- fixed checkValidId, disallowing IDs starting with '@'

a5e591cc · e7adbdd2 · a5e591cc · a5e591cc · a5e591cc
Commit a5e591cc authored Mar 10, 2006 by
Showing with 8 additions and 0 deletions

doc/CHANGES.txt doc/CHANGES.txt +3 -0

lib/python/OFS/ObjectManager.py lib/python/OFS/ObjectManager.py +3 -0

lib/python/OFS/tests/testObjectManager.py lib/python/OFS/tests/testObjectManager.py +2 -0

No files found.
--- a/doc/CHANGES.txt
+++ b/doc/CHANGES.txt
@@ -18,6 +18,9 @@ Zope Changes

    Bugs fixed

+      - OFS ObjectManager: Fixed 'checkValidId'.
+        Names starting with '@' are reserved for views and not allowed in IDs.
+
      - Collector #2039: 'ZPublisher.HTTPRequest.HTTPRequest._authUserPW'
        choked on passwords which contained colons.


--- a/lib/python/OFS/ObjectManager.py
+++ b/lib/python/OFS/ObjectManager.py
@@ -72,6 +72,9 @@ def checkValidId(self, id, allow_dup=0):
        'The id "%s" is invalid because it begins with "aq_".' % id)
    if id.endswith('__'): raise BadRequest, (
        'The id "%s" is invalid because it ends with two underscores.' % id)
+    if id[0] == '@':
+        raise BadRequest('The id "%s" is invalid because it begins with '
+                         '"@".' % id)
    if not allow_dup:
        obj = getattr(self, id, None)
        if obj is not None:

--- a/lib/python/OFS/tests/testObjectManager.py
+++ b/lib/python/OFS/tests/testObjectManager.py
@@ -354,6 +354,8 @@ class ObjectManagerTests( unittest.TestCase ):
        self.assertRaises(BadRequest, om._setObject, '111', si)
        self.assertRaises(BadRequest, om._setObject, 'REQUEST', si)
        self.assertRaises(BadRequest, om._setObject, '/', si)
+        self.assertRaises(BadRequest, om._setObject, '@@view', si)
+

 def test_suite():
    suite = unittest.TestSuite()