-var standard_html_footer>
lib/python/Products/OFSP/help/DTML-DocumentOrMethod_Proxy.dtml
0 → 100644
View file @
12bb20e5
<dtml-var standard_html_header><h1>
DTML
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/DTML-Document.dtml">Document</a>
or
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/DTML-Method.dtml">Method</a>
Proxy</h1>
<p> This view allows you to manage proxy roles for a document or method. </p>
<p>
Proxy roles replace the roles of the user who is viewing the
document or method to allow the document additional access or to limit the
access the document or method has.
</p>
<p>
To see how proxy roles can be used to limit access, suppose we want to
assure that a document can only access public resources. We might do
this if we allowed untrusted users to edit the document. All we need
to do is to set the proxy roles to Anonymous. As long as we don't let
untrusted users change the proxy roles, we can let them edit the
document freely without worrying about giving them the ability to have
protected resources accessed when the document is viewed.
</p>
<p>
To see how proxy roles can be used to grant access, we might have a
method that performs some management task for an unpriviledged user.
For example, we might have a method that creates a folder for a user
and makes them the owner. The method needs to call the
'manage_addFolder' method to add the folder. Perhaps the
'manage_addFolder' requires the 'Manager' role. Simply give the method
the 'Manager' proxy role. This effectively allows the unpriviledged
user to create a folder, but only though the special method.
</p>
<p> Select the role(s) you wish to assign to the document from the
<tt>Proxy Roles</tt> multiple select list and click the
<tt>Change</tt> button to set proxy roles for the document. </p><dtml-var standard_html_footer>
lib/python/Products/OFSP/help/DTML-Document_Upload.dtml
→
lib/python/Products/OFSP/help/DTML-Document
OrMethod
_Upload.dtml
View file @
12bb20e5
<dtml-var standard_html_header><h1>
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/DTML-Document.dtml">DTML Document</a>>Upload</h1>
<p> This view allows you to upload document files. </p>
<p> Use this view to completely replace the contents of a document
DTML
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/DTML-Document.dtml">Document</a>
or
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/DTML-Method.dtml">Method</a>
Upload</h1>
<p> This view allows you to upload DTML files. </p>
<p> Use this view to completely replace the contents of a document or method
with the contents of an uploaded text file from your local computer. Click the
<tt>Browse...</tt> button to locate a file to upload. Click the
<tt>Change</tt> button to replace the document's contents with the
uploaded file. </p><dtml-var standard_html_footer>
\ No newline at end of file
uploaded file. </p><dtml-var standard_html_footer>
lib/python/Products/OFSP/help/DTML-DocumentOrMethod_View.dtml
0 → 100644
View file @
12bb20e5
<dtml-var standard_html_header><h1>
DTML
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/DTML-Document.dtml">Document</a>
or
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/DTML-Method.dtml">Method</a>
View</h1>
<p> This view allows you to preview the document or method. </p><dtml-var standard_html_footer>
lib/python/Products/OFSP/help/DTML-Document_Properties.dtml
deleted
100644 → 0
View file @
8dc0c578
<dtml-var standard_html_header><h1>
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/DTML-Document.dtml">DTML Document</a>>Properties</h1>
<p> See <a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Folder_Properties.dtml">Folder>Properties</a>. </p><dtml-var standard_html_footer>
\ No newline at end of file
lib/python/Products/OFSP/help/DTML-Document_Proxy.dtml
deleted
100644 → 0
View file @
8dc0c578
<dtml-var standard_html_header><h1>
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/DTML-Document.dtml">DTML Document</a>>Proxy</h1>
<p> This view allows you to manage proxy roles for a document. </p>
<p> Proxy roles supplement the roles of the user who is viewing the
document in order to allow the document additional access. </p>
<p> Select the role(s) you wish to assign to the document from the
<tt>Proxy Roles</tt> multiple select list and click the
<tt>Change</tt> button to set proxy roles for the document. </p><dtml-var standard_html_footer>
\ No newline at end of file
lib/python/Products/OFSP/help/DTML-Document_Security.dtml
deleted
100644 → 0
View file @
8dc0c578
<dtml-var standard_html_header><h1>
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/DTML-Document.dtml">DTML Document</a>>Security</h1>
<p> See <a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Folder_Security.dtml">Folder>Security</a>. </p><dtml-var standard_html_footer>
\ No newline at end of file
lib/python/Products/OFSP/help/DTML-Document_View.dtml
deleted
100644 → 0
View file @
8dc0c578
<dtml-var standard_html_header><h1>
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/DTML-Document.dtml">DTML Document</a>>View</h1>
<p> This view allows you to preview the document. </p><dtml-var standard_html_footer>
\ No newline at end of file
lib/python/Products/OFSP/help/DTML-Method_Edit.dtml
deleted
100644 → 0
View file @
8dc0c578
<dtml-var standard_html_header><h1>
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/DTML-Method.dtml">DTML Method</a>>Edit</h1>
<p> See <a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/DTML-Document_Edit.dtml">DTML Document>Edit</a>. </p><dtml-var standard_html_footer>
\ No newline at end of file
lib/python/Products/OFSP/help/DTML-Method_Proxy.dtml
deleted
100644 → 0
View file @
8dc0c578
<dtml-var standard_html_header><h1>
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/DTML-Method.dtml">DTML Method</a>>Proxy</h1>
<p> See <a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/DTML-Document_Proxy.dtml">DTML Document>Proxy</a>. </p><dtml-var standard_html_footer>
\ No newline at end of file
lib/python/Products/OFSP/help/DTML-Method_Security.dtml
deleted
100644 → 0
View file @
8dc0c578
<dtml-var standard_html_header><h1>
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/DTML-Method.dtml">DTML Method</a>>Security</h1>
<p> See <a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Folder_Security.dtml">Folder>Security</a>. </p><dtml-var standard_html_footer>
\ No newline at end of file
lib/python/Products/OFSP/help/DTML-Method_Upload.dtml
deleted
100644 → 0
View file @
8dc0c578
<dtml-var standard_html_header><h1>
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/DTML-Method.dtml">DTML Method</a>>Upload</h1>
<p> See <a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/DTML-Document_Upload.dtml">DTML Document>Upload</a>. </p><dtml-var standard_html_footer>
\ No newline at end of file
lib/python/Products/OFSP/help/DTML-Method_View.dtml
deleted
100644 → 0
View file @
8dc0c578
<dtml-var standard_html_header><h1>
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/DTML-Method.dtml">DTML Method</a>>View</h1>
<p> See <a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/DTML-Document_View.dtml">DTML Document>View</a>. </p><dtml-var standard_html_footer>
\ No newline at end of file
lib/python/Products/OFSP/help/Database-Management_Undo.dtml
deleted
100644 → 0
View file @
8dc0c578
<dtml-var standard_html_header><h1>
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Database-Management.dtml">Database Management</a>>Undo</h1>
<p> See <a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Folder_Undo.dtml">Folder>Undo</a>. </p><dtml-var standard_html_footer>
\ No newline at end of file
lib/python/Products/OFSP/help/File_Properties.dtml
deleted
100644 → 0
View file @
8dc0c578
<dtml-var standard_html_header><h1>
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/File.dtml">File</a>>Properties</h1>
<p> See <a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Folder_Properties.dtml">Folder>Properties</a>. </p><dtml-var standard_html_footer>
\ No newline at end of file
lib/python/Products/OFSP/help/File_Security.dtml
deleted
100644 → 0
View file @
8dc0c578
<dtml-var standard_html_header><h1>
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/File.dtml">File</a>>Security</h1>
<p> See <a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Folder_Security.dtml">Folder>Security</a>. </p><dtml-var standard_html_footer>
\ No newline at end of file
lib/python/Products/OFSP/help/F
older_F
ind.dtml
→
lib/python/Products/OFSP/help/Find.dtml
View file @
12bb20e5
<dtml-var standard_html_header><h1>
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Folder.dtml">Folder</a>>Find</h1>
<dtml-var standard_html_header><h1>Find</h1>
<p> This view allows you to search for Zope objects. </p>
<p> To find objects you specify search criteria in the top frame and
then click the <tt>Find</tt> button. The find results will appear in
...
...
@@ -14,4 +13,4 @@
and enter a DateTime string in the field to restrict found items by
modification date. Finally you may choose to either the <tt>Search only in
this folder</tt> or the <tt>Search all subfolders</tt> radio box
to control where Zope should look for found items. </p><dtml-var standard_html_footer>
\ No newline at end of file
to control where Zope should look for found items. </p><dtml-var standard_html_footer>
lib/python/Products/OFSP/help/Image_Edit.dtml
deleted
100644 → 0
View file @
8dc0c578
<dtml-var standard_html_header><h1>
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Image.dtml">Image</a>>Edit</h1>
<p> See <a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/File_Edit.dtml">File>Edit</a>. </p><dtml-var standard_html_footer>
\ No newline at end of file
lib/python/Products/OFSP/help/Image_Properties.dtml
deleted
100644 → 0
View file @
8dc0c578
<dtml-var standard_html_header><h1>
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Image.dtml">Image</a>>Properties</h1>
<p> See <a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Folder_Properties.dtml">Folder>Properties</a>. </p><dtml-var standard_html_footer>
\ No newline at end of file
lib/python/Products/OFSP/help/Image_Security.dtml
deleted
100644 → 0
View file @
8dc0c578
<dtml-var standard_html_header><h1>
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Image.dtml">Image</a>>Security</h1>
<p> See <a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Folder_Security.dtml">Folder>Security</a>. </p><dtml-var standard_html_footer>
\ No newline at end of file
lib/python/Products/OFSP/help/Image_Upload.dtml
deleted
100644 → 0
View file @
8dc0c578
<dtml-var standard_html_header><h1>
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Image.dtml">Image</a>>Upload</h1>
<p> See <a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/File_Upload.dtml">File>Upload</a>. </p><dtml-var standard_html_footer>
\ No newline at end of file
lib/python/Products/OFSP/help/
Fold
er_Contents.dtml
→
lib/python/Products/OFSP/help/
ObjectManag
er_Contents.dtml
View file @
12bb20e5
File moved
lib/python/Products/OFSP/help/
Fold
er_Import-Export.dtml
→
lib/python/Products/OFSP/help/
ObjectManag
er_Import-Export.dtml
View file @
12bb20e5
File moved
lib/python/Products/OFSP/help/Product-Management_Contents.dtml
deleted
100644 → 0
View file @
8dc0c578
<dtml-var standard_html_header><h1>
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Product-Management.dtml">Product Management</a>>Contents</h1>
<p> See <a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Folder_Contents.dtml">Folder>Contents</a>. </p><dtml-var standard_html_footer>
\ No newline at end of file
lib/python/Products/OFSP/help/Product-Management_Find.dtml
deleted
100644 → 0
View file @
8dc0c578
<dtml-var standard_html_header><h1>
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Product-Management.dtml">Product Management</a>>Find</h1>
<p> See <a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Folder_Find.dtml">Folder>Find</a>. </p><dtml-var standard_html_footer>
\ No newline at end of file
lib/python/Products/OFSP/help/Product-Management_Properties.dtml
deleted
100644 → 0
View file @
8dc0c578
<dtml-var standard_html_header><h1>
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Product-Management.dtml">Product Management</a>>Properties</h1>
<p> See <a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Folder_Properties.dtml">Folder>Properties</a>. </p><dtml-var standard_html_footer>
\ No newline at end of file
lib/python/Products/OFSP/help/Product-Management_Security.dtml
deleted
100644 → 0
View file @
8dc0c578
<dtml-var standard_html_header><h1>
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Product-Management.dtml">Product Management</a>>Security</h1>
<p> See <a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Folder_Security.dtml">Folder>Security</a>. </p><dtml-var standard_html_footer>
\ No newline at end of file
lib/python/Products/OFSP/help/Product-Management_Undo.dtml
deleted
100644 → 0
View file @
8dc0c578
<dtml-var standard_html_header><h1>
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Product-Management.dtml">Product Management</a>>Undo</h1>
<p> See <a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Folder_Undo.dtml">Folder>Undo</a>. </p><dtml-var standard_html_footer>
\ No newline at end of file
lib/python/Products/OFSP/help/Product_Contents.dtml
deleted
100644 → 0
View file @
8dc0c578
<dtml-var standard_html_header><h1>
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Product.dtml">Product</a>>Contents</h1>
<p> See <a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Folder_Contents.dtml">Folder>Contents</a>. </p><dtml-var standard_html_footer>
\ No newline at end of file
lib/python/Products/OFSP/help/Product_Find.dtml
deleted
100644 → 0
View file @
8dc0c578
<dtml-var standard_html_header><h1>
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Product.dtml">Product</a>>Find</h1>
<p> See <a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Folder_Find.dtml">Folder>Find</a>. </p><dtml-var standard_html_footer>
\ No newline at end of file
lib/python/Products/OFSP/help/Product_Properties.dtml
deleted
100644 → 0
View file @
8dc0c578
<dtml-var standard_html_header><h1>
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Product.dtml">Product</a>>Properties</h1>
<p> See <a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Folder_Properties.dtml">Folder>Properties</a>. </p><dtml-var standard_html_footer>
\ No newline at end of file
lib/python/Products/OFSP/help/Product_Undo.dtml
deleted
100644 → 0
View file @
8dc0c578
<dtml-var standard_html_header><h1>
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Product.dtml">Product</a>>Undo</h1>
<p> See <a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Folder_Undo.dtml">Folder>Undo</a>. </p><dtml-var standard_html_footer>
\ No newline at end of file
lib/python/Products/OFSP/help/
Folder_
Properties.dtml
→
lib/python/Products/OFSP/help/Properties.dtml
View file @
12bb20e5
<dtml-var standard_html_header><h1>
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Folder.dtml">Folder</a>>Properties</h1>
<dtml-var standard_html_header><h1>Properties</h1>
<p> This view allows you to define properties on your folder. </p>
<p> Current properties are listed one per line. You can change the
value of existing properties by entering new values in the text entry field(s)
...
...
@@ -74,4 +73,4 @@
<td>A list of strings selected by a selection list.</td>
</tr>
</table><dtml-var standard_html_footer>
\ No newline at end of file
</table><dtml-var standard_html_footer>
lib/python/Products/OFSP/help/Security-DefinePermissions.dtml
0 → 100644
View file @
12bb20e5
<dtml-var standard_html_header>
<h3>The "Define Permissions" View</h3>
<p> Permissions are used to represent abstract operations or
types of usage. A permission may correspond to many
low-level object operations. Permissions provide a way to
control access to operations without having to list each
operation explicitly.</p>
<p> When creating products or ZClasses, we use high-level
objects, like DTML Methods to define operations. These
high-level objects have thier own permissions, which
represent abstract operations on the low-level
operations of these high-level objects.</p>
<p> When defining permissions for our products and ZClasses,
we need to define what low-level operations these new
permissions correspond to. We could enumerate the
low-level operations of the high-level objects used to
implement the operations of our products or ZClasses, but
this would be:</p>
<ul><li><p>Cumbersone,</p>
<li><p>Error prone, and</p>
<li><p>likely to break as the interfaces of the high-level
objects evolve.</p>
</ul>
<p> What we do instead is to treat the permissions of the
high-level objects used to implement a product or ZClass'
operations as the low-level operations that the product or
ZClass operation's abstract. </p>
<p> This is done via the "Define Permissions" view.
The "Define Permissions" view is used to define how the
operations of this object (or objects that acquire
permission settings from this object) correspond to the
operations defined by your product or ZClass.</p>
<p> The view has a table with two columns. The first
column lists the permissions for an object. The second
column specifies the permissions that should have this
permission in this product or ZClass. For ZClass methods,
only permissions that are defined for the ZClass are
permitted.</p>
<p> In general, any permissions that include operations that
change (mutate) an object should be disabled. Otherwise,
a method could be modified when used on an instance, such
as a ZClass instance.</p>
<dtml-var standard_html_footer>
lib/python/Products/OFSP/help/
Folder_
Security.dtml
→
lib/python/Products/OFSP/help/Security.dtml
View file @
12bb20e5
<dtml-var standard_html_header><h1>
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Folder.dtml">Folder</a>>Security</h1>
<dtml-var standard_html_header><h1>Security</h1>
<p> This view allows you to define security settings for this item.
Security settings are defined in terms of roles and permissions. When a role is
assigned to a permission, users with the given role will be able to perform
...
...
@@ -22,4 +21,4 @@
clicking the <tt>Add Role</tt> button. You can delete any existing
user defined roles by selecting them from the selection list under the
<tt>User defined roles</tt> heading and clicking the <tt>Delete
Role</tt> button. </p><dtml-var standard_html_footer>
\ No newline at end of file
Role</tt> button. </p><dtml-var standard_html_footer>
lib/python/Products/OFSP/help/
Folder_
Undo.dtml
→
lib/python/Products/OFSP/help/Undo.dtml
View file @
12bb20e5
<dtml-var standard_html_header><h1>
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Folder.dtml">Folder</a>>Undo</h1>
<dtml-var standard_html_header><h1>Undo</h1>
<p> This view allows you to undo changes to Zope's database. </p>
<p> Zope allows you to undo changes to its database. Changes are
defined in terms of transactions which group together related changes. Each
...
...
@@ -9,4 +8,4 @@
checking the checkbox next to it and then click either of the
<tt>Undo</tt> buttons. To see earlier or later transactions click the
<tt>Earlier Transactions</tt> or <tt>Later
Transactions</tt> links a the bottom and top of the view. </p><dtml-var standard_html_footer>
\ No newline at end of file
Transactions</tt> links a the bottom and top of the view. </p><dtml-var standard_html_footer>
lib/python/Products/OFSP/help/User-Folder_Security.dtml
deleted
100644 → 0
View file @
8dc0c578
<dtml-var standard_html_header><h1>
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/User-Folder.dtml">User Folder</a>>Security</h1>
<p> See <a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Folder_Security.dtml">Folder>Security</a>. </p><dtml-var standard_html_footer>
\ No newline at end of file
lib/python/Products/OFSP/help/User-Folder_Undo.dtml
deleted
100644 → 0
View file @
8dc0c578
<dtml-var standard_html_header><h1>
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/User-Folder.dtml">User Folder</a>>Undo</h1>
<p> See <a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Folder_Undo.dtml">Folder>Undo</a>. </p><dtml-var standard_html_footer>
\ No newline at end of file
lib/python/Products/OFSP/help/Version_Security.dtml
deleted
100644 → 0
View file @
8dc0c578
<dtml-var standard_html_header><h1>
<a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Version.dtml">Version</a>>Security</h1>
<p> See <a href="<dtml-var SCRIPT_NAME>/Control_Panel/Products/OFSP/Help/Folder_Security.dtml">Folder>Security</a>. </p><dtml-var standard_html_footer>
\ No newline at end of file
lib/python/Products/ZCatalog/Lazy.py
View file @
12bb20e5
...
...
@@ -82,12 +82,15 @@
# attributions are listed in the accompanying credits file.
#
##############################################################################
__doc__
=
'''$Id: Lazy.py,v 1.
1 1999/06/22 14:14:47 michel
Exp $'''
__version__
=
'$Revision: 1.
1
$'
[
11
:
-
2
]
__doc__
=
'''$Id: Lazy.py,v 1.
2 2000/05/11 18:54:16 jim
Exp $'''
__version__
=
'$Revision: 1.
2
$'
[
11
:
-
2
]
class
Lazy
:
# Allow (reluctantly) access to unprotected attributes
__allow_access_to_unprotected_subobjects__
=
1
def
__repr__
(
self
):
return
`list(self)`
def
__len__
(
self
):
...
...
lib/python/Products/ZCatalog/Vocabulary.py
View file @
12bb20e5
...
...
@@ -85,7 +85,7 @@
"""ZCatalog product"""
from
Globals
import
HTMLFile
,
MessageDialog
import
Globals
import
Globals
,
AccessControl
.
Role
from
Acquisition
import
Implicit
from
Persistence
import
Persistent
from
OFS.SimpleItem
import
Item
...
...
@@ -104,7 +104,9 @@ def manage_addVocabulary(self, id, title, globbing=None, REQUEST=None):
return
self
.
manage_main
(
self
,
REQUEST
)
class
Vocabulary
(
Item
,
Persistent
,
Implicit
):
class
Vocabulary
(
Item
,
Persistent
,
Implicit
,
AccessControl
.
Role
.
RoleManager
,
):
"""
A Vocabulary is a user managable relization of a Lexicon object.
...
...
@@ -115,15 +117,15 @@ class Vocabulary(Item, Persistent, Implicit):
manage_options
=
(
## {'label': 'Manage', 'action': 'manage_main',
## 'target': 'manage_main'},
(
{
'label'
:
'Vocabulary'
,
'action'
:
'manage_vocabulary'
,
'target'
:
'manage_main'
},
{
'label'
:
'Query'
,
'action'
:
'manage_query'
,
'target'
:
'manage_main'
},
)
+
Item
.
manage_options
+
AccessControl
.
Role
.
RoleManager
.
manage_options
)
__ac_permissions__
=
(
...
...
lib/python/Products/ZCatalog/ZCatalog.py
View file @
12bb20e5
...
...
@@ -101,6 +101,7 @@ from Catalog import Catalog, orify
from
SearchIndex
import
UnIndex
,
UnTextIndex
from
Vocabulary
import
Vocabulary
import
IOBTree
from
AccessControl
import
getSecurityManager
manage_addZCatalogForm
=
HTMLFile
(
'addZCatalog'
,
globals
())
...
...
@@ -166,9 +167,6 @@ class ZCatalog(Folder, Persistent, Implicit):
icon
=
'misc_/ZCatalog/ZCatalog.gif'
manage_options
=
(
{
'label'
:
'Contents'
,
'action'
:
'manage_main'
,
'target'
:
'manage_main'
,
'help'
:(
'ZCatalog'
,
'ZCatalog_Contents.dtml'
)},
{
'label'
:
'Cataloged Objects'
,
'action'
:
'manage_catalogView'
,
'target'
:
'manage_main'
,
'help'
:(
'ZCatalog'
,
'ZCatalog_Cataloged-Objects.dtml'
)},
...
...
@@ -184,7 +182,7 @@ class ZCatalog(Folder, Persistent, Implicit):
{
'label'
:
'Status'
,
'action'
:
'manage_catalogStatus'
,
'target'
:
'manage_main'
,
'help'
:(
'ZCatalog'
,
'ZCatalog_Status.dtml'
)},
)
)
+
Folder
.
manage_options
__ac_permissions__
=
(
...
...
@@ -540,8 +538,6 @@ class ZCatalog(Folder, Persistent, Implicit):
if
obj_expr
:
# Setup expr machinations
md
=
td
()
if
hasattr
(
REQUEST
,
'AUTHENTICATED_USER'
):
md
.
AUTHENTICATED_USER
=
REQUEST
.
AUTHENTICATED_USER
obj_expr
=
(
Eval
(
obj_expr
,
expr_globals
),
md
,
md
.
_push
,
md
.
_pop
)
base
=
obj
...
...
@@ -633,8 +629,10 @@ def absattr(attr):
return
attr
class
td
(
TemplateDict
,
cDocument
):
pass
class
td
(
TemplateDict
):
def
validate
(
self
,
inst
,
parent
,
name
,
value
,
md
):
return
getSecurityManager
().
validate
(
inst
,
parent
,
name
,
value
)
def
expr_match
(
ob
,
ed
,
c
=
InstanceDict
,
r
=
0
):
e
,
md
,
push
,
pop
=
ed
...
...
lib/python/Shared/DC/ZRDB/Connection.py
View file @
12bb20e5
...
...
@@ -84,9 +84,8 @@
##############################################################################
__doc__
=
'''Generic Database Connection Support
$Id: Connection.py,v 1.22 2000/05/04 13:32:06 shane Exp $'''
__version__
=
'$Revision: 1.22 $'
[
11
:
-
2
]
$Id: Connection.py,v 1.23 2000/05/11 18:54:16 jim Exp $'''
__version__
=
'$Revision: 1.23 $'
[
11
:
-
2
]
import
Globals
,
OFS
.
SimpleItem
,
AccessControl
.
Role
,
Acquisition
,
sys
from
DateTime
import
DateTime
...
...
@@ -106,10 +105,13 @@ class Connection(
# Specify definitions for tabs:
manage_options
=
(
(
{
'label'
:
'Status'
,
'action'
:
'manage_main'
},
{
'label'
:
'Properties'
,
'action'
:
'manage_properties'
},
{
'label'
:
'Test'
,
'action'
:
'manage_testForm'
},
{
'label'
:
'Security'
,
'action'
:
'manage_access'
},
)
+
OFS
.
SimpleItem
.
Item
.
manage_options
+
AccessControl
.
Role
.
RoleManager
.
manage_options
)
# Specify how individual operations add up to "permissions":
...
...
lib/python/Shared/DC/ZRDB/DA.py
View file @
12bb20e5
...
...
@@ -85,8 +85,8 @@
__doc__
=
'''Generic Database adapter
$Id: DA.py,v 1.8
1 2000/04/19 17:50:43 jeffrey
Exp $'''
__version__
=
'$Revision: 1.8
1
$'
[
11
:
-
2
]
$Id: DA.py,v 1.8
2 2000/05/11 18:54:16 jim
Exp $'''
__version__
=
'$Revision: 1.8
2
$'
[
11
:
-
2
]
import
OFS.SimpleItem
,
Aqueduct
,
RDB
import
DocumentTemplate
,
marshal
,
md5
,
base64
,
Acquisition
,
os
...
...
@@ -97,7 +97,6 @@ from cStringIO import StringIO
import
sys
,
Globals
,
OFS
.
SimpleItem
,
AccessControl
.
Role
from
string
import
atoi
,
find
,
join
,
split
import
DocumentTemplate
,
sqlvar
,
sqltest
,
sqlgroup
from
AccessControl.User
import
verify_watermark
from
DocumentTemplate.DT_Util
import
cDocument
from
time
import
time
from
zlib
import
compress
,
decompress
...
...
@@ -108,6 +107,7 @@ import DocumentTemplate.DT_Util
from
cPickle
import
dumps
,
loads
from
Results
import
Results
from
App.Extensions
import
getBrain
from
AccessControl
import
getSecurityManager
try
:
from
IOBTree
import
Bucket
except
:
Bucket
=
lambda
:{}
...
...
@@ -147,14 +147,16 @@ class DA(
template_class
=
SQL
manage_options
=
(
(
{
'label'
:
'Edit'
,
'action'
:
'manage_main'
,
'help'
:(
'ZSQLMethods'
,
'Z-SQL-Method_Edit.dtml'
)},
{
'label'
:
'Test'
,
'action'
:
'manage_testForm'
,
'help'
:(
'ZSQLMethods'
,
'Z-SQL-Method_Test.dtml'
)},
{
'label'
:
'Advanced'
,
'action'
:
'manage_advancedForm'
,
'help'
:(
'ZSQLMethods'
,
'Z-SQL-Method_Advanced.dtml'
)},
{
'label'
:
'Security'
,
'action'
:
'manage_access'
,
'help'
:(
'ZSQLMethods'
,
'Z-SQL-Method_Security.dtml'
)},
)
+
OFS
.
SimpleItem
.
Item
.
manage_options
+
AccessControl
.
Role
.
RoleManager
.
manage_options
)
# Specify how individual operations add up to "permissions":
...
...
@@ -425,19 +427,10 @@ class DA(
argdata
[
'sql_delimiter'
]
=
'
\
0
'
argdata
[
'sql_quote__'
]
=
dbc
.
sql_quote__
# Also need the authenticated user.
auth_user
=
REQUEST
.
get
(
'AUTHENTICATED_USER'
,
None
)
if
auth_user
is
None
:
auth_user
=
getattr
(
self
,
'REQUEST'
,
None
)
if
auth_user
is
not
None
:
try
:
auth_user
=
auth_user
.
get
(
'AUTHENTICATED_USER'
,
None
)
except
:
auth_user
=
None
if
auth_user
is
not
None
:
verify_watermark
(
auth_user
)
argdata
[
'AUTHENTICATED_USER'
]
=
auth_user
query
=
apply
(
self
.
template
,
(
p
,
argdata
))
security
=
getSecurityManager
()
security
.
addContext
(
self
)
try
:
query
=
apply
(
self
.
template
,
(
p
,
argdata
))
finally
:
security
.
removeContext
(
self
)
if
src__
:
return
query
...
...
lib/python/ZPublisher/BaseRequest.py
View file @
12bb20e5
...
...
@@ -82,7 +82,7 @@
# attributions are listed in the accompanying credits file.
#
##############################################################################
__version__
=
'$Revision: 1.2
5
$'
[
11
:
-
2
]
__version__
=
'$Revision: 1.2
6
$'
[
11
:
-
2
]
from
string
import
join
,
split
,
find
,
rfind
,
lower
,
upper
from
urllib
import
quote
...
...
@@ -124,6 +124,9 @@ class BaseRequest:
_auth
=
None
_held
=
()
# Allow (reluctantly) access to unprotected attributes
__allow_access_to_unprotected_subobjects__
=
1
def
__init__
(
self
,
other
=
None
,
**
kw
):
"""The constructor is not allowed to raise errors
"""
...
...
@@ -218,7 +221,7 @@ class BaseRequest:
__repr__
=
__str__
def
traverse
(
self
,
path
,
response
=
None
):
def
traverse
(
self
,
path
,
response
=
None
,
validated_hook
=
None
):
"""Traverse the object space
The REQUEST must already have a PARENTS item with at least one
...
...
@@ -264,8 +267,7 @@ class BaseRequest:
try
:
# We build parents in the wrong order, so we
# need to make sure we reverse it when we're doe.
if
hasattr
(
object
,
'__roles__'
):
roles
=
object
.
__roles__
else
:
roles
=
UNSPECIFIED_ROLES
roles
=
getattr
(
object
,
'__roles__'
,
UNSPECIFIED_ROLES
)
# if the top object has a __bobo_traverse__ method, then use it
# to possibly traverse to an alternate top-level object.
...
...
@@ -296,9 +298,12 @@ class BaseRequest:
steps
=
self
.
steps
path
.
reverse
()
pop
=
path
.
pop
# request['path']=path
while
path
:
entry_name
=
path
[
-
1
]
del
path
[
-
1
]
entry_name
=
pop
()
URL
=
"%s/%s"
%
(
URL
,
quote
(
entry_name
))
got
=
0
# Can't find it? XXX
if
entry_name
:
...
...
@@ -356,13 +361,11 @@ class BaseRequest:
"Missing doc string at: %s"
%
URL
)
else
:
return
response
.
notFoundError
(
"%s"
%
(
URL
))
if
hasattr
(
subobject
,
'__roles__'
):
roles
=
subobject
.
__roles__
else
:
if
not
got
:
roleshack
=
entry_name
+
'__roles__'
if
hasattr
(
object
,
roleshack
):
roles
=
getattr
(
object
,
roleshack
)
r
=
getattr
(
subobject
,
'__roles__'
,
UNSPECIFIED_ROLES
)
if
r
is
not
UNSPECIFIED_ROLES
:
roles
=
r
elif
not
got
:
roles
=
getattr
(
subobject
,
entry_name
+
'__roles__'
,
roles
)
# Promote subobject to object
parents
.
append
(
object
)
...
...
@@ -377,7 +380,7 @@ class BaseRequest:
and
getattr
(
object
,
method
)
is
not
None
):
request
.
_hacked_path
=
1
path
=
[
method
]
path
.
append
(
method
)
else
:
if
(
hasattr
(
object
,
'__call__'
)
and
hasattr
(
object
.
__call__
,
'__roles__'
)):
...
...
@@ -458,8 +461,7 @@ class BaseRequest:
steps
=
join
(
steps
[:
-
i
],
'/'
)
if
user
is
not
None
:
# Try to set a watermark on the user object.
user
.
_v__marker__
=
_marker
if
validated_hook
is
not
None
:
validated_hook
(
self
,
user
)
request
[
'AUTHENTICATED_USER'
]
=
user
request
[
'AUTHENTICATION_PATH'
]
=
steps
...
...
lib/python/ZPublisher/BaseResponse.py
View file @
12bb20e5
...
...
@@ -84,8 +84,8 @@
##############################################################################
'''CGI Response Output formatter
$Id: BaseResponse.py,v 1.
5 1999/09/23 21:55:12
jim Exp $'''
__version__
=
'$Revision: 1.
5
$'
[
11
:
-
2
]
$Id: BaseResponse.py,v 1.
6 2000/05/11 18:54:17
jim Exp $'''
__version__
=
'$Revision: 1.
6
$'
[
11
:
-
2
]
import
string
,
types
,
sys
,
regex
from
string
import
find
,
rfind
,
lower
,
upper
,
strip
,
split
,
join
,
translate
...
...
@@ -99,7 +99,10 @@ class BaseResponse:
debug_mode
=
None
_auth
=
None
_error_format
=
'text/plain'
# Allow (reluctantly) access to unprotected attributes
__allow_access_to_unprotected_subobjects__
=
1
def
__init__
(
self
,
stdout
,
stderr
,
body
=
''
,
headers
=
None
,
status
=
None
,
cookies
=
None
):
self
.
stdout
=
stdout
...
...
lib/python/ZPublisher/Publish.py
View file @
12bb20e5
...
...
@@ -84,8 +84,8 @@
##############################################################################
__doc__
=
"""Python Object Publisher -- Publish Python objects on web servers
$Id: Publish.py,v 1.14
5 2000/05/09 19:20:28
jim Exp $"""
__version__
=
'$Revision: 1.14
5
$'
[
11
:
-
2
]
$Id: Publish.py,v 1.14
6 2000/05/11 18:54:17
jim Exp $"""
__version__
=
'$Revision: 1.14
6
$'
[
11
:
-
2
]
import
sys
,
os
from
string
import
lower
,
atoi
,
rfind
,
strip
...
...
@@ -128,7 +128,7 @@ def publish(request, module_name, after_list, debug=0,
):
(
bobo_before
,
bobo_after
,
object
,
realm
,
debug_mode
,
err_hook
,
have_transactions
)
=
get_module_info
(
module_name
)
validated_hook
,
have_transactions
)
=
get_module_info
(
module_name
)
parents
=
None
...
...
@@ -158,7 +158,7 @@ def publish(request, module_name, after_list, debug=0,
if
have_transactions
:
get_transaction
().
begin
()
object
=
request
.
traverse
(
path
)
object
=
request
.
traverse
(
path
,
validated_hook
=
validated_hook
)
# Record transaction meta-data
if
have_transactions
:
...
...
@@ -312,13 +312,14 @@ def get_module_info(module_name, modules={},
else
:
object
=
module
error_hook
=
getattr
(
module
,
'zpublisher_exception_hook'
,
None
)
validated_hook
=
getattr
(
module
,
'zpublisher_validated_hook'
,
None
)
try
:
get_transaction
()
except
:
have_transactions
=
0
else
:
have_transactions
=
1
info
=
(
bobo_before
,
bobo_after
,
object
,
realm
,
debug_mode
,
error_hook
,
have_transactions
)
error_hook
,
validated_hook
,
have_transactions
)
modules
[
module_name
]
=
modules
[
module_name
+
'.cgi'
]
=
info
...
...
lib/python/Zope/__init__.py
View file @
12bb20e5
...
...
@@ -93,6 +93,7 @@ sys.path.insert(0, os.path.join(SOFTWARE_HOME, 'ZopeZODB3'))
import
ZODB
,
ZODB
.
ZApplication
,
imp
import
Globals
,
OFS
.
Application
,
sys
import
AccessControl.SecurityManagement
,
AccessControl
.
User
Globals
.
BobobaseName
=
'%s/Data.fs'
%
Globals
.
data_dir
Globals
.
DatabaseVersion
=
'3'
...
...
@@ -128,6 +129,10 @@ Globals.opened.append(DB)
import
ClassFactory
DB
.
setClassFactory
(
ClassFactory
.
ClassFactory
)
# "Log on" as system user
AccessControl
.
SecurityManagement
.
newSecurityManager
(
None
,
AccessControl
.
User
.
system
)
# Set up the "application" object that automagically opens
# connections
app
=
bobo_application
=
ZODB
.
ZApplication
.
ZApplicationWrapper
(
...
...
@@ -140,10 +145,14 @@ OFS.Application.initialize(c)
c
.
_p_jar
.
close
()
del
c
# "Log off" as system user
AccessControl
.
SecurityManagement
.
noSecurityManager
()
# This is sneaky, but we don't want to play with Main:
sys
.
modules
[
'Main'
]
=
sys
.
modules
[
'Zope'
]
import
ZODB.POSException
,
ZPublisher
,
string
,
ZPublisher
,
AccessControl
.
User
import
ZODB.POSException
,
ZPublisher
,
string
,
ZPublisher
import
ExtensionClass
from
zLOG
import
LOG
,
INFO
...
...
@@ -212,3 +221,7 @@ def zpublisher_exception_hook(
f
(
client
,
REQUEST
,
t
,
v
,
traceback
)
finally
:
traceback
=
None
zpublisher_validated_hook
=
AccessControl
.
SecurityManagement
.
newSecurityManager
__bobo_before__
=
AccessControl
.
SecurityManagement
.
noSecurityManager
lib/python/webdav/Resource.py
View file @
12bb20e5
...
...
@@ -85,7 +85,7 @@
"""WebDAV support - resource objects."""
__version__
=
'$Revision: 1.2
8
$'
[
11
:
-
2
]
__version__
=
'$Revision: 1.2
9
$'
[
11
:
-
2
]
import
sys
,
os
,
string
,
mimetypes
,
davcmds
,
ExtensionClass
from
common
import
absattr
,
aq_base
,
urlfix
,
rfc1123_date
...
...
@@ -129,13 +129,11 @@ class Resource(ExtensionClass.Base):
else
:
try
:
method
=
object
.
aq_acquire
(
methodname
)
except
:
method
=
None
if
(
method
is
not
None
)
and
hasattr
(
method
,
'__roles__'
):
roles
=
method
.
__roles__
user
=
REQUEST
.
get
(
'AUTHENTICATED_USER'
,
None
)
__traceback_info__
=
methodname
,
str
(
roles
),
user
if
(
not
hasattr
(
user
,
'hasRole'
)
or
not
user
.
hasRole
(
None
,
roles
)):
raise
'Unauthorized'
,
msg
return
1
if
method
is
not
None
:
try
:
return
getSecurityManager
().
validateValue
(
method
)
except
:
pass
raise
'Unauthorized'
,
msg
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment