Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
erp5
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Laurent S
erp5
Commits
a95a5aec
Commit
a95a5aec
authored
Dec 12, 2016
by
Vincent Pelletier
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
fixup! ERP5Security.ERP5UserFactory: cache path instead of object.
Apply security in ERP5User methods.
parent
a14341a6
Changes
1
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
6 additions
and
6 deletions
+6
-6
product/ERP5Security/ERP5UserFactory.py
product/ERP5Security/ERP5UserFactory.py
+6
-6
No files found.
product/ERP5Security/ERP5UserFactory.py
View file @
a95a5aec
...
...
@@ -204,7 +204,7 @@ class ERP5User(PropertiedUser):
"""
result
=
self
.
_user_path
if
result
is
not
None
:
return
self
.
getPortalObject
().
un
restrictedTraverse
(
result
)
return
self
.
getPortalObject
().
restrictedTraverse
(
result
)
# user id may match in more than one PAS plugin, but fail if more than one
# underlying path is found.
user_path_set
=
{
x
[
'path'
]
for
x
in
self
.
aq_parent
.
searchUsers
(
...
...
@@ -214,7 +214,7 @@ class ERP5User(PropertiedUser):
if
user_path_set
:
user_path
,
=
user_path_set
self
.
_user_path
=
user_path
return
self
.
getPortalObject
().
un
restrictedTraverse
(
user_path
)
return
self
.
getPortalObject
().
restrictedTraverse
(
user_path
)
def
getLoginValue
(
self
):
""" -> login document
...
...
@@ -223,7 +223,7 @@ class ERP5User(PropertiedUser):
"""
result
=
self
.
_login_path
if
result
is
not
None
:
return
self
.
getPortalObject
().
un
restrictedTraverse
(
result
)
return
self
.
getPortalObject
().
restrictedTraverse
(
result
)
# user name may match at most once, or there can be endless ambiguity.
user_list
=
[
x
for
x
in
self
.
aq_parent
.
searchUsers
(
exact_match
=
True
,
...
...
@@ -233,7 +233,7 @@ class ERP5User(PropertiedUser):
user
,
=
user_list
login
,
=
user
[
'login_list'
]
result
=
self
.
_login_path
=
login
[
'path'
]
return
self
.
getPortalObject
().
un
restrictedTraverse
(
result
)
return
self
.
getPortalObject
().
restrictedTraverse
(
result
)
def
getLoginValueList
(
self
,
portal_type
=
None
,
limit
=
None
):
""" -> list of login documents
...
...
@@ -251,8 +251,8 @@ class ERP5User(PropertiedUser):
)
if
'login_list'
in
user
for
login
in
user
[
'login_list'
]
}
unrestrictedTraverse
=
self
.
getPortalObject
().
un
restrictedTraverse
return
[
un
restrictedTraverse
(
x
)
for
x
in
user_path_set
]
restrictedTraverse
=
self
.
getPortalObject
().
restrictedTraverse
return
[
restrictedTraverse
(
x
)
for
x
in
user_path_set
]
InitializeClass
(
ERP5User
)
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment