Commit 786b4b55 authored by Aurel's avatar Aurel

make the security works on accessors

if no security defined use a default one


git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@21086 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent 4042ea2d
......@@ -36,6 +36,7 @@ from zLOG import LOG
from Products.ERP5Type.Cache import CachingMethod
from Products.ERP5Type.PsycoWrapper import psyco
from AccessControl.ImplPython import rolesForPermissionOn
# Creation of default constructor
class func_code: pass
......@@ -193,3 +194,30 @@ class Tester(Method):
def __call__(self, instance, *args, **kw):
return getattr(aq_base(instance), self._storage_id, None) not in self._null
try:
from ZODB.Transaction import Transaction
# Zope 2.7 do not patch
except ImportError:
# Zope 2.8, patch
class __roles__:
@staticmethod
def rolesForPermissionOn(ob):
roles = getattr(ob.im_self, '%s__roles__' % ob.__name__, None)
if roles is None:
return rolesForPermissionOn(None, ob.im_self, ('Manager',),
'_Modify_portal_content_Permission')
else:
return roles
Setter.__roles__ = __roles__
class __roles__:
@staticmethod
def rolesForPermissionOn(ob):
roles = getattr(ob.im_self, '%s__roles__' % ob.__name__, None)
if roles is None:
return rolesForPermissionOn(None, ob.im_self, ('Manager',),
'_Access_contents_information_Permission')
else:
return roles
Getter.__roles__ = __roles__
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment