Commit 11d463f1 authored by Aurel's avatar Aurel

make security works on accessor only on zope 2.8


git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@20999 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent 9122fa76
...@@ -35,10 +35,7 @@ class Accessor(Method): ...@@ -35,10 +35,7 @@ class Accessor(Method):
""" """
Generic Accessor - placehold for common methods Generic Accessor - placehold for common methods
""" """
class __roles__:
@staticmethod
def rolesForPermissionOn(ob):
return getattr(ob.im_self, '%s__roles__' % ob.__name__)
def __getinitargs__(self): def __getinitargs__(self):
init = getattr(self, '__init__', None) init = getattr(self, '__init__', None)
...@@ -68,3 +65,16 @@ class Accessor(Method): ...@@ -68,3 +65,16 @@ class Accessor(Method):
# Returns a reindexing alias # Returns a reindexing alias
from Alias import ReindexAlias from Alias import ReindexAlias
return ReindexAlias(id, self.__name__) return ReindexAlias(id, self.__name__)
try:
from ZODB.Transaction import Transaction
# Zope 2.7 do not patch
except ImportError:
# Zope 2.8, patch
class __roles__:
@staticmethod
def rolesForPermissionOn(ob):
return getattr(ob.im_self, '%s__roles__' % ob.__name__)
Accessor.__roles__ = __roles__
...@@ -2097,6 +2097,13 @@ class TestPropertySheet: ...@@ -2097,6 +2097,13 @@ class TestPropertySheet:
def test_DefaultSecurityOnAccessors(self): def test_DefaultSecurityOnAccessors(self):
# Test accessors are protected correctly # Test accessors are protected correctly
try:
from ZODB.Transaction import Transaction
return
# Zope 2.7 do not test
except ImportError:
pass
self._addProperty('Person', self._addProperty('Person',
''' { 'id': 'foo_bar', ''' { 'id': 'foo_bar',
'type': 'string', 'type': 'string',
...@@ -2118,6 +2125,13 @@ class TestPropertySheet: ...@@ -2118,6 +2125,13 @@ class TestPropertySheet:
self.assertFalse(guarded_hasattr(obj, 'getFooBar')) self.assertFalse(guarded_hasattr(obj, 'getFooBar'))
def test_DefaultSecurityOnListAccessors(self): def test_DefaultSecurityOnListAccessors(self):
try:
from ZODB.Transaction import Transaction
return
# Zope 2.7 do not test
except ImportError:
pass
# Test list accessors are protected correctly # Test list accessors are protected correctly
self._addProperty('Person', self._addProperty('Person',
''' { 'id': 'foo_bar', ''' { 'id': 'foo_bar',
...@@ -2139,6 +2153,13 @@ class TestPropertySheet: ...@@ -2139,6 +2153,13 @@ class TestPropertySheet:
self.assertFalse(guarded_hasattr(obj, 'getFooBarList')) self.assertFalse(guarded_hasattr(obj, 'getFooBarList'))
def test_DefaultSecurityOnCategoryAccessors(self): def test_DefaultSecurityOnCategoryAccessors(self):
try:
from ZODB.Transaction import Transaction
return
# Zope 2.7 do not test
except ImportError:
pass
# Test category accessors are protected correctly # Test category accessors are protected correctly
obj = self.getPersonModule().newContent(portal_type='Person') obj = self.getPersonModule().newContent(portal_type='Person')
self.assertTrue(guarded_hasattr(obj, 'setRegion')) self.assertTrue(guarded_hasattr(obj, 'setRegion'))
...@@ -2174,6 +2195,13 @@ class TestPropertySheet: ...@@ -2174,6 +2195,13 @@ class TestPropertySheet:
self.assertFalse(guarded_hasattr(obj, 'getRegionValueList')) self.assertFalse(guarded_hasattr(obj, 'getRegionValueList'))
def test_PropertySheetSecurityOnAccessors(self): def test_PropertySheetSecurityOnAccessors(self):
try:
from ZODB.Transaction import Transaction
return
# Zope 2.7 do not test
except ImportError:
pass
# Test accessors are protected correctly when you specify the permission # Test accessors are protected correctly when you specify the permission
# in the property sheet. # in the property sheet.
self._addProperty('Person', self._addProperty('Person',
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment