*: switch to new AccessControl syntax to declare permissions

bt5/erp5_accounting/DocumentTemplateItem/portal_components/document.erp5.AccountingTransaction.py

@@ -60,8 +60,7 @@ class AccountingTransaction(Delivery):
                     , PropertySheet.PaymentCondition
                     )
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'hasSourceSectionAccounting')
+  @security.protected(Permissions.AccessContentsInformation)
   def hasSourceSectionAccounting(self):
     """Return true if we should take into account accounting for source
     section.
@@ -71,8 +70,7 @@ class AccountingTransaction(Delivery):
       return section.getPortalType() != 'Person'
     return False
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'hasDestinationSectionAccounting')
+  @security.protected(Permissions.AccessContentsInformation)
   def hasDestinationSectionAccounting(self):
     """Return true if we should take into account accounting for destination
     section.

bt5/erp5_accounting/DocumentTemplateItem/portal_components/document.erp5.AccountingTransactionLine.py

@@ -59,8 +59,7 @@ class AccountingTransactionLine(DeliveryLine):
                     )
 
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getInventoriatedQuantity')
+  @security.protected(Permissions.AccessContentsInformation)
   def getInventoriatedQuantity(self):
     """
       Redefine this method here, because AccountingTransactionLine does
@@ -69,7 +68,7 @@ class AccountingTransactionLine(DeliveryLine):
     return Amount.getInventoriatedQuantity(self)
 
   # Pricing in standard currency
-  security.declareProtected(Permissions.AccessContentsInformation, 'getPrice')
+  @security.protected(Permissions.AccessContentsInformation)
   def getPrice(self, context=None): # pylint: disable=arguments-differ
     """
       On accounting transaction lines, the price is always set to 1.
@@ -79,8 +78,7 @@ class AccountingTransactionLine(DeliveryLine):
     """
     return 1.0
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getSourceAssetPrice')
+  @security.protected(Permissions.AccessContentsInformation)
   def getSourceAssetPrice(self):
     """
       The price is set to 1.0 because we do not want to implement
@@ -90,8 +88,7 @@ class AccountingTransactionLine(DeliveryLine):
     """
     return 1.0
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getDestinationAssetPrice')
+  @security.protected(Permissions.AccessContentsInformation)
   def getDestinationAssetPrice(self):
     """
       The price is set to 1.0 because we do not want to implement
@@ -101,8 +98,7 @@ class AccountingTransactionLine(DeliveryLine):
     """
     return 1.0
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'setGroupingReference')
+  @security.protected(Permissions.AccessContentsInformation)
   def setGroupingReference(self, value):
     # Sets the grouping reference.
     # This method is redefined here to override security definition.
@@ -113,16 +109,14 @@ class AccountingTransactionLine(DeliveryLine):
     self._baseSetGroupingReference(value)
     self.reindexObject()
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'setGroupingDate')
+  @security.protected(Permissions.AccessContentsInformation)
   def setGroupingDate(self, value):
     # Sets the grouping date.
     # See also setGroupingReference.
     self._baseSetGroupingDate(value)
     self.reindexObject()
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'isMovingItem')
+  @security.protected(Permissions.AccessContentsInformation)
   def isMovingItem(self, item):
     """
       We often like to aggregate items to Accounting Transaction Line

bt5/erp5_accounting/DocumentTemplateItem/portal_components/document.erp5.Invoice.py

@@ -56,16 +56,14 @@ class Invoice(AccountingTransaction):
                     , PropertySheet.Folder
                     )
 
-  security.declareProtected(
-      Permissions.AccessContentsInformation, 'getTotalPrice')
+  @security.protected(Permissions.AccessContentsInformation)
   def getTotalPrice(self, **kw):
     """ Returns the total price for this invoice """
     kw.setdefault('portal_type',
                   self.getPortalInvoiceMovementTypeList())
     return Delivery.getTotalPrice(self, **kw)
 
-  security.declareProtected(
-      Permissions.AccessContentsInformation, 'getTotalQuantity')
+  @security.protected(Permissions.AccessContentsInformation)
   def getTotalQuantity(self, **kw):
     """ Returns the total quantity for this invoice """
     kw.setdefault('portal_type',

bt5/erp5_api_style/DocumentTemplateItem/portal_components/document.erp5.jIOWebSection.py

@@ -42,7 +42,7 @@ class jIOWebSection(WebSection):
   security = ClassSecurityInfo()
   security.declareObjectProtected(Permissions.AccessContentsInformation)
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'getLayoutProperty')
+  @security.protected(Permissions.AccessContentsInformation)
   def getLayoutProperty(self, key, default=None):
     """
         A simple method to get a property of the current by
@@ -57,7 +57,7 @@ class jIOWebSection(WebSection):
       section = section.aq_parent
     return default
 
-  security.declareProtected(Permissions.View, 'get')
+  @security.protected(Permissions.View)
   def get(self): #pylint:disable=arguments-differ
     """
       Taken from WebSection Bobo Traverse, the difference is that
@@ -66,7 +66,7 @@ class jIOWebSection(WebSection):
     # Register current web site physical path for later URL generation
     return self.ERP5Site_asjIOStyle(mode="get", text_content=self.REQUEST.get('BODY'))
 
-  security.declareProtected(Permissions.View, 'post')
+  @security.protected(Permissions.View)
   def post(self):
     """
       Taken from WebSection Bobo Traverse, the difference is that
@@ -75,7 +75,7 @@ class jIOWebSection(WebSection):
     # Register current web site physical path for later URL generation
     return self.ERP5Site_asjIOStyle(mode="post", text_content=self.REQUEST.get('BODY'))
 
-  security.declareProtected(Permissions.View, 'put')
+  @security.protected(Permissions.View)
   def put(self):
     """
       Taken from WebSection Bobo Traverse, the difference is that
@@ -84,7 +84,7 @@ class jIOWebSection(WebSection):
     # Register current web site physical path for later URL generation
     return self.ERP5Site_asjIOStyle(mode="put", text_content=self.REQUEST.get('BODY'))
 
-  security.declareProtected(Permissions.View, 'allDocs')
+  @security.protected(Permissions.View)
   def allDocs(self):
     """
       Taken from WebSection Bobo Traverse, the difference is that

bt5/erp5_apparel/DocumentTemplateItem/portal_components/document.erp5.ApparelCloth.py

@@ -58,13 +58,13 @@ class ApparelCloth(Resource, XMLMatrix):
                       , PropertySheet.VariationRange
                       )
 
-    security.declareProtected(Permissions.ModifyPortalContent, '_setSizeList')
+    @security.protected(Permissions.ModifyPortalContent)
     def _setSizeList(self,value):
       self._categorySetSizeList(value)
       # XXX Use interaction workflow instead
       self.updateCellRange(base_id='measure')
 
-    security.declareProtected(Permissions.ModifyPortalContent, '_setMeasureList')
+    @security.protected(Permissions.ModifyPortalContent)
     def _setMeasureList(self,value):
       self._categorySetMeasureList(value)
       # XXX Use interaction workflow instead

bt5/erp5_apparel/DocumentTemplateItem/portal_components/document.erp5.ApparelMeasurement.py

@@ -84,7 +84,7 @@ class ApparelMeasurement(XMLObject, XMLMatrix, Image):
     def manage_beforeDelete(self, item, container):
       Image.manage_beforeDelete(self, item, container)
 
-    security.declareProtected(Permissions.ModifyPortalContent, '_setMeasureList')
+    @security.protected(Permissions.ModifyPortalContent)
     def _setMeasureList(self,value):
       self._categorySetMeasureList(value)
       # XXX Use interaction workflow instead

bt5/erp5_apparel/DocumentTemplateItem/portal_components/document.erp5.ApparelSize.py

@@ -57,7 +57,7 @@ class ApparelSize(XMLObject, XMLMatrix):
                       )
 
     # XXX this should be done using an interraction workflow
-    security.declareProtected(Permissions.ModifyPortalContent, '_updateMatrixCellRange')
+    @security.protected(Permissions.ModifyPortalContent)
     def _updateMatrixCellRange(self):
       lines = self.ApparelSize_asCellRange()[0]
       columns = self.ApparelSize_asCellRange()[1]
@@ -68,12 +68,12 @@ class ApparelSize(XMLObject, XMLMatrix):
         self.setCellRange(lines, base_id='size')
 
     # XXX this should be done using an interraction workflow
-    security.declareProtected(Permissions.ModifyPortalContent, '_setSizeList')
+    @security.protected(Permissions.ModifyPortalContent)
     def _setSizeList(self,value):
       self._categorySetSizeList(value)
       self._updateMatrixCellRange()
 
-    security.declareProtected(Permissions.ModifyPortalContent, '_setApparelMorphoTypeList')
+    @security.protected(Permissions.ModifyPortalContent)
     def _setApparelMorphoTypeList(self,value):
       self._categorySetApparelMorphoTypeList(value)
       self._updateMatrixCellRange()

bt5/erp5_base/DocumentTemplateItem/portal_components/document.erp5.Agent.py

@@ -66,7 +66,7 @@ class Agent(Folder, Image):
   security.declareProtected(Permissions.AccessContentsInformation, 'viewImage')
   viewImage = Image.index_html
 
-  security.declareProtected(Permissions.ModifyPortalContent, 'importSignature')
+  @security.protected(Permissions.ModifyPortalContent)
   def importSignature(self, import_file=None, form_id=None, REQUEST=None, **kw):
     """
       Imports a scan of a signature.

bt5/erp5_base/DocumentTemplateItem/portal_components/document.erp5.BankAccount.py

@@ -61,7 +61,7 @@ class BankAccount(Node, Coordinate):
                     )
 
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'getReference')
+  @security.protected(Permissions.AccessContentsInformation)
   def getReference(self, *args, **kw):
     """reference depends on the site configuration.
     """

bt5/erp5_base/DocumentTemplateItem/portal_components/document.erp5.Coordinate.py

@@ -93,16 +93,14 @@ class Coordinate(Base):
                     )
 
   ### helper methods
-  security.declareProtected( Permissions.AccessContentsInformation,
-                             'getRegularExpressionFindAll')
+  @security.protected(Permissions.AccessContentsInformation)
   def getRegularExpressionFindAll(self, regular_expression, string):
     """
     allows call of re.findall in a python script used for Coordinate
     """
     return re.findall(regular_expression, string)
 
-  security.declareProtected( Permissions.AccessContentsInformation,
-                             'getRegularExpressionGroups')
+  @security.protected(Permissions.AccessContentsInformation)
   def getRegularExpressionGroups(self, regular_expression, string):
     """
     allows call of re.search.groups in a python script used for Coordinate
@@ -113,8 +111,7 @@ class Coordinate(Base):
     return re.search(regular_expression, string).groups()
 
   ### Mix-in methods
-  security.declareProtected( Permissions.AccessContentsInformation,
-                             'asText' )
+  @security.protected(Permissions.AccessContentsInformation)
   def asText(self):
     """
     returns the coordinate as a text string
@@ -123,23 +120,21 @@ class Coordinate(Base):
     if script is not None:
       return script()
 
-  security.declareProtected( Permissions.AccessContentsInformation,
-                             'getText')
+  @security.protected(Permissions.AccessContentsInformation)
   def getText(self):
     """
     calls asText
     """
     return self.asText()
 
-  security.declareProtected( Permissions.AccessContentsInformation,
-                             'hasText')
+  @security.protected(Permissions.AccessContentsInformation)
   def hasText(self):
     """
     calls asText
     """
     return bool(self.asText())
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'getCoordinateText')
+  @security.protected(Permissions.AccessContentsInformation)
   def getCoordinateText(self, default=_marker):
     """Fallback on splitted values (old API)
     """
@@ -157,7 +152,7 @@ class Coordinate(Base):
       return self._baseGetCoordinateText()
     return self._baseGetCoordinateText(default)
 
-  security.declareProtected( Permissions.ModifyPortalContent, 'fromText' )
+  @security.protected(Permissions.ModifyPortalContent)
   @deprecated
   def fromText(self, coordinate_text):
     """
@@ -168,25 +163,24 @@ class Coordinate(Base):
     if script is not None:
       return script(text=coordinate_text)
 
-  security.declareProtected(Permissions.ModifyPortalContent, '_setText')
+  @security.protected(Permissions.ModifyPortalContent)
   def _setText(self, value):
     """
     calls fromText
     """
     return self.fromText(value)
 
-  security.declareProtected( Permissions.AccessContentsInformation,
-                             'standardTextFormat')
+  @security.protected(Permissions.AccessContentsInformation)
   def standardTextFormat(self):
     """
     Returns the standard text formats for telephone numbers
     """
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'isDetailed')
+  @security.protected(Permissions.AccessContentsInformation)
   def isDetailed(self):
     return False
 
-  security.declareProtected( Permissions.View, 'manage_FTPget' )
+  @security.protected(Permissions.View)
   def manage_FTPget(self):
     """
     Get the coordinate as text for WebDAV src / FTP download.
@@ -197,7 +191,7 @@ class Coordinate(Base):
 
     return bodytext
 
-  security.declareProtected( Permissions.View, 'get_size' )
+  @security.protected(Permissions.View)
   def get_size( self ):
     """
     Used for FTP and apparently the ZMI now too

bt5/erp5_base/DocumentTemplateItem/portal_components/document.erp5.Currency.py

@@ -55,19 +55,19 @@ class Currency(Resource):
                     )
 
   # Unit conversion
-  security.declareProtected(Permissions.AccessContentsInformation, 'convertQuantity')
+  @security.protected(Permissions.AccessContentsInformation)
   def convertQuantity(self, quantity, from_unit, to_unit, variation_list=(), transformed_resource=None, transformed_variation_list=()):
     # 'variation_list' parameter may be deprecated:
     # cf Measure.getConvertedQuantity
     return quantity
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'convertCurrency')
+  @security.protected(Permissions.AccessContentsInformation)
   def convertCurrency(self, quantity, to_currency):
     if to_currency is self:
       return quantity
     return quantity
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'asNumericCode')
+  @security.protected(Permissions.AccessContentsInformation)
   def asNumericCode(self):
     """Return a numeric code defined in ISO 4217."""
     return self.Base_convertCurrencyCodeToNumericCode(self.getReference())

bt5/erp5_base/DocumentTemplateItem/portal_components/document.erp5.GeographicAddress.py

@@ -75,7 +75,7 @@ class GeographicAddress(Coordinate):
         city = ''.join(zip_city[1:])
     return street_address, zip_code, city
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'asText')
+  @security.protected(Permissions.AccessContentsInformation)
   def asText(self):
     """
       Returns the address as a complete formatted string
@@ -94,7 +94,7 @@ class GeographicAddress(Coordinate):
       return ''
     return result
 
-  security.declareProtected(Permissions.ModifyPortalContent, 'fromText')
+  @security.protected(Permissions.ModifyPortalContent)
   @deprecated
   def fromText(self, coordinate_text):
     """Save given data then continue parsing
@@ -106,8 +106,7 @@ class GeographicAddress(Coordinate):
     self.setZipCode(zip_code)
     self.setCity(city)
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'standardTextFormat')
+  @security.protected(Permissions.AccessContentsInformation)
   def standardTextFormat(self):
     """
       Returns the standard text format for geographic addresses
@@ -119,6 +118,6 @@ c/o Jean-Paul Sartre
 """,
 )
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'isDetailed')
+  @security.protected(Permissions.AccessContentsInformation)
   def isDetailed(self):
     return self.hasStreetAddress() or self.hasZipCode() or self.hasCity()

bt5/erp5_base/DocumentTemplateItem/portal_components/document.erp5.Image.py

@@ -155,7 +155,7 @@ class Image(TextConvertableMixin, File, OFSImage):
     if getattr(aq_base(self), 'size', None) != size:
       self.size = size
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'getWidth')
+  @security.protected(Permissions.AccessContentsInformation)
   def getWidth(self):
     """
       Tries to get the width from the image data.
@@ -165,7 +165,7 @@ class Image(TextConvertableMixin, File, OFSImage):
       self._update_image_info()
     return self.width
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'getHeight')
+  @security.protected(Permissions.AccessContentsInformation)
   def getHeight(self):
     """
       Tries to get the height from the image data.
@@ -175,7 +175,7 @@ class Image(TextConvertableMixin, File, OFSImage):
       self._update_image_info()
     return self.height
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'getContentType')
+  @security.protected(Permissions.AccessContentsInformation)
   def getContentType(  # pylint: disable=arguments-differ
       self,
       default=_MARKER,
@@ -189,7 +189,7 @@ class Image(TextConvertableMixin, File, OFSImage):
     else:
       return self._baseGetContentType(default)
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'displayIds')
+  @security.protected(Permissions.AccessContentsInformation)
   def displayIds(self, exclude=('thumbnail',)):
     """Return list of display Ids."""
     id_list = list(DEFAULT_DISPLAY_ID_LIST)
@@ -205,7 +205,7 @@ class Image(TextConvertableMixin, File, OFSImage):
     id_list.sort(key=getSurfaceArea)
     return id_list
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'displayLinks')
+  @security.protected(Permissions.AccessContentsInformation)
   def displayLinks(self, exclude=('thumbnail',)):
     """Return list of HTML <a> tags for displays."""
     links = []
@@ -213,7 +213,7 @@ class Image(TextConvertableMixin, File, OFSImage):
       links.append('<a href="%s?display=%s">%s</a>' % (self.REQUEST['URL'], display, display))
     return links
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'displayMap')
+  @security.protected(Permissions.AccessContentsInformation)
   def displayMap(
       self,
       exclude=None,
@@ -246,7 +246,7 @@ class Image(TextConvertableMixin, File, OFSImage):
     return displays
 
 
-  security.declarePrivate('_convertToText')
+  @security.private
   def _convertToText(self, format):  # pylint: disable=redefined-builtin
     """
     Convert the image to text with portaltransforms
@@ -326,7 +326,7 @@ class Image(TextConvertableMixin, File, OFSImage):
     return mime, image_data
 
   # Display
-  security.declareProtected(Permissions.View, 'index_html')
+  @security.protected(Permissions.View)
   @fill_args_from_request('display', 'quality', 'resolution', 'frame', 'crop')
   def index_html(self, REQUEST, *args, **kw):
     """Return the image data."""
@@ -458,7 +458,7 @@ class Image(TextConvertableMixin, File, OFSImage):
       width =  img_width * height / img_height
     return (width, height)
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'getSizeFromImageDisplay')
+  @security.protected(Permissions.AccessContentsInformation)
   def getSizeFromImageDisplay(self, image_display):
     """Return the size for this image display,
        or dimension of this image.
@@ -484,7 +484,7 @@ class Image(TextConvertableMixin, File, OFSImage):
     File.PUT(self, REQUEST, RESPONSE)
     self._update_image_info()
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'getDefaultImageQuality')
+  @security.protected(Permissions.AccessContentsInformation)
   def getDefaultImageQuality(self, format=None):  # pylint: disable=redefined-builtin
     """
     Get default image quality for a format.

bt5/erp5_base/DocumentTemplateItem/portal_components/document.erp5.MappedProperty.py

@@ -81,7 +81,7 @@ class MappedProperty(XMLObject):
 
   # Security should be handled by the target document not by the mapped
   # property document.
-  security.declarePublic('getMappedProperty')
+  @security.public
   def getMappedProperty(self, document, property): #  pylint: disable=redefined-builtin
     if property.endswith('_list'):
       property = property[:-5]
@@ -97,7 +97,7 @@ class MappedProperty(XMLObject):
 
   # Security should be handled by the target document not by the mapped
   # property document.
-  security.declarePublic('setMappedProperty')
+  @security.public
   def setMappedProperty(self, document, property, value): #  pylint: disable=redefined-builtin
     if property.endswith('_list'):
       property = property[:-5]

bt5/erp5_base/DocumentTemplateItem/portal_components/document.erp5.OOoDocument.py

@@ -127,22 +127,20 @@ class OOoDocument(OOoDocumentExtensibleTraversableMixin, BaseConvertableFileMixi
   rx_strip = re.compile(r'<[^>]*?>', re.DOTALL|re.MULTILINE)
   rx_compr = re.compile(r'\s+')
 
-  security.declareProtected(Permissions.View, 'index_html')
+  @security.protected(Permissions.View)
   @fill_args_from_request('display', 'quality', 'resolution')
   def index_html(self, REQUEST, *args, **kw):
     """Return the document data."""
     return Document.index_html(self, REQUEST, *args, **kw)
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'isSupportBaseDataConversion')
+  @security.protected(Permissions.AccessContentsInformation)
   def isSupportBaseDataConversion(self):
     """
     OOoDocument is needed to conversion to base format.
     """
     return True
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getTargetFormatItemList')
+  @security.protected(Permissions.AccessContentsInformation)
   def getTargetFormatItemList(self):
     """
       Returns a list of acceptable formats for conversion
@@ -350,8 +348,7 @@ class OOoDocument(OOoDocumentExtensibleTraversableMixin, BaseConvertableFileMixi
         data = unicode2str(data)
     return mime, data
 
-  security.declareProtected(Permissions.ModifyPortalContent,
-                            '_populateConversionCacheWithHTML')
+  @security.protected(Permissions.ModifyPortalContent)
   def _populateConversionCacheWithHTML(self, zip_file=None):
     """
     Extract content from the ODF zip file and populate the document.
@@ -389,7 +386,7 @@ class OOoDocument(OOoDocumentExtensibleTraversableMixin, BaseConvertableFileMixi
       zip_file.close()
       archive_file.close()
 
-  security.declarePrivate('_convertToBaseFormat')
+  @security.private
   def _convertToBaseFormat(self):
     """
       Converts the original document into ODF
@@ -423,8 +420,7 @@ class OOoDocument(OOoDocumentExtensibleTraversableMixin, BaseConvertableFileMixi
     """
     return getattr(self, '_base_metadata', {})
 
-  security.declareProtected(Permissions.ModifyPortalContent,
-                            'updateBaseMetadata')
+  @security.protected(Permissions.ModifyPortalContent)
   def updateBaseMetadata(self, **kw):
     """
       Updates metadata information in the converted OOo document

bt5/erp5_base/DocumentTemplateItem/portal_components/document.erp5.Person.py

@@ -93,8 +93,7 @@ class Person(EncryptedPasswordMixin, Node, LoginAccountProviderMixin, ERP5UserMi
                     , PropertySheet.Task
                     )
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getTitle')
+  @security.protected(Permissions.AccessContentsInformation)
   def getTitle(self, **kw):
     """
     Returns the title if it exists or a combination of
@@ -107,8 +106,7 @@ class Person(EncryptedPasswordMixin, Node, LoginAccountProviderMixin, ERP5UserMi
       return title
     return super(Person, self).getTitle(**kw)
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getTranslatedTitle')
+  @security.protected(Permissions.AccessContentsInformation)
   def getTranslatedTitle(self, **kw):
     """
     Returns the title if it exists or a combination of
@@ -121,13 +119,11 @@ class Person(EncryptedPasswordMixin, Node, LoginAccountProviderMixin, ERP5UserMi
       return title
     return super(Person, self).getTranslatedTitle(**kw)
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'title_or_id')
+  @security.protected(Permissions.AccessContentsInformation)
   def title_or_id(self):
     return self.getTitleOrId()
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'hasTitle')
+  @security.protected(Permissions.AccessContentsInformation)
   def hasTitle(self):
     return self.hasFirstName() or \
         self.hasLastName() or \
@@ -223,7 +219,7 @@ class Person(EncryptedPasswordMixin, Node, LoginAccountProviderMixin, ERP5UserMi
         raise AccessControl_Unauthorized('setUserId')
       self._baseSetUserId(value)
 
-  security.declareProtected(Permissions.ModifyPortalContent, 'initUserId')
+  @security.protected(Permissions.ModifyPortalContent)
   def initUserId(self):
     """Initialize user id.
 
@@ -271,8 +267,7 @@ class Person(EncryptedPasswordMixin, Node, LoginAccountProviderMixin, ERP5UserMi
       self.reindexObject()
 
   # Time management
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getAvailableTime')
+  @security.protected(Permissions.AccessContentsInformation)
   def getAvailableTime(self, *args, **kw):
     """
     Calculate available time for a person
@@ -284,8 +279,7 @@ class Person(EncryptedPasswordMixin, Node, LoginAccountProviderMixin, ERP5UserMi
     portal_simulation = self.getPortalObject().portal_simulation
     return portal_simulation.getAvailableTime(*args, **kw)
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getAvailableTimeSequence')
+  @security.protected(Permissions.AccessContentsInformation)
   def getAvailableTimeSequence(self, *args, **kw):
     """
     Calculate available time for a person in a sequence
@@ -298,8 +292,7 @@ class Person(EncryptedPasswordMixin, Node, LoginAccountProviderMixin, ERP5UserMi
     return portal_simulation.getAvailableTimeSequence(*args, **kw)
 
   # Notifiation API
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'notifyMessage')
+  @security.protected(Permissions.AccessContentsInformation)
   def notifyMessage(self, message):
     """
     This method can only be called with proxy roles.

bt5/erp5_base/DocumentTemplateItem/portal_components/document.erp5.RoleDefinition.py

@@ -60,7 +60,7 @@ class RoleDefinition(XMLObject):
       raise Unauthorized("You are not allowed to give %s role" % value)
     self._baseSetRoleName(value)
 
-  security.declarePrivate("getLocalRolesFor")
+  @security.private
   def getLocalRolesFor(self, ob, user_name=None):
     group_id_generator = getattr(ob,
       ERP5TYPE_SECURITY_GROUP_ID_GENERATION_SCRIPT, None)

bt5/erp5_base/DocumentTemplateItem/portal_components/document.erp5.SimulatedDeliveryBuilder.py

@@ -93,14 +93,14 @@ class SimulatedDeliveryBuilder(BuilderMixin):
                     , PropertySheet.DeliveryBuilder
                     )
 
-  security.declarePrivate('callBeforeBuildingScript')
+  @security.private
   def callBeforeBuildingScript(self):  # XXX-JPS
     """
       Redefine this method, because it seems nothing interesting can be
       done before building Delivery.
     """
 
-  security.declarePrivate('searchMovementList')
+  @security.private
   @UnrestrictedMethod
   def searchMovementList(self, applied_rule_uid=None, **kw):
     """
@@ -175,8 +175,7 @@ class SimulatedDeliveryBuilder(BuilderMixin):
           delivery.startBuilding()
 
   # Simulation consistency propagation
-  security.declareProtected(Permissions.ModifyPortalContent,
-                            'updateFromSimulation')
+  @security.protected(Permissions.ModifyPortalContent)
   def updateFromSimulation(self, delivery_relative_url, **kw):
     """
       Update all lines of this transaction based on movements in the
@@ -190,8 +189,7 @@ class SimulatedDeliveryBuilder(BuilderMixin):
       delivery_relative_url,
       divergence_to_adopt_list=divergence_to_adopt_list)
 
-  security.declareProtected(Permissions.ModifyPortalContent,
-                            'solveDeliveryGroupDivergence')
+  @security.protected(Permissions.ModifyPortalContent)
   @UnrestrictedMethod
   def solveDeliveryGroupDivergence(self, delivery_relative_url,
                                    property_dict=None):

bt5/erp5_base/DocumentTemplateItem/portal_components/document.erp5.SupplyCell.py

@@ -60,8 +60,7 @@ class SupplyCell(Path):
                     , PropertySheet.Reference
                     )
 
-  security.declareProtected( Permissions.AccessContentsInformation,
-                             'hasCellContent' )
+  @security.protected(Permissions.AccessContentsInformation)
   def hasCellContent(self, base_id='movement'):
     """A cell cannot have cell content itself.
     """
@@ -70,12 +69,10 @@ class SupplyCell(Path):
   # Override getQuantityUnitXXX to negate same methods defined in
   # Amount class. Because cell must acquire quantity unit from line
   # not from resource.
-  security.declareProtected( Permissions.AccessContentsInformation,
-                             'getQuantityUnitValue')
+  @security.protected(Permissions.AccessContentsInformation)
   def getQuantityUnitValue(self):
     return self.getParentValue().getQuantityUnitValue()
 
-  security.declareProtected( Permissions.AccessContentsInformation,
-                             'getQuantityUnit')
+  @security.protected(Permissions.AccessContentsInformation)
   def getQuantityUnit(self, checked_permission=None):
     return self.getParentValue().getQuantityUnit(checked_permission=checked_permission)

bt5/erp5_base/DocumentTemplateItem/portal_components/document.erp5.SupplyLine.py

@@ -71,8 +71,7 @@ class SupplyLine(Path, Amount, XMLMatrix):
   #############################################
   # Pricing methods
   #############################################
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getPrice')
+  @security.protected(Permissions.AccessContentsInformation)
   def getPrice(self):
     # FIXME: this have to be done in an interaction wf
     if getattr(self, 'price', None) is None:
@@ -80,8 +79,7 @@ class SupplyLine(Path, Amount, XMLMatrix):
     # Return the price
     return self.price
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getTotalPrice')
+  @security.protected(Permissions.AccessContentsInformation)
   def getTotalPrice(self):
     """
       Returns the totals price for this line
@@ -96,8 +94,7 @@ class SupplyLine(Path, Amount, XMLMatrix):
   def _getTotalPrice(self, context):
     return 0.0
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'isAccountable')
+  @security.protected(Permissions.AccessContentsInformation)
   def isAccountable(self):
     """Supply Line are not accounted.
     """
@@ -112,23 +109,21 @@ class SupplyLine(Path, Amount, XMLMatrix):
   # XMLMatrix methods
   # XXX to be removed if possible
   #############################################
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'hasCellContent')
+  @security.protected(Permissions.AccessContentsInformation)
   def hasCellContent(self, base_id='path'):
     """
         This method can be overriden
     """
     return XMLMatrix.hasCellContent(self, base_id=base_id)
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getCellValueList' )
+  @security.protected(Permissions.AccessContentsInformation)
   def getCellValueList(self, base_id='path'):
     """
         This method can be overriden
     """
     return XMLMatrix.getCellValueList(self, base_id=base_id)
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'getCell')
+  @security.protected(Permissions.AccessContentsInformation)
   def getCell(self, *kw , **kwd):
     """
         This method can be overriden
@@ -136,7 +131,7 @@ class SupplyLine(Path, Amount, XMLMatrix):
     kwd.setdefault('base_id', 'path')
     return XMLMatrix.getCell(self, *kw, **kwd)
 
-  security.declareProtected(Permissions.ModifyPortalContent, 'newCell')
+  @security.protected(Permissions.ModifyPortalContent)
   def newCell(self, *kw, **kwd):
     """
         This method creates a new cell
@@ -147,8 +142,7 @@ class SupplyLine(Path, Amount, XMLMatrix):
   ############################################################
   # Quantity predicate API
   ############################################################
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getQuantityPredicateIdList')
+  @security.protected(Permissions.AccessContentsInformation)
   def getQuantityPredicateIdList(self, price_parameter):
     """
       Return predicate id related to a price parameter.
@@ -166,8 +160,7 @@ class SupplyLine(Path, Amount, XMLMatrix):
               if x.startswith(predicate_id_start_with)]
     return result
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getQuantityPredicateValueList')
+  @security.protected(Permissions.AccessContentsInformation)
   def getQuantityPredicateValueList(self, price_parameter):
     """
       Return predicate related to a price parameter.
@@ -176,8 +169,7 @@ class SupplyLine(Path, Amount, XMLMatrix):
             self.getQuantityPredicateIdList(price_parameter)]
     return result
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getQuantityStepList')
+  @security.protected(Permissions.AccessContentsInformation)
   def getQuantityStepList(self, *args, **kw):
     """
       Return predicate step related to a price_parameter
@@ -191,8 +183,7 @@ class SupplyLine(Path, Amount, XMLMatrix):
                    convertToUpperCase("%s_quantity_step" % price_parameter)
     return getattr(self, method_name)() or []
 
-  security.declareProtected(Permissions.ModifyPortalContent,
-                            'updateQuantityPredicate')
+  @security.protected(Permissions.ModifyPortalContent)
   def updateQuantityPredicate(self, price_parameter):
     """
       Update the quantity predicate for this price parameter

bt5/erp5_base/DocumentTemplateItem/portal_components/document.erp5.Telephone.py

@@ -289,7 +289,7 @@ class Telephone(Coordinate):
         number = number.replace(token, '')
     return country, area, city, number, extension
 
-  security.declareProtected(Permissions.ModifyPortalContent, 'fromText')
+  @security.protected(Permissions.ModifyPortalContent)
   @deprecated
   def fromText(self, coordinate_text):
     """Save given data then continue parsing
@@ -312,7 +312,7 @@ class Telephone(Coordinate):
   security.declareProtected(Permissions.ModifyPortalContent, '_setText')
   _setText = fromText
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'asText')
+  @security.protected(Permissions.AccessContentsInformation)
   def asText(self):
     """
       Returns the telephone number in standard format
@@ -351,8 +351,7 @@ class Telephone(Coordinate):
       return notation
     return ''
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'asURL')
+  @security.protected(Permissions.AccessContentsInformation)
   def asURL(self):
     """Returns a text representation of the Url if defined
     or None else.
@@ -387,14 +386,14 @@ class Telephone(Coordinate):
   security.declareProtected(Permissions.AccessContentsInformation, 'getText')
   getText = asText
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'standardTextFormat')
+  @security.protected(Permissions.AccessContentsInformation)
   def standardTextFormat(self):
     """
       Returns the standard text formats for telephone numbers
     """
     return ("+33(0)6-62 05 76 14",)
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'isDetailed')
+  @security.protected(Permissions.AccessContentsInformation)
   def isDetailed(self):
     return self.hasTelephoneCountry() or\
           self.hasTelephoneArea() or\

bt5/erp5_base/DocumentTemplateItem/portal_components/document.erp5.Url.py

@@ -58,8 +58,7 @@ class Url(Coordinate, UrlMixin):
                       , PropertySheet.SortIndex
                       )
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'asText')
+  @security.protected(Permissions.AccessContentsInformation)
   def asText(self):
     """
     Returns a text representation of the url_string a.k.a. scheme-specific-part
@@ -72,7 +71,7 @@ class Url(Coordinate, UrlMixin):
       return self.getUrlString('')
     return self.getCoordinateText('')
 
-  security.declareProtected(Permissions.ModifyPortalContent, 'fromText')
+  @security.protected(Permissions.ModifyPortalContent)
   @deprecated
   def fromText(self, text):
     """
@@ -81,8 +80,7 @@ class Url(Coordinate, UrlMixin):
     self._setCoordinateText(text)
     self.setUrlString(text)
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'standardTextFormat')
+  @security.protected(Permissions.AccessContentsInformation)
   def standardTextFormat(self):
     """
     Returns the standard text formats for urls. The purpose
@@ -91,8 +89,7 @@ class Url(Coordinate, UrlMixin):
     return ("http://www.erp5.org", "mailto:info@erp5.org")
 
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getUrlString')
+  @security.protected(Permissions.AccessContentsInformation)
   def getUrlString(self, default=_marker):
     """Fallback on coordinate_text
     """
@@ -107,13 +104,13 @@ class Url(Coordinate, UrlMixin):
       else:
         return self._baseGetUrlString(default)
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'isDetailed')
+  @security.protected(Permissions.AccessContentsInformation)
   def isDetailed(self):
     """
     """
     return self.hasUrlString()
 
-  security.declareProtected(Permissions.UseMailhostServices, 'send')
+  @security.protected(Permissions.UseMailhostServices)
   @deprecated
   def send(self, from_url=None, to_url=None, msg=None,
            subject=None, attachment_list=None, extra_headers=None):

bt5/erp5_base/MixinTemplateItem/portal_components/mixin.erp5.BuilderMixin.py

@@ -100,7 +100,7 @@ class BuilderMixin(XMLObject, Amount, Predicate):
                     , PropertySheet.DeliveryBuilder
                     )
 
-  security.declarePublic('build')
+  @security.public
   def build(self, applied_rule_uid=None, movement_relative_url_list=None,
                   delivery_relative_url_list=None, movement_list=None,
                   explanation=None, business_link=None, activate_kw=None,
@@ -153,7 +153,7 @@ class BuilderMixin(XMLObject, Amount, Predicate):
   def getRelatedBusinessLinkValueList(self):
     return self.getDeliveryBuilderRelatedValueList(portal_type='Business Link')
 
-  security.declarePrivate('callBeforeBuildingScript')
+  @security.private
   def callBeforeBuildingScript(self):
     """
       Call a script on the module, for example, to remove some
@@ -302,7 +302,7 @@ class BuilderMixin(XMLObject, Amount, Predicate):
   security.declarePrivate('searchMovementList')
   searchMovementList = UnrestrictedMethod(_searchMovementList)
 
-  security.declarePrivate('collectMovement')
+  @security.private
   def collectMovement(self, movement_list, merge_delivery=False):
     """
       group movements in the way we want. Thanks to this method, we are able
@@ -372,7 +372,7 @@ class BuilderMixin(XMLObject, Amount, Predicate):
       movement_group_node.getGroupEditDict()
       for movement_group_node in movement_group_node_list)
 
-  security.declarePrivate('buildDeliveryList')
+  @security.private
   @UnrestrictedMethod
   def buildDeliveryList(self, movement_group_node,
                         delivery_relative_url_list=None,
@@ -735,7 +735,7 @@ class BuilderMixin(XMLObject, Amount, Predicate):
       # Update properties on object (quantity, price...)
       delivery_movement._edit(force_update=1, **property_dict)
 
-  security.declarePrivate('callAfterBuildingScript')
+  @security.private
   @UnrestrictedMethod
   def callAfterBuildingScript(self, delivery_list, movement_list=(), **kw):
     """
@@ -771,8 +771,7 @@ class BuilderMixin(XMLObject, Amount, Predicate):
           script(related_simulation_movement_path_list=related_simulation_movement_path_list)
 
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                           'getMovementGroupList')
+  @security.protected(Permissions.AccessContentsInformation)
   def getMovementGroupList(self, portal_type=None, collect_order_group=None,
                             **kw):
     """

bt5/erp5_base/MixinTemplateItem/portal_components/mixin.erp5.ERP5UserMixin.py

@@ -40,14 +40,14 @@ class ERP5UserMixin:
   security = ClassSecurityInfo()
   security.declareObjectProtected(Permissions.AccessContentsInformation)
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'getReference')
+  @security.protected(Permissions.AccessContentsInformation)
   def getReference(self, default=None):
     """
     Fallback on user id
     """
     return self._baseGetReference() or self.getUserId(default)
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'hasReference')
+  @security.protected(Permissions.AccessContentsInformation)
   def hasReference(self):
     """
     Fallback on user id

bt5/erp5_base/MixinTemplateItem/portal_components/mixin.erp5.EncryptedPasswordMixin.py

@@ -50,7 +50,7 @@ class EncryptedPasswordMixin(object):
   security = ClassSecurityInfo()
   security.declareObjectProtected(Permissions.AccessContentsInformation)
 
-  security.declareProtected(Permissions.SetOwnPassword, 'checkPassword')
+  @security.protected(Permissions.SetOwnPassword)
   def checkPassword(self, value) :
     """
     """
@@ -58,7 +58,7 @@ class EncryptedPasswordMixin(object):
       return pw_validate(self.getPassword(), value)
     return False
 
-  security.declareProtected(Permissions.SetOwnPassword, 'checkPasswordValueAcceptable')
+  @security.protected(Permissions.SetOwnPassword)
   def checkPasswordValueAcceptable(self, value):
     """Check the password.
 
@@ -89,7 +89,7 @@ class EncryptedPasswordMixin(object):
       password = self.password = PersistentMapping()
     self.password[format] = value
 
-  security.declareProtected(Permissions.SetOwnPassword, 'setEncodedPassword')
+  @security.protected(Permissions.SetOwnPassword)
   def setEncodedPassword(
       self,
       value,
@@ -111,7 +111,7 @@ class EncryptedPasswordMixin(object):
     self.checkPasswordValueAcceptable(value)
     self._forceSetPassword(value)
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'getPassword')
+  @security.protected(Permissions.AccessContentsInformation)
   def getPassword(self, *args, **kw):
     marker = []
     if len(args):
@@ -133,7 +133,7 @@ class EncryptedPasswordMixin(object):
           password = default_password
     return password
 
-  security.declareProtected(Permissions.ModifyPortalContent, 'edit')
+  @security.protected(Permissions.ModifyPortalContent)
   def edit(self, *args, **kw):
     """edit, with support for empty password for the user interface.
 

bt5/erp5_base/MixinTemplateItem/portal_components/mixin.erp5.LoginAccountProviderMixin.py

@@ -44,7 +44,7 @@ class LoginAccountProviderMixin:
   # Declarative security
   security = ClassSecurityInfo()
 
-  security.declareProtected(Permissions.SetOwnPassword, 'notifyLoginFailure')
+  @security.protected(Permissions.SetOwnPassword)
   def notifyLoginFailure(self, **kw):
     """
     Notify an authentication failure.
@@ -53,7 +53,7 @@ class LoginAccountProviderMixin:
     if method is not None:
       return method(**kw)
 
-  security.declareProtected(Permissions.SetOwnPassword, 'notifyPasswordExpire')
+  @security.protected(Permissions.SetOwnPassword)
   def notifyPasswordExpire(self, **kw):
     """
     Notify a password expire event.
@@ -62,7 +62,7 @@ class LoginAccountProviderMixin:
     if method is not None:
       return method(**kw)
 
-  security.declareProtected(Permissions.SetOwnPassword, 'isLoginBlocked')
+  @security.protected(Permissions.SetOwnPassword)
   def isLoginBlocked(self, **kw):
     """
     Is this login blocked?
@@ -72,7 +72,7 @@ class LoginAccountProviderMixin:
       return method(**kw)
     return False
 
-  security.declareProtected(Permissions.SetOwnPassword, 'isPasswordExpired')
+  @security.protected(Permissions.SetOwnPassword)
   def isPasswordExpired(self, **kw):
     """
     Is password expired?
@@ -82,14 +82,14 @@ class LoginAccountProviderMixin:
       return method(**kw)
     return False
 
-  security.declareProtected(Permissions.SetOwnPassword, 'isPasswordValid')
+  @security.protected(Permissions.SetOwnPassword)
   def isPasswordValid(self, password, **kw):
     """
     Is password valid?
     """
     return not len(self.analyzePassword(password, **kw))
 
-  security.declareProtected(Permissions.SetOwnPassword, 'analyzePassword')
+  @security.protected(Permissions.SetOwnPassword)
   def analyzePassword(self, password, **kw):
     """
     Analyze password validity.
@@ -105,7 +105,7 @@ class LoginAccountProviderMixin:
       return []
     return method(password, **kw)
 
-  security.declareProtected(Permissions.SetOwnPassword, 'isPasswordAlreadyUsed')
+  @security.protected(Permissions.SetOwnPassword)
   def isPasswordAlreadyUsed(self, password):
     """
       Return if password has already been used.

bt5/erp5_big_file/DocumentTemplateItem/portal_components/document.erp5.BigFile.py

@@ -95,8 +95,7 @@ class BigFile(File):
   # OFS.File has an overloaded __str__ that returns the file content
   __str__ = object.__str__
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getData')
+  @security.protected(Permissions.AccessContentsInformation)
   def getData(self, default=None):
     """Read the full btree
     """
@@ -106,7 +105,7 @@ class BigFile(File):
     else:
       return btree
 
-  security.declareProtected(Permissions.ModifyPortalContent, 'updateContentMd5')
+  @security.protected(Permissions.ModifyPortalContent)
   def updateContentMd5(self):
     """Update md5 checksum from the original file
     """
@@ -294,7 +293,7 @@ class BigFile(File):
           RESPONSE.write(b'\r\n--%s--\r\n' % boundary)
           return True
 
-  security.declareProtected(Permissions.View, 'index_html')
+  @security.protected(Permissions.View)
   def index_html(self, REQUEST, RESPONSE, format=_MARKER, inline=_MARKER, **kw): # pylint: disable=redefined-builtin
     """
       Support streaming
@@ -340,7 +339,7 @@ class BigFile(File):
       RESPONSE.write(chunk)
     return b''
 
-  security.declareProtected(Permissions.ModifyPortalContent,'PUT')
+  @security.protected(Permissions.ModifyPortalContent)
   def PUT(self, REQUEST, RESPONSE):
     """Handle HTTP PUT requests"""
     self.dav__init(REQUEST, RESPONSE)
@@ -397,7 +396,7 @@ class BigFile(File):
     RESPONSE.setStatus(204)
     return RESPONSE
 
-  security.declareProtected(Permissions.ModifyPortalContent,'appendData')
+  @security.protected(Permissions.ModifyPortalContent)
   def appendData(self, data_chunk, content_type=None):
     """
     append data chunk to the end of the file, available in restricted environment.

bt5/erp5_budget/DocumentTemplateItem/portal_components/document.erp5.BudgetCell.py

@@ -66,7 +66,7 @@ class BudgetCell(Predicate, MetaNode, Movement):
   security = ClassSecurityInfo()
   security.declareObjectProtected(Permissions.AccessContentsInformation)
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'getTitle')
+  @security.protected(Permissions.AccessContentsInformation)
   def getTitle(self):
     """
     Return a calculated title.
@@ -78,13 +78,13 @@ class BudgetCell(Predicate, MetaNode, Movement):
               "Did not find title script for portal type: %r" %
               self.getPortalType())
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'hasCellContent')
+  @security.protected(Permissions.AccessContentsInformation)
   def hasCellContent(self, base_id='cell'):
     """Budget Cells do not contain cells.
     """
     return False
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'getCurrentInventory')
+  @security.protected(Permissions.AccessContentsInformation)
   def getCurrentInventory(self, at_date=None, **kw):
     """ Returns current inventory.
 
@@ -100,7 +100,7 @@ class BudgetCell(Predicate, MetaNode, Movement):
     sign = self.getParentValue().BudgetLine_getConsumptionSign()
     return sign * self.portal_simulation.getCurrentInventory(**kw)
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'getCurrentBalance')
+  @security.protected(Permissions.AccessContentsInformation)
   def getCurrentBalance(self, at_date=None):
     """
     Returns current balance
@@ -108,7 +108,7 @@ class BudgetCell(Predicate, MetaNode, Movement):
     sign = self.getParentValue().BudgetLine_getConsumptionSign()
     return sign * self.getQuantity(0.0) + self.getCurrentInventory(at_date=at_date)
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'getConsumedBudget')
+  @security.protected(Permissions.AccessContentsInformation)
   def getConsumedBudget(self, src__=0):
     """
     Return consumed budget.
@@ -120,14 +120,14 @@ class BudgetCell(Predicate, MetaNode, Movement):
               "Did not find consumed budget script for portal type: %r" %
               self.getPortalType())
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'getAvailableBudget')
+  @security.protected(Permissions.AccessContentsInformation)
   def getAvailableBudget(self, at_date=None):
     """
     Return available budget.
     """
     return self.getCurrentBalance(at_date=at_date) - self.getEngagedBudget()
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'getEngagedBudget')
+  @security.protected(Permissions.AccessContentsInformation)
   def getEngagedBudget(self, src__=0):
     """
     Return Engaged budget.
@@ -139,14 +139,12 @@ class BudgetCell(Predicate, MetaNode, Movement):
               "Did not find engaged budget script for portal type: %r" %
               self.getPortalType())
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getExplanationValue')
+  @security.protected(Permissions.AccessContentsInformation)
   def getExplanationValue(self):
     """Explanation has no meaning for a budget cell"""
     return None
 
-  security.declareProtected(Permissions.ModifyPortalContent,
-                            'setSourceCredit')
+  @security.protected(Permissions.ModifyPortalContent)
   def setSourceCredit(self, source_credit):
     """Set the quantity.
     Overloaded from movement, we always set the quantity, even if not passed

bt5/erp5_budget/DocumentTemplateItem/portal_components/document.erp5.BudgetLine.py

@@ -89,16 +89,14 @@ class BudgetLine(Predicate, XMLMatrix, VariatedMixin):
   security = ClassSecurityInfo()
   security.declareObjectProtected(Permissions.AccessContentsInformation)
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getConsumedBudgetDict')
+  @security.protected(Permissions.AccessContentsInformation)
   def getConsumedBudgetDict(self, **kw):
     """Returns all the consumptions in a dict where the keys are the cells, and
     the value is the consumed budget.
     """
     return self._getBudgetDict(**kw)
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getEngagedBudgetDict')
+  @security.protected(Permissions.AccessContentsInformation)
   def getEngagedBudgetDict(self, **kw):
     """Returns all the engagements in a dict where the keys are the cells, and
     the value is the engaged budget.
@@ -110,8 +108,7 @@ class BudgetLine(Predicate, XMLMatrix, VariatedMixin):
     kw['simulation_period'] = ''
     return self._getBudgetDict(**kw)
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getAvailableBudgetDict')
+  @security.protected(Permissions.AccessContentsInformation)
   @transactional_cached(key_method=lambda self, *args, **kw:
     (self.getRelativeUrl(), tuple(kw.items())))
   def getAvailableBudgetDict(self, **kw):
@@ -164,22 +161,19 @@ class BudgetLine(Predicate, XMLMatrix, VariatedMixin):
 
     return budget_dict
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getConsumedBudgetCell')
+  @security.protected(Permissions.AccessContentsInformation)
   def getConsumedBudgetCell(self, *cell_index, **kw):
     consumed_budget_dict = self.getConsumedBudgetDict()
     return TempBudgetCell(consumed_budget_dict.get(cell_index),
       cell_index, self.absolute_url(), False)
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getAvailableBudgetCell')
+  @security.protected(Permissions.AccessContentsInformation)
   def getAvailableBudgetCell(self, *cell_index, **kw):
     available_budget_dict = self.getAvailableBudgetDict()
     return TempBudgetCell(available_budget_dict.get(cell_index),
       cell_index, self.absolute_url(), True)
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getEngagedBudgetCell')
+  @security.protected(Permissions.AccessContentsInformation)
   def getEngagedBudgetCell(self, *cell_index, **kw):
     engaged_budget_dict = self.getEngagedBudgetDict()
     return TempBudgetCell(engaged_budget_dict.get(cell_index),

bt5/erp5_budget/DocumentTemplateItem/portal_components/document.erp5.BudgetModel.py

@@ -57,8 +57,7 @@ class BudgetModel(Predicate):
   security = ClassSecurityInfo()
   security.declareObjectProtected(Permissions.AccessContentsInformation)
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getCellRangeForBudgetLine')
+  @security.protected(Permissions.AccessContentsInformation)
   def getCellRangeForBudgetLine(self, budget_line, matrixbox=0):
     """Return the cell range to use for the budget.
     """
@@ -76,8 +75,7 @@ class BudgetModel(Predicate):
         cell_range.extend(variation_cell_range)
     return cell_range
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getConsumptionCellRangeForBudgetLine')
+  @security.protected(Permissions.AccessContentsInformation)
   def getConsumptionCellRangeForBudgetLine(self, budget_line, matrixbox=0, engaged_budget=False):
     """Return the cell range to use for the budget consumption.
 
@@ -98,8 +96,7 @@ class BudgetModel(Predicate):
         cell_range.extend(variation_cell_range)
     return cell_range
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getInventoryQueryDict')
+  @security.protected(Permissions.AccessContentsInformation)
   def getInventoryQueryDict(self, budget_cell):
     """Returns the query dict to pass to simulation query for a budget cell
     """
@@ -118,8 +115,7 @@ class BudgetModel(Predicate):
       query_dict.setdefault('at_date', start_date_range_max.latestTime())
     return query_dict
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getInventoryListQueryDict')
+  @security.protected(Permissions.AccessContentsInformation)
   def getInventoryListQueryDict(self, budget_line):
     """Returns the query dict to pass to simulation query for a budget line
     """
@@ -163,8 +159,7 @@ class BudgetModel(Predicate):
         cell_key += (key,)
     return cell_key
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'asBudgetPredicate')
+  @security.protected(Permissions.AccessContentsInformation)
   def asBudgetPredicate(self):
     " "
     # XXX predicate for line / cell ?

bt5/erp5_budget/DocumentTemplateItem/portal_components/document.erp5.BudgetTransaction.py

@@ -57,8 +57,7 @@ class BudgetTransaction(DeliveryLine):
   security = ClassSecurityInfo()
   security.declareObjectProtected(Permissions.AccessContentsInformation)
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'isAccountable')
+  @security.protected(Permissions.AccessContentsInformation)
   def isAccountable(self):
     """
     Supersedes the DeliveryLine definition

bt5/erp5_budget/DocumentTemplateItem/portal_components/document.erp5.CategoryBudgetVariation.py

@@ -55,14 +55,12 @@ class CategoryBudgetVariation(BudgetVariation):
 
   # zope.interface.implements(BudgetVariation, )
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'asBudgetPredicate')
+  @security.protected(Permissions.AccessContentsInformation)
   def asBudgetPredicate(self):
     """This budget variation in a predicate
     """
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getCellRangeForBudgetLine')
+  @security.protected(Permissions.AccessContentsInformation)
   def getCellRangeForBudgetLine(self, budget_line, matrixbox=0):
     """The cell range added by this variation
     """
@@ -72,8 +70,7 @@ class CategoryBudgetVariation(BudgetVariation):
       return [[(i[1], i[0]) for i in item_list if i[1] in variation_category_list]]
     return [[i[1] for i in item_list if i[1] in variation_category_list]]
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getConsumptionCellRangeForBudgetLine')
+  @security.protected(Permissions.AccessContentsInformation)
   def getConsumptionCellRangeForBudgetLine(self, budget_line, matrixbox=0, engaged_budget=False):
     """The cell range added by this variation for consumption
     """
@@ -106,8 +103,7 @@ class CategoryBudgetVariation(BudgetVariation):
       return [[(i[1], i[0]) for i in item_list if i[0] in used_node_item_set]]
     return [[i[1] for i in item_list if i[1] in used_node_item_set]]
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getInventoryQueryDict')
+  @security.protected(Permissions.AccessContentsInformation)
   def getInventoryQueryDict(self, budget_cell):
     """ Query dict to pass to simulation query
     """
@@ -151,8 +147,7 @@ class CategoryBudgetVariation(BudgetVariation):
 
     return query_dict
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getInventoryListQueryDict')
+  @security.protected(Permissions.AccessContentsInformation)
   def getInventoryListQueryDict(self, budget_line):
     """Returns the query dict to pass to simulation query for a budget line
     """
@@ -205,8 +200,7 @@ class CategoryBudgetVariation(BudgetVariation):
       return query_dict
     return {}
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getBudgetVariationRangeCategoryList')
+  @security.protected(Permissions.AccessContentsInformation)
   def getBudgetVariationRangeCategoryList(self, _):
     """Returns the Variation Range Category List that can be applied to this
     budget.
@@ -228,8 +222,7 @@ class CategoryBudgetVariation(BudgetVariation):
                                 checked_permission='View')
 
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getBudgetLineVariationRangeCategoryList')
+  @security.protected(Permissions.AccessContentsInformation)
   def getBudgetLineVariationRangeCategoryList(self, budget_line):
     """Returns the Variation Range Category List that can be applied to this
     budget line.
@@ -260,8 +253,7 @@ class CategoryBudgetVariation(BudgetVariation):
     return getattr(portal.portal_categories.unrestrictedTraverse(base_category),
                         item_list_method)(**item_list_method_parameter_dict)
 
-  security.declareProtected(Permissions.ModifyPortalContent,
-                            'initializeBudgetLine')
+  @security.protected(Permissions.ModifyPortalContent)
   def initializeBudgetLine(self, budget_line):
     """Initialize a budget line
     """
@@ -279,8 +271,7 @@ class CategoryBudgetVariation(BudgetVariation):
       budget_line.setMembershipCriterionBaseCategoryList(
           budget_line_membership_criterion_base_category_list)
 
-  security.declareProtected(Permissions.ModifyPortalContent,
-                            'initializeBudget')
+  @security.protected(Permissions.ModifyPortalContent)
   def initializeBudget(self, budget):
     """Initialize a budget.
     """

bt5/erp5_budget/DocumentTemplateItem/portal_components/document.erp5.NodeBudgetVariation.py

@@ -61,8 +61,7 @@ class NodeBudgetVariation(BudgetVariation):
 
   # zope.interface.implements(BudgetVariation, )
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'asBudgetPredicate')
+  @security.protected(Permissions.AccessContentsInformation)
   def asBudgetPredicate(self):
     """This budget variation in a predicate
     """
@@ -111,8 +110,7 @@ class NodeBudgetVariation(BudgetVariation):
         (self._getNodeTitle(node), addPrefix(node.getRelativeUrl()))
          for node in self._getNodeList(context)]
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getCellRangeForBudgetLine')
+  @security.protected(Permissions.AccessContentsInformation)
   def getCellRangeForBudgetLine(self, budget_line, matrixbox=0):
     """The cell range added by this variation
     """
@@ -122,8 +120,7 @@ class NodeBudgetVariation(BudgetVariation):
       return [[i for i in node_item_list if i[0] in variation_category_list]]
     return [[i[0] for i in node_item_list if i[0] in variation_category_list]]
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getConsumptionCellRangeForBudgetLine')
+  @security.protected(Permissions.AccessContentsInformation)
   def getConsumptionCellRangeForBudgetLine(self, budget_line, matrixbox=0, engaged_budget=False):
     """The cell range added by this variation for consumption
     """
@@ -154,8 +151,7 @@ class NodeBudgetVariation(BudgetVariation):
       return [[i for i in node_item_list if i[0] in used_node_item_set]]
     return [[i[0] for i in node_item_list if i[0] in used_node_item_set]]
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getInventoryQueryDict')
+  @security.protected(Permissions.AccessContentsInformation)
   def getInventoryQueryDict(self, budget_cell):
     """ Query dict to pass to simulation query
     """
@@ -238,8 +234,7 @@ class NodeBudgetVariation(BudgetVariation):
 
     return query_dict
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getInventoryListQueryDict')
+  @security.protected(Permissions.AccessContentsInformation)
   def getInventoryListQueryDict(self, budget_line):
     """Returns the query dict to pass to simulation query for a budget line
     """
@@ -331,24 +326,21 @@ class NodeBudgetVariation(BudgetVariation):
             self.getProperty('variation_base_category'),)
     return key
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getBudgetLineVariationRangeCategoryList')
+  @security.protected(Permissions.AccessContentsInformation)
   def getBudgetLineVariationRangeCategoryList(self, budget_line):
     """Returns the Variation Range Category List that can be applied to this
     budget line.
     """
     return self._getNodeItemList(budget_line)
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getBudgetVariationRangeCategoryList')
+  @security.protected(Permissions.AccessContentsInformation)
   def getBudgetVariationRangeCategoryList(self, budget):
     """Returns the Variation Range Category List that can be applied to this
     budget.
     """
     return self._getNodeItemList(budget)
 
-  security.declareProtected(Permissions.ModifyPortalContent,
-                            'initializeBudgetLine')
+  @security.protected(Permissions.ModifyPortalContent)
   def initializeBudgetLine(self, budget_line):
     """Initialize a budget line
     """
@@ -366,8 +358,7 @@ class NodeBudgetVariation(BudgetVariation):
       budget_line.setMembershipCriterionBaseCategoryList(
           budget_line_membership_criterion_base_category_list)
 
-  security.declareProtected(Permissions.ModifyPortalContent,
-                            'initializeBudget')
+  @security.protected(Permissions.ModifyPortalContent)
   def initializeBudget(self, budget):
     """Initialize a budget.
     """

bt5/erp5_calendar/DocumentTemplateItem/portal_components/document.erp5.GroupCalendarAssignment.py

@@ -43,8 +43,7 @@ class GroupCalendarAssignment(PresencePeriod):
   # to search them by date in the module.
   isDelivery = ConstantGetter('isDelivery', value=True)
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                           'getPeriodList')
+  @security.protected(Permissions.AccessContentsInformation)
   def getPeriodList(self):
     """Returns the list of periods covered by this group calendar assignment.
 

bt5/erp5_calendar/DocumentTemplateItem/portal_components/document.erp5.HolidayAcquisition.py

@@ -42,8 +42,7 @@ class HolidayAcquisition(Event):
   security = ClassSecurityInfo()
   security.declareObjectProtected(Permissions.AccessContentsInformation)
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getInventoriatedQuantity')
+  @security.protected(Permissions.AccessContentsInformation)
   def getInventoriatedQuantity(self, default=None, *args, **kw):
     default_quantity = self.getQuantity()
     if self.getProperty('is_total_holiday', False):

bt5/erp5_calendar/DocumentTemplateItem/portal_components/document.erp5.LeavePeriod.py

@@ -59,8 +59,7 @@ class LeavePeriod(PresencePeriod):
                     , PropertySheet.SortIndex
                     )
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getInventoriatedQuantity')
+  @security.protected(Permissions.AccessContentsInformation)
   def getInventoriatedQuantity(self, default=None, *args, **kw):
     """
     Surcharged accessor to calculate the Quantity in second.

bt5/erp5_calendar/DocumentTemplateItem/portal_components/document.erp5.PresencePeriod.py

@@ -65,16 +65,14 @@ class PresencePeriod(Movement, PeriodicityMixin):
                     , PropertySheet.SortIndex
                     )
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'isAccountable')
+  @security.protected(Permissions.AccessContentsInformation)
   def isAccountable(self):
     """
     For now, consider that it's always accountable
     """
     return 1
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getInventoriatedQuantity')
+  @security.protected(Permissions.AccessContentsInformation)
   def getInventoriatedQuantity(self, default=None, *args, **kw):
     """
     Surcharged accessor to calculate the Quantity in second
@@ -91,8 +89,7 @@ class PresencePeriod(Movement, PeriodicityMixin):
         quantity = default
     return quantity
 
-  security.declareProtected( Permissions.AccessContentsInformation,
-                             'asMovementList')
+  @security.protected(Permissions.AccessContentsInformation)
   def asMovementList(self):
     """
     Generate multiple movement from a single one.
@@ -114,8 +111,7 @@ class PresencePeriod(Movement, PeriodicityMixin):
         result.append(self.asContext(self, **period_data))
     return result
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getCalendarPeriodExceptionValueList')
+  @security.protected(Permissions.AccessContentsInformation)
   def getCalendarPeriodExceptionValueList(self):
     """
     Return a list of objects that allows te define exception to the

bt5/erp5_certificate_authority/DocumentTemplateItem/portal_components/document.erp5_certificate_authority.Person.py

@@ -26,15 +26,14 @@ class Person(ERP5Person):
     certificate_login.validate()
     return certificate_dict
 
-  security.declarePublic('generateCertificate')
+  @security.public
   def generateCertificate(self):
     """Returns new SSL certificate
        This API was kept for backward compatibility"""
     self.checkCertificateRequest()
     return self._generateCertificate()
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getTitle')
+  @security.protected(Permissions.AccessContentsInformation)
   def getTitle(self, **kw):
     """
       Returns the title if it exists or a combination of

bt5/erp5_certificate_authority/MixinTemplateItem/portal_components/mixin.erp5.CertificateLoginMixin.py

@@ -63,14 +63,14 @@ class CertificateLoginMixin:
     else:
       raise ValueError("No certificate found to revoke!")
 
-  security.declarePublic('getCertificate')
+  @security.public
   def getCertificate(self):
     """Returns new SSL certificate"""
     if self.getDestinationReference() is not None:
       raise ValueError("Certificate was already issued, please revoke first.")
     return self._getCertificate()
 
-  security.declarePublic('revokeCertificate')
+  @security.public
   def revokeCertificate(self):
     """Revokes existing certificate"""
     self._revokeCertificate()

bt5/erp5_certificate_authority/ToolComponentTemplateItem/portal_components/tool.erp5.CertificateAuthorityTool.py

@@ -134,7 +134,7 @@ class CertificateAuthorityTool(BaseTool):
       if not os.path.isfile(f):
         raise CertificateAuthorityDamaged('File %r does not exists.' % f)
 
-  security.declarePrivate('manage_afterAdd')
+  @security.private
   def manage_afterAdd(self, item, container) :
     """Init permissions right after creation.
 
@@ -157,8 +157,7 @@ class CertificateAuthorityTool(BaseTool):
                    'CertificateAuthorityTool_editPropertyList'),
       __name__='manage_editCertificateAuthorityToolForm')
 
-  security.declareProtected(Permissions.ManageProperties,
-      'manage_editCertificateAuthorityTool')
+  @security.protected(Permissions.ManageProperties)
   def manage_editCertificateAuthorityTool(self, certificate_authority_path,
       RESPONSE=None):
     """Edit the object"""
@@ -181,8 +180,7 @@ class CertificateAuthorityTool(BaseTool):
                           % (self.absolute_url(), message)
                           )
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-      'getNewCertificate')
+  @security.protected(Permissions.AccessContentsInformation)
   def getNewCertificate(self, common_name):
     # No docstring in order to make this method non publishable
     # Returns certificate for passed common name, as dictionary of
@@ -240,8 +238,7 @@ class CertificateAuthorityTool(BaseTool):
     finally:
       self._unlockCertificateAuthority()
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-      'revokeCertificate')
+  @security.protected(Permissions.AccessContentsInformation)
   def revokeCertificate(self, serial):
     # No docstring in order to make this method non publishable
     # Revokes certificate with serial, returns dictionary {crl}
@@ -295,8 +292,7 @@ class CertificateAuthorityTool(BaseTool):
       raise ValueError('No certificate for %r' % common_name)
     return [l.split('\t')[3] for l in valid_line_list]
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-    'revokeCertificateByCommonName')
+  @security.protected(Permissions.AccessContentsInformation)
   def revokeCertificateByCommonName(self, common_name):
     self._checkCertificateAuthority()
     for serial in self._getValidSerial(common_name):

bt5/erp5_computer_immobilisation/DocumentTemplateItem/portal_components/document.erp5.InternetProtocolAddress.py

@@ -64,7 +64,7 @@ class InternetProtocolAddress(Coordinate):
         kw_dict[name] = value
     return kw_dict
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'asText')
+  @security.protected(Permissions.AccessContentsInformation)
   def asText(self):
     """
     Return the address as a complete formatted string.
@@ -87,7 +87,7 @@ class InternetProtocolAddress(Coordinate):
                                     self._splitCoordinateText(self.getCoordinateText())))
     return result
 
-  security.declareProtected(Permissions.ModifyPortalContent, 'fromText')
+  @security.protected(Permissions.ModifyPortalContent)
   @deprecated
   def fromText(self, coordinate_text):
     """Save given data then continue parsing
@@ -116,7 +116,7 @@ dns_server_ip_address:192.168.0.1
 gateway_ip_address:192.168.0.1
 network_interface:eth0"""
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'isDetailed')
+  @security.protected(Permissions.AccessContentsInformation)
   def isDetailed(self):
     for prop in self.portal_property_sheets.\
            InternetProtocolAddress.objectValues(

bt5/erp5_configurator/DocumentTemplateItem/portal_components/document.erp5.BusinessConfiguration.py

@@ -262,7 +262,7 @@ class BusinessConfiguration(Item):
                     , PropertySheet.Comment
                     )
 
-  security.declareProtected(Permissions.View, 'isInitialConfigurationState')
+  @security.protected(Permissions.View)
   def isInitialConfigurationState(self):
     """ Check if the Business Configuration is on initial workflow state
     """
@@ -271,20 +271,19 @@ class BusinessConfiguration(Item):
       return self.getCurrentState() == workflow.getSource()
     return None
 
-  security.declareProtected(Permissions.View, 'isDownloadConfigurationState')
+  @security.protected(Permissions.View)
   def isDownloadConfigurationState(self):
     """ Check if the Business Configuration is on Download State
     """
     return self.getCurrentStateTitle() == DOWNLOAD_STATE_TITLE
 
-  security.declareProtected(Permissions.View, 'isEndConfigurationState')
+  @security.protected(Permissions.View)
   def isEndConfigurationState(self):
     """ Check if the Business Configuration is on End State
     """
     return self.getCurrentStateTitle() == END_STATE_TITLE
 
-  security.declareProtected(Permissions.ModifyPortalContent, \
-      'initializeWorkflow')
+  @security.protected(Permissions.ModifyPortalContent)
   def initializeWorkflow(self):
     """ Initialize Related Workflow"""
     workflow = self.getResourceValue()
@@ -311,7 +310,7 @@ class BusinessConfiguration(Item):
 
       workflow.notifyCreated(self)
 
-  security.declareProtected(Permissions.View, 'getNextTransition')
+  @security.protected(Permissions.View)
   def getNextTransition(self):
     """ Return next transition. """
     current_state = self.getCurrentStateValue()
@@ -326,7 +325,7 @@ class BusinessConfiguration(Item):
 
     return transition_list[0]
 
-  security.declarePrivate('_executeTransition')
+  @security.private
   def _executeTransition(self, \
                         form_kw=None,
                         request_kw=None):
@@ -360,7 +359,7 @@ class BusinessConfiguration(Item):
     form_kw['transition'] = transition.getRelativeUrl()
     executeTransition(current_state, transition, self, form_kw=form_kw)
 
-  security.declarePrivate('_displayNextForm')
+  @security.private
   def _displayNextForm(self, \
                        validation_errors=None, \
                        context=None, \
@@ -394,7 +393,7 @@ class BusinessConfiguration(Item):
         return previous, form_html, form_title, \
                translate(transition.getTitle())
 
-  security.declarePrivate('_renderFormInContext')
+  @security.private
   def _renderFormInContext(self, form_id, context, validation_errors):
     html = ""
     html_forms = []
@@ -445,7 +444,7 @@ class BusinessConfiguration(Item):
     title = form.title
     return html, title
 
-  security.declarePrivate('_displayPreviousForm')
+  @security.private
   def _displayPreviousForm(self):
     """ Render previous form using workflow history. """
     workflow_history = getWorkflowHistory(self.getCurrentStateValue(), self, remove_undo=1)
@@ -463,14 +462,14 @@ class BusinessConfiguration(Item):
            transition.getTransitionFormId() is not None:
         return  self._displayNextForm(context=conf_save, transition=transition)
 
-  security.declarePrivate('_validateNextForm')
+  @security.private
   def _validateNextForm(self, **kw):
     """ Validate the form displayed to the user. """
     REQUEST = self.REQUEST
     form = getattr(self, self.getNextTransition().getTransitionFormId())
     return _validateFormToRequest(form, REQUEST, **kw)
 
-  security.declarePrivate('_getConfSaveForStateFromWorkflowHistory')
+  @security.private
   def _getConfSaveForStateFromWorkflowHistory(self):
     """ Get from workflow history configuration save for this state """
     configuration_save = None
@@ -483,7 +482,7 @@ class BusinessConfiguration(Item):
         configuration_save = self.unrestrictedTraverse(wh['configuration_save_url'])
     return configuration_save
 
-  security.declarePrivate('_isAlreadyConfSaveInWorkflowHistory')
+  @security.private
   def _isAlreadyConfSaveInWorkflowHistory(self, transition):
     """ check if we have an entry in worklow history for this state """
     current_state = self.getCurrentStateValue()
@@ -498,7 +497,7 @@ class BusinessConfiguration(Item):
           return True
     return False
 
-  security.declarePrivate('_isMultiEntryTransition')
+  @security.private
   def _isMultiEntryTransition(self):
     """ Return number of multiple forms to show for a transition. """
     next_transition = self.getNextTransition()
@@ -515,7 +514,7 @@ class BusinessConfiguration(Item):
       ## no transitions available
       return 0
 
-  security.declareProtected(Permissions.ModifyPortalContent, 'setMultiEntryTransition')
+  @security.protected(Permissions.ModifyPortalContent)
   def setMultiEntryTransition(self, transition_url, max_entry_number):
     """ Set a transition as multiple - i.e max_entry_number of forms
         which will be rendered. This method is called in after scripts
@@ -524,7 +523,7 @@ class BusinessConfiguration(Item):
       self._multi_entry_transitions = PersistentMapping()
     self._multi_entry_transitions[transition_url] = max_entry_number
 
-  security.declareProtected(Permissions.ModifyPortalContent, 'setGlobalConfigurationAttr')
+  @security.protected(Permissions.ModifyPortalContent)
   def setGlobalConfigurationAttr(self, **kw):
     """ Set global business configuration attribute. """
     if getattr(aq_base(self),
@@ -533,13 +532,13 @@ class BusinessConfiguration(Item):
     for key, value in kw.items():
       self._global_configuration_attributes[key] = value
 
-  security.declareProtected(Permissions.View, 'getGlobalConfigurationAttr')
+  @security.protected(Permissions.View)
   def getGlobalConfigurationAttr(self, key, default=None):
     """ Get global business configuration attribute. """
     return getattr(self, '_global_configuration_attributes', {}).get(key, default)
 
   ############# Instance and Business Configuration ########################
-  security.declareProtected(Permissions.ModifyPortalContent, 'buildConfiguration')
+  @security.protected(Permissions.ModifyPortalContent)
   def buildConfiguration(self):
     """
       Build list of business templates according to already saved
@@ -576,19 +575,19 @@ class BusinessConfiguration(Item):
   # Business Configuration are Item, which inherits from Amount and expect the
   # resource category document to be an actual resource, but in the case of
   # Business Configuration it is a Workflow.
-  security.declareProtected(Permissions.AccessContentsInformation, 'getPrice')
+  @security.protected(Permissions.AccessContentsInformation)
   def getPrice(self, *args, **kw):
     """Business Configuration have no price
     """
     return None
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'getBaseUnitPrice')
+  @security.protected(Permissions.AccessContentsInformation)
   def getBaseUnitPrice(self, *args, **kw):
     """Business Configuration have no base unit price
     """
     return None
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'getVariationBaseCategoryList')
+  @security.protected(Permissions.AccessContentsInformation)
   def getVariationBaseCategoryList(self, *args, **kw):
     """Business Configuration have no variation base category list
     """

bt5/erp5_configurator/DocumentTemplateItem/portal_components/document.erp5.CategoriesSpreadsheetConfiguratorItem.py

@@ -115,8 +115,7 @@ class CategoriesSpreadsheetConfiguratorItem(ConfiguratorItemMixin, XMLObject):
       aq_self._category_cache = self.Base_getCategoriesSpreadSheetMapping(
                     io.BytesIO(self.getDefaultConfigurationSpreadsheetData()))
 
-  security.declareProtected(Permissions.ModifyPortalContent,
-                           'setDefaultConfigurationSpreadsheetFile')
+  @security.protected(Permissions.ModifyPortalContent)
   def setDefaultConfigurationSpreadsheetFile(self, *args, **kw):
     """Reset the spreadsheet cache."""
     self._setDefaultConfigurationSpreadsheetFile(*args, **kw)
@@ -127,8 +126,7 @@ class CategoriesSpreadsheetConfiguratorItem(ConfiguratorItemMixin, XMLObject):
                            'setConfigurationSpreadsheetFile')
   setConfigurationSpreadsheetFile = setDefaultConfigurationSpreadsheetFile
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                           'getCategoryTitleItemList')
+  @security.protected(Permissions.AccessContentsInformation)
   def getCategoryTitleItemList(self, base_category_id, base=0):
     """Returns title item list for a base category contained in this
     spreadsheet.

bt5/erp5_configurator/ToolComponentTemplateItem/portal_components/tool.erp5.ConfiguratorTool.py

@@ -319,7 +319,7 @@ class ConfiguratorTool(BaseTool):
         business_configuration=business_configuration)
     return response
 
-  security.declarePublic('getInstallationStatusReport')
+  @security.public
   def getInstallationStatusReport(self,
                           active_process_id=None, REQUEST=None):
     """ Query local ERP5 instance for installation status.
@@ -341,7 +341,7 @@ class ConfiguratorTool(BaseTool):
         'text/html; charset=utf-8')
     return html
 
-  security.declareProtected(Permissions.ModifyPortalContent, 'startInstallation')
+  @security.protected(Permissions.ModifyPortalContent)
   def startInstallation(self, business_configuration, REQUEST):
     """ Start installation process as an activity which will
         download/install bt5 template files and meanwhile offer

bt5/erp5_core_test/TestTemplateItem/portal_components/test.erp5.testPreferences.py

@@ -267,7 +267,7 @@ class TestPreferences(PropertySheetTestCase):
     try :
       pref_tool.getPreferredNotExistingPreference()
       self.fail('Attribute error should be raised for dummy methods')
-    except AttributeError :
+    except AttributeError:
       pass
 
   def test_SetPreference(self):

bt5/erp5_credential/DocumentTemplateItem/portal_components/document.erp5.CredentialRecovery.py

@@ -53,8 +53,7 @@ class CredentialRecovery(Ticket, EncryptedPasswordMixin):
                     , PropertySheet.Url
                     )
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'isAnswerCorrect')
+  @security.protected(Permissions.AccessContentsInformation)
   def isAnswerCorrect(self):
     '''
     Check if the given answer match the real answer

bt5/erp5_credential/DocumentTemplateItem/portal_components/document.erp5.CredentialRequest.py

@@ -58,8 +58,7 @@ class CredentialRequest(EncryptedPasswordMixin, Ticket):
     # all passwords are acceptable on Credential Request
     pass
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getTitle')
+  @security.protected(Permissions.AccessContentsInformation)
   def getTitle(self, **kw):
     """
       Returns the title if it exists or a combination of
@@ -77,8 +76,7 @@ class CredentialRequest(EncryptedPasswordMixin, Ticket):
     else:
       return self.title
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'hasTitle')
+  @security.protected(Permissions.AccessContentsInformation)
   def hasTitle(self):
     return self.title or self.hasFirstName() or self.hasLastName()
 

bt5/erp5_crm/DocumentTemplateItem/portal_components/document.erp5.Ticket.py

@@ -74,7 +74,7 @@ class Ticket(Project):
                     , PropertySheet.Ticket
                     )
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'isAccountable')
+  @security.protected(Permissions.AccessContentsInformation)
   def isAccountable(self):
     """Tickets are accountable.
     """

bt5/erp5_dms/DocumentTemplateItem/portal_components/document.erp5.ExternalSource.py

@@ -110,28 +110,28 @@ class ExternalSource(XMLObject, UrlMixin, CrawlableMixin):
                     )
 
   # Crawling API
-  security.declareProtected(Permissions.ModifyPortalContent, 'crawlContent')
+  @security.protected(Permissions.ModifyPortalContent)
   def crawlContent(self):
     """
     Creates the initial content from the URL by crawling the root
     """
     self.portal_contributions.crawlContent(self, container=self)
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'getContentURLList')
+  @security.protected(Permissions.AccessContentsInformation)
   def getContentURLList(self):
     """
     Returns the root of the crawling process
     """
     return [self.asURL()]
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'getContentBaseURL')
+  @security.protected(Permissions.AccessContentsInformation)
   def getContentBaseURL(self):
     """
     Returns None to force crawler to ignore this parameter
     """
     return None
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'isIndexContent')
+  @security.protected(Permissions.AccessContentsInformation)
   def isIndexContent(self, content=None):
     """
       This method is able to tell if content object is an index or
@@ -149,7 +149,7 @@ class ExternalSource(XMLObject, UrlMixin, CrawlableMixin):
       return False
     return method(content)
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'isExternalDocument')
+  @security.protected(Permissions.AccessContentsInformation)
   def isExternalDocument(self):
     """
     Return true if this document was obtained from an external source
@@ -158,7 +158,7 @@ class ExternalSource(XMLObject, UrlMixin, CrawlableMixin):
     return 1
 
   # Search API
-  security.declareProtected(Permissions.SearchCatalog, 'searchResults')
+  @security.protected(Permissions.SearchCatalog)
   def searchResults(self, **kw):
     """
     Search results. There is no notion of security here since
@@ -176,7 +176,7 @@ class ExternalSource(XMLObject, UrlMixin, CrawlableMixin):
     method = self._getTypeBasedMethod('searchResults')
     return method(**kw)
 
-  security.declareProtected(Permissions.SearchCatalog, 'countResults')
+  @security.protected(Permissions.SearchCatalog)
   def countResults(self, **kw):
     """
     Count results. There is no notion of security here since

bt5/erp5_dms/DocumentTemplateItem/portal_components/document.erp5.PDFDocument.py

@@ -72,8 +72,7 @@ class PDFDocument(Image):
                     , PropertySheet.Periodicity
                     )
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getWatermarkedData')
+  @security.protected(Permissions.AccessContentsInformation)
   def getWatermarkedData(self, watermark_data, repeat_watermark=True,
                          watermark_start_page=0, **kw):
     """See interface
@@ -158,7 +157,7 @@ class PDFDocument(Image):
         kw['frame'] = 0
       return Image._convert(self, format, **kw)
 
-  security.declareProtected(Permissions.ModifyPortalContent, 'populateContent')
+  @security.protected(Permissions.ModifyPortalContent)
   def populateContent(self):
     """
       Convert each page to an Image and populate the
@@ -167,7 +166,7 @@ class PDFDocument(Image):
     """
     raise NotImplementedError
 
-  security.declarePrivate('_convertToText')
+  @security.private
   def _convertToText(self, format='txt'):  # pylint: disable=redefined-builtin
     """Convert the PDF to text
 
@@ -255,7 +254,7 @@ class PDFDocument(Image):
           text += result
       return text
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'getSizeFromImageDisplay')
+  @security.protected(Permissions.AccessContentsInformation)
   def getSizeFromImageDisplay(self, image_display):
     """
     Return the size for this image display, or None if this image display name
@@ -269,7 +268,7 @@ class PDFDocument(Image):
     else:
       return Image.getSizeFromImageDisplay(self, image_display)
 
-  security.declarePrivate('_convertToHTML')
+  @security.private
   def _convertToHTML(self):
     """Convert the PDF text content to HTML with pdftohtml
     """
@@ -299,7 +298,7 @@ class PDFDocument(Image):
                                                           'href="asEntireHTML')
     return h
 
-  security.declarePrivate('_convertToDJVU')
+  @security.private
   def _convertToDJVU(self):
     """Convert the PDF text content to DJVU with pdf2djvu
     """
@@ -323,7 +322,7 @@ class PDFDocument(Image):
       tmp.close()
     return command_result
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'getContentInformation')
+  @security.protected(Permissions.AccessContentsInformation)
   def getContentInformation(self):
     """Returns the information about the PDF document with pdfinfo.
     """

bt5/erp5_email_reader/DocumentTemplateItem/portal_components/document.erp5.EmailReader.py

@@ -279,7 +279,7 @@ class EmailReader(ExternalSource):
   MAX_UID_LIST_SIZE = 100 # The number of messages to ingest at once
 
   ### Implementation - generic part - IMAP independent
-  security.declareProtected(Permissions.ModifyPortalContent, 'crawlContent')
+  @security.protected(Permissions.ModifyPortalContent)
   def crawlContent(self):
     """
       Starts the reading process by invoking ingestMessageList on every
@@ -307,7 +307,7 @@ class EmailReader(ExternalSource):
                   after_tag=list_activity_tag).crawlMessageFolderList(folder_list)
     # XXX - Start with default one and only use filtered mailboxes if defined
 
-  security.declareProtected(Permissions.ModifyPortalContent, 'crawlMessageFolderList')
+  @security.protected(Permissions.ModifyPortalContent)
   def crawlMessageFolderList(self, message_folder_list):
     """
       Take the first folder in the message_folder_list and start
@@ -354,7 +354,7 @@ class EmailReader(ExternalSource):
       self.activate(activity='SQLQueue', priority=2,
                   after_tag=list_activity_tag).crawlMessageFolderList(message_folder_list)
 
-  security.declareProtected(Permissions.ModifyPortalContent, 'ingestMessage')
+  @security.protected(Permissions.ModifyPortalContent)
   def ingestMessage(self, uid, message_folder=None):
     """
       Ingest a single message
@@ -381,7 +381,7 @@ class EmailReader(ExternalSource):
                                    portal_type='Email Thread') # It would be good to make this implicit
       LOG('ingestMessage in folder: %s' % message_folder, INFO, str(uid))
 
-  security.declareProtected(Permissions.ModifyPortalContent, 'ingestMessageList')
+  @security.protected(Permissions.ModifyPortalContent)
   def ingestMessageList(self, uid_list, message_folder=None):
     """
       Ingest a collection of messages defined by uid_list and stored
@@ -417,14 +417,14 @@ class EmailReader(ExternalSource):
                     tag=list_activity_tag).ingestMessageList(
                 uid_list[self.MAX_UID_LIST_SIZE:], message_folder=message_folder)
 
-  security.declareProtected(Permissions.ModifyPortalContent, 'resetMessageIngestionCache')
+  @security.protected(Permissions.ModifyPortalContent)
   def resetMessageIngestionCache(self):
     """
     Reset the caches related to message ingestion.
     """
     self._latest_uid = {} # Keeps track of latest ingested
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'getMessageID')
+  @security.protected(Permissions.AccessContentsInformation)
   def getMessageID(self, uid, message_folder=None):
     """
       Returns the ID of a message based on the UID and
@@ -434,7 +434,7 @@ class EmailReader(ExternalSource):
       return str(uid)
     return "%s-%s" % (message_folder.replace('/','.'), uid) # Can this be configurable, based on what ? date?
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'getMessageFolderList')
+  @security.protected(Permissions.AccessContentsInformation)
   @transactional_cached()
   def getMessageFolderList(self):
     """

bt5/erp5_forge/DocumentTemplateItem/portal_components/document.erp5.Bug.py

@@ -54,7 +54,7 @@ class Bug(Ticket):
                     , PropertySheet.Bug
                     )
 
-  security.declarePrivate('manage_afterClone')
+  @security.private
   def manage_afterClone(self, item):
     Ticket.manage_afterClone(self, item)
     # delete existing bug lines

bt5/erp5_forge/ModuleComponentTemplateItem/portal_components/module.erp5.Git.py

@@ -78,7 +78,7 @@ class Git(WorkingCopy):
       raise GitInstallationError("git command cannot be executed: %s" % \
                                    e.strerror)
 
-  security.declarePrivate('git')
+  @security.private
   def git(self, *args, **kw):
     strip = kw.pop('strip', True)
     p = self._git(stdout=subprocess.PIPE, stderr=subprocess.PIPE, *args, **kw)
@@ -106,7 +106,7 @@ class Git(WorkingCopy):
     login_list.append((remote_url, user, password))
     self._setCookie(self._login_cookie_name, login_list)
 
-  security.declarePrivate('remote_git')
+  @security.private
   def remote_git(self, *args, **kw):
     try:
       env = kw['env']

bt5/erp5_forge/ModuleComponentTemplateItem/portal_components/module.erp5.SubversionClient.py

@@ -81,7 +81,7 @@ class SubversionLoginError(SubversionError):
   def __init__(self, realm = None):  # pylint:disable=super-init-not-called
     self._realm = realm
 
-  security.declarePublic('getRealm')
+  @security.public
   def getRealm(self):
     return self._realm
 
@@ -97,7 +97,7 @@ class SubversionSSLTrustError(SubversionError):
   def __init__(self, trust_dict = None):  # pylint:disable=super-init-not-called
     self._trust_dict = trust_dict
 
-  security.declarePublic('getTrustDict')
+  @security.public
   def getTrustDict(self):
     return self._trust_dict
 

bt5/erp5_hr_calendar/DocumentTemplateItem/portal_components/document.erp5.PublicHoliday.py

@@ -38,7 +38,7 @@ class PublicHoliday(XMLObject):
   security = ClassSecurityInfo()
   security.declareObjectProtected(Permissions.AccessContentsInformation)
 
-  security.declarePublic('reindexObject')
+  @security.public
   def reindexObject(self, *args, **kw):
     """
     We need to reindex lines also

bt5/erp5_immobilisation/DocumentTemplateItem/portal_components/document.erp5.AmortisationRule.py

@@ -71,7 +71,7 @@ class AmortisationRule(RuleMixin):
 
 
     # Simulation workflow
-    security.declareProtected(Permissions.ModifyPortalContent, 'expand')
+    @security.protected(Permissions.ModifyPortalContent)
     def expand(self, applied_rule, expand_policy=None, activate_kw={}):
       """
         Expands the current movement downward.
@@ -692,7 +692,7 @@ class AmortisationRule(RuleMixin):
       movement_list.append( movement_dict )
 
 
-    security.declareProtected(Permissions.View, '_getAccountingMovement')
+    @security.protected(Permissions.View)
     def _getAccountingMovement(self, immo_period, previous_period, next_period, period_number=0, item=None, **kw):
       """
       Calculates the value of accounting movements during the given period

bt5/erp5_immobilisation/DocumentTemplateItem/portal_components/document.erp5.Immobilisation.py

@@ -68,7 +68,7 @@ class Immobilisation(Delivery, XMLObject):
                       , PropertySheet.Amortisation
                       )
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'isMovement')
+  @security.protected(Permissions.AccessContentsInformation)
   def isMovement(self, **kw):
     """
     An Immobilisation must not be indexed in stock table, so it is not a Movement

bt5/erp5_ingestion/ToolComponentTemplateItem/portal_components/tool.erp5.UrlRegistryTool.py

@@ -80,8 +80,7 @@ class UrlRegistryTool(BaseTool):
     namespace = reference_mapping_namespace + preferred_namespace
     return BTreeMappingDict(namespace).__of__(self)
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getURLMappingContainerFromContext')
+  @security.protected(Permissions.AccessContentsInformation)
   def getURLMappingContainerFromContext(self, context):
     """
     Return the container of mapping according given context.
@@ -95,8 +94,7 @@ class UrlRegistryTool(BaseTool):
     return self
 
 
-  security.declareProtected(Permissions.ManagePortal,
-                            'clearUrlRegistryTool')
+  @security.protected(Permissions.ManagePortal)
   def clearUrlRegistryTool(self, context=None):
     """
     Unregister all namespaces.
@@ -105,8 +103,7 @@ class UrlRegistryTool(BaseTool):
       warn('context argument ignored', DeprecationWarning)
     self._initBTree()
 
-  security.declareProtected(Permissions.ModifyPortalContent,
-                            'registerURL')
+  @security.protected(Permissions.ModifyPortalContent)
   def registerURL(self, url, reference, context=None):
     """
     Compute namespace key.
@@ -121,8 +118,7 @@ class UrlRegistryTool(BaseTool):
       return
     mapping[url] = reference
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getReferenceFromURL')
+  @security.protected(Permissions.AccessContentsInformation)
   def getReferenceFromURL(self, url, context=None):
     """
     Return reference according provided url,
@@ -132,8 +128,7 @@ class UrlRegistryTool(BaseTool):
       warn('context argument ignored', DeprecationWarning)
     return self._getMappingDict()[url]
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getReferenceList')
+  @security.protected(Permissions.AccessContentsInformation)
   def getReferenceList(self, context=None):
     """
     Return all references according to the given context.
@@ -143,8 +138,7 @@ class UrlRegistryTool(BaseTool):
     return self._getMappingDict().values()
 
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getURLListFromReference')
+  @security.protected(Permissions.AccessContentsInformation)
   def getURLListFromReference(self, reference, context=None):
     """
     """
@@ -157,8 +151,7 @@ class UrlRegistryTool(BaseTool):
         url_list.append(url)
     return url_list
 
-  security.declareProtected(Permissions.ModifyPortalContent,
-                            'updateUrlRegistryTool')
+  @security.protected(Permissions.ModifyPortalContent)
   def updateUrlRegistryTool(self):
     """
     Fetch all document path, then call in activities

bt5/erp5_interface_post/DocumentTemplateItem/portal_components/document.erp5.InternetMessagePost.py

@@ -49,7 +49,7 @@ class InternetMessagePost(Item, MailMessageMixin):
   def _getMessage(self):
     return message_from_bytes(self.getData())
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'stripMessageId')
+  @security.protected(Permissions.AccessContentsInformation)
   def stripMessageId(self, message_id):
     """
     In rfc5322 headers, message-ids may follow the syntax "<msg-id>" in
@@ -63,7 +63,7 @@ class InternetMessagePost(Item, MailMessageMixin):
         message_id = message_id[:-1]
     return message_id
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'getReference')
+  @security.protected(Permissions.AccessContentsInformation)
   def getReference(self):
     return self.stripMessageId(self.getSourceReference())
 

bt5/erp5_interfaces/DocumentTemplateItem/portal_components/document.erp5.SOAPBinding.py

@@ -74,8 +74,8 @@ class SOAPBinding(Base):
 
   _service_class_dict = {}
 
-  security.declarePrivate('registerServiceClass')
   @classmethod
+  @security.private
   def registerServiceClass(cls, service_class):
     path = '%s.%s' % (service_class.__module__, service_class.__name__)
     cls._service_class_dict[path] = service_class
@@ -85,7 +85,7 @@ class SOAPBinding(Base):
     return sorted(('%s (%s)' % (v.__name__, v.__module__), k)
                   for k, v in six.iteritems(cls._service_class_dict))
 
-  security.declarePrivate('getListItemUrl')
+  @security.private
   def getListItemUrl(self, *args):
     return self.getId() + '/view'
 

bt5/erp5_invoicing/DocumentTemplateItem/portal_components/document.erp5.InvoiceRootSimulationRule.py

@@ -44,8 +44,7 @@ class InvoiceRootSimulationRule(DeliveryRootSimulationRule):
   security = ClassSecurityInfo()
   security.declareObjectProtected(Permissions.AccessContentsInformation)
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'isAccountable')
+  @security.protected(Permissions.AccessContentsInformation)
   def isAccountable(self, movement):
     """
     Tells whether generated movement needs to be accounted or not.

bt5/erp5_invoicing/DocumentTemplateItem/portal_components/document.erp5.InvoiceSimulationRule.py

@@ -65,8 +65,7 @@ class InvoiceSimulationRule(RuleMixin, MovementCollectionUpdaterMixin):
     PropertySheet.Rule
     )
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'isAccountable')
+  @security.protected(Permissions.AccessContentsInformation)
   def isAccountable(self, movement):
     """
     Tells whether generated movement needs to be accounted or not.

bt5/erp5_item/DocumentTemplateItem/portal_components/document.erp5.ImplicitItemMovement.py

@@ -15,8 +15,7 @@ class ImplicitItemMovement(DeliveryLine):
   security = ClassSecurityInfo()
   security.declareObjectProtected(Permissions.AccessContentsInformation)
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'isAccountable')
+  @security.protected(Permissions.AccessContentsInformation)
   def isAccountable(self):
     """
       Returns 1 if this needs to be accounted
@@ -25,8 +24,7 @@ class ImplicitItemMovement(DeliveryLine):
     """
     return not self.hasCellContent()
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getRootDeliveryValue')
+  @security.protected(Permissions.AccessContentsInformation)
   def getRootDeliveryValue(self):
     """
     Returns the root delivery responsible of this line

bt5/erp5_json_type/DocumentTemplateItem/portal_components/document.erp5.JSONType.py

@@ -53,7 +53,7 @@ class JSONType(XMLObject):
   security = ClassSecurityInfo()
   security.declareObjectProtected(Permissions.AccessContentsInformation)
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'validateLocalJSONSchema')
+  @security.protected(Permissions.AccessContentsInformation)
   def validateLocalJSONSchema(self, list_error=False):
     """
     Validate contained JSON with the Schema defined in the Portal Type.
@@ -75,19 +75,19 @@ class JSONType(XMLObject):
       return err
     return True
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'validateJSONSchema')
+  @security.protected(Permissions.AccessContentsInformation)
   def validateJSONSchema(self, list_error=False):
     return self.validateLocalJSONSchema(list_error=list_error)
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'validateJsonSchema')
+  @security.protected(Permissions.AccessContentsInformation)
   def validateJsonSchema(self, list_error=False):
     # Deprecated, please use validateJSONSchema
     return self.validateJSONSchema(list_error=list_error)
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'asJSONText')
+  @security.protected(Permissions.AccessContentsInformation)
   def asJSONText(self):
     return self.getTextContent()
 
-  security.declareProtected(Permissions.ModifyPortalContent, 'fromJSONText')
+  @security.protected(Permissions.ModifyPortalContent)
   def fromJSONText(self, json_text):
     return self.setTextContent(json_text)
\ No newline at end of file

bt5/erp5_mrp/DocumentTemplateItem/portal_components/document.erp5.ManufacturingExecutionCell.py

@@ -55,8 +55,7 @@ class ManufacturingExecutionCell(DeliveryCell):
                     , PropertySheet.ItemAggregation
                     )
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'hasCellContent')
+  @security.protected(Permissions.AccessContentsInformation)
   def hasCellContent(self, base_id='movement'):
     """A cell cannot have cell content itself.
     """

bt5/erp5_mrp/DocumentTemplateItem/portal_components/document.erp5.ManufacturingExecutionLine.py

@@ -56,7 +56,7 @@ class ManufacturingExecutionLine(DeliveryLine):
                     , PropertySheet.ItemAggregation
                     )
 
-  security.declareProtected( Permissions.ModifyPortalContent, 'newCellContent')
+  @security.protected(Permissions.ModifyPortalContent)
   def newCellContent(self, id, portal_type='Manufacturing Execution Cell', **kw): # pylint: disable=redefined-builtin
     """Overriden to specify default portal type
     """

bt5/erp5_mrp_legacy/DocumentTemplateItem/portal_components/document.erp5.ProductionReportCell.py

@@ -59,8 +59,7 @@ class ProductionReportCell(DeliveryCell):
                       )
 
 
-    security.declareProtected(Permissions.AccessContentsInformation,
-                              'hasCellContent')
+    @security.protected(Permissions.AccessContentsInformation)
     def hasCellContent(self, base_id='movement'):
       """A cell cannot have cell content itself.
       """

bt5/erp5_mrp_legacy/DocumentTemplateItem/portal_components/document.erp5.ProductionReportLine.py

@@ -56,7 +56,7 @@ class ProductionReportLine(DeliveryLine):
                     , PropertySheet.ItemAggregation
                     )
 
-  security.declareProtected( Permissions.ModifyPortalContent, 'newCellContent')
+  @security.protected(Permissions.ModifyPortalContent)
   def newCellContent(self, id, portal_type='Production Report Cell', **kw):
     """Overriden to specify default portal type
     """

bt5/erp5_multimedia/DocumentTemplateItem/portal_components/document.erp5.Sound.py

@@ -31,7 +31,7 @@ class Sound(File):
                     , PropertySheet.Periodicity
     )
 
-  security.declareProtected(Permissions.View, 'index_html')
+  @security.protected(Permissions.View)
   def index_html(self, REQUEST, RESPONSE, format=_MARKER, inline=_MARKER, **kw):
     """XXXXXX"""
     range = REQUEST.get_header('Range', None)

bt5/erp5_oauth2_authorisation/DocumentTemplateItem/portal_components/document.erp5.OAuth2AuthorisationServerConnector.py

@@ -1009,7 +1009,7 @@ class OAuth2AuthorisationServerConnector(XMLObject):
   #
   #   OAuth2 Endpoints: standard, implemented via oauthlib
   #
-  security.declarePublic('authorize')
+  @security.public
   @_wrapOAuth2HTMLEndpoint
   def authorize(self, request_validator, REQUEST):
     """
@@ -1058,7 +1058,7 @@ class OAuth2AuthorisationServerConnector(XMLObject):
       },
     ).create_authorization_response
 
-  security.declarePrivate('authorizeLocal')
+  @security.private
   def authorizeLocal(self, REQUEST, RESPONSE, query_list, login_retry_url):
     """
     OAuth2 authorisation endpoint for a local resource server.
@@ -1084,7 +1084,7 @@ class OAuth2AuthorisationServerConnector(XMLObject):
       )
       # pylint: enable=unexpected-keyword-arg, no-value-for-parameter
 
-  security.declarePublic('token')
+  @security.public
   @_wrapOAuth2Endpoint
   def token(self, request_validator, REQUEST):
     """
@@ -1224,7 +1224,7 @@ class OAuth2AuthorisationServerConnector(XMLObject):
       },
     ).create_token_response
 
-  security.declarePublic('revoke')
+  @security.public
   @_wrapOAuth2Endpoint
   def revoke(self, request_validator, REQUEST):
     """
@@ -1237,7 +1237,7 @@ class OAuth2AuthorisationServerConnector(XMLObject):
       enable_jsonp=False,
     ).create_revocation_response
 
-  security.declarePublic('introspect')
+  @security.public
   @_wrapOAuth2Endpoint
   def introspect(self, request_validator, REQUEST):
     """
@@ -1312,7 +1312,7 @@ class OAuth2AuthorisationServerConnector(XMLObject):
     ):
       raise jwt.InvalidTokenError
 
-  security.declarePrivate('getAccessTokenIntrospectionDict')
+  @security.private
   def getAccessTokenIntrospectionDict(self, token, request):
     access_token_dict = self._getAccessTokenDict(token, request)
     access_token_payload_dict = access_token_dict[JWT_PAYLOAD_KEY]
@@ -1326,7 +1326,7 @@ class OAuth2AuthorisationServerConnector(XMLObject):
       # XXX: More ? Like, group list and global role list ?
     }
 
-  security.declarePrivate('getRefreshTokenIntrospectionDict')
+  @security.private
   def getRefreshTokenIntrospectionDict(self, token, request):
     refresh_token_dict = self._getRefreshTokenDict(token, request)
     return {
@@ -1336,7 +1336,7 @@ class OAuth2AuthorisationServerConnector(XMLObject):
       'iat': refresh_token_dict['iat'],
     }
 
-  security.declarePrivate('getAccessTokenClientId')
+  @security.private
   def getAccessTokenClientId(self, value, request):
     """
     Extracts client ID from given Access Token.
@@ -1362,7 +1362,7 @@ class OAuth2AuthorisationServerConnector(XMLObject):
         return token_dict['iss']
     raise  # pylint:disable=misplaced-bare-raise
 
-  security.declarePrivate('getRefreshTokenClientId')
+  @security.private
   def getRefreshTokenClientId(self, value, request):
     """
     Extracts client ID from given Refresh Token.
@@ -1401,7 +1401,7 @@ class OAuth2AuthorisationServerConnector(XMLObject):
       if source_id == token_dict['iss']:
         return session_value
 
-  security.declarePrivate('getSessionValueFromAccessToken')
+  @security.private
   def getSessionValueFromAccessToken(self, token, request):
     """
     Does not check access permission.
@@ -1412,7 +1412,7 @@ class OAuth2AuthorisationServerConnector(XMLObject):
       return
     return self._getSessionValueFromTokenDict(token_dict=token_dict)
 
-  security.declarePrivate('getSessionValueFromRefreshToken')
+  @security.private
   def getSessionValueFromRefreshToken(self, token, request):
     """
     Does not check access permission.
@@ -1423,7 +1423,7 @@ class OAuth2AuthorisationServerConnector(XMLObject):
       return
     return self._getSessionValueFromTokenDict(token_dict=token_dict)
 
-  security.declarePrivate('isRefreshTokenRotationNeeded')
+  @security.private
   def isRefreshTokenRotationNeeded(self, refresh_token, request):
     try:
       refresh_token_dict = self._getRefreshTokenDict(refresh_token, request)
@@ -1436,7 +1436,7 @@ class OAuth2AuthorisationServerConnector(XMLObject):
   #   Non-oauth2 methods, for use by ERP5 in the role of a resource server
   #
 
-  security.declarePublic('getSessionVersion')
+  @security.public
   def getSessionVersion(self, session_id, REQUEST=None, RESPONSE=None):
     """
     Returns the current version of the designated session, if this session exists and is valid.
@@ -1459,7 +1459,7 @@ class OAuth2AuthorisationServerConnector(XMLObject):
     RESPONSE.setHeader('content-type', 'application/json;charset=UTF-8')
     return json.dumps(result)
 
-  security.declarePrivate('isRemote')
+  @security.private
   def isRemote(self):
     return False
 
@@ -1502,7 +1502,7 @@ class OAuth2AuthorisationServerConnector(XMLObject):
         **kw
       )
 
-  security.declarePrivate('getSessionValueByAuthorisationCode')
+  @security.private
   def getSessionValueByAuthorisationCode(self, code):
     """
     Retrieve the session corresponding to given code.
@@ -1510,7 +1510,7 @@ class OAuth2AuthorisationServerConnector(XMLObject):
     # XXX: use a non-draft state ?
     return self._getSessionValue(session_id=code, expected_state='draft')
 
-  security.declarePrivate('invalidateAuthorisationCode')
+  @security.private
   def invalidateAuthorisationCode(self, code):
     """
     Given session code has been used, make the session unusable (if it was still usable).
@@ -1524,7 +1524,7 @@ class OAuth2AuthorisationServerConnector(XMLObject):
       with super_user():
         session_value.cancel()
 
-  security.declarePrivate('createSession')
+  @security.private
   def createSession(
     self,
     authorisation_code,
@@ -1611,7 +1611,7 @@ class OAuth2AuthorisationServerConnector(XMLObject):
   #   Key material API
   #
 
-  security.declarePublic('getSymetricSignatureAlgorithmList')
+  @security.public
   def getSymetricSignatureAlgorithmList(self):
     """
     For UI use.
@@ -1624,7 +1624,7 @@ class OAuth2AuthorisationServerConnector(XMLObject):
       )
     ]
 
-  security.declarePublic('getAsymetricSignatureAlgorithmList')
+  @security.public
   def getAsymetricSignatureAlgorithmList(self):
     """
     For UI use.
@@ -1635,7 +1635,7 @@ class OAuth2AuthorisationServerConnector(XMLObject):
       'RS512',
     ]
 
-  security.declarePublic('getAccessTokenSignatureAlgorithmAndPublicKeyList')
+  @security.public
   def getAccessTokenSignatureAlgorithmAndPublicKeyList(self, RESPONSE=None):
     """
     Return a tuple of 2-tuples:
@@ -1655,7 +1655,7 @@ class OAuth2AuthorisationServerConnector(XMLObject):
     RESPONSE.setHeader('content-type', 'application/json;charset=UTF-8')
     return json.dumps(result)
 
-  security.declareProtected(Permissions.ModifyPortalContent, 'renewTokenSecret')
+  @security.protected(Permissions.ModifyPortalContent)
   def renewTokenSecret(self, revoke_until=0.0):
     """
     Start signing tokens with new keys.

bt5/erp5_oauth2_authorisation/DocumentTemplateItem/portal_components/document.erp5.OAuth2Session.py

@@ -49,7 +49,7 @@ class OAuth2Session(XMLObject):
     """
     raise RuntimeError('This is a computed property')
 
-  security.declareProtected(Permissions.ModifyPortalContent, 'refreshAccessToken')
+  @security.protected(Permissions.ModifyPortalContent)
   def refreshAccessToken(self):
     """
     Force the expiration of any Access Token related to this session.

bt5/erp5_oauth2_resource/DocumentTemplateItem/portal_components/document.erp5.OAuth2AuthorisationClientConnector.py

@@ -366,7 +366,7 @@ class OAuth2AuthorisationClientConnector(
       for _, key in self.__getStateFernetKeyList()
     ])
 
-  security.declarePublic('isAuthorisationServerRemote')
+  @security.public
   def isAuthorisationServerRemote(self):
     """
     Whether the associated authorisation server is local or remote.
@@ -672,10 +672,7 @@ class OAuth2AuthorisationClientConnector(
   #   Local API.
   #
 
-  security.declareProtected(
-    Permissions.ModifyPortalContent,
-    'renewStateSecret',
-  )
+  @security.protected(Permissions.ModifyPortalContent)
   def renewStateSecret(self, revoke_until=0.0):
     """
     Start signing and encrypting state with a new key.
@@ -696,7 +693,7 @@ class OAuth2AuthorisationClientConnector(
       if x[0] > revoke_until
     )
 
-  security.declarePublic('login')
+  @security.public
   def login(
     self,
     REQUEST,
@@ -862,7 +859,7 @@ class OAuth2AuthorisationClientConnector(
         login_retry_url=login_retry_url,
       )
 
-  security.declarePublic('loggedIn')
+  @security.public
   def loggedIn(self, REQUEST, RESPONSE, code=None, state=None):
     """
     Using provided authorisation_code, request tokens from Authorisation
@@ -994,10 +991,7 @@ class OAuth2AuthorisationClientConnector(
     self._expireStateCookie(RESPONSE=RESPONSE, name=state_cookie_name)
     redirect()
 
-  security.declareProtected(
-    Permissions.AccessContentsInformation,
-    'getRedirectUri',
-  )
+  @security.protected(Permissions.AccessContentsInformation)
   def getRedirectUri(self):
     """
     Return the redirect URI which will allow the Authorisation Server to send
@@ -1011,19 +1005,19 @@ class OAuth2AuthorisationClientConnector(
   #   Local API used by PAS plugin.
   #
 
-  security.declarePrivate('getSessionVersion')
+  @security.private
   def getSessionVersion(self, session_id, REQUEST):
     return self._getAuthorisationServerValue(
       REQUEST=REQUEST,
     ).getSessionVersion(session_id)
 
-  security.declarePrivate('getAccessTokenSignatureAlgorithmAndPublicKeyList')
+  @security.private
   def getAccessTokenSignatureAlgorithmAndPublicKeyList(self, REQUEST):
     return self._getAuthorisationServerValue(
       REQUEST=REQUEST,
     ).getAccessTokenSignatureAlgorithmAndPublicKeyList()
 
-  security.declarePrivate('getNewAccessToken')
+  @security.private
   def getNewAccessToken(self, request, refresh_token):
     """
     Called by an ERP5OAuth2ResourceServerPlugin instance when if could find
@@ -1044,7 +1038,7 @@ class OAuth2AuthorisationClientConnector(
     )
     return access_token, refresh_token
 
-  security.declarePrivate('terminateSession')
+  @security.private
   def terminateSession(self, request, access_token, refresh_token):
     """
     Called by an ERP5OAuth2ResourceServerPlugin instance when logging out.

bt5/erp5_open_api/DocumentTemplateItem/portal_components/document.erp5.OpenAPIService.py

@@ -130,9 +130,8 @@ class OpenAPIService(XMLObject):
     PropertySheet.Reference,
   )
 
-  security.declareProtected(
-    Permissions.AccessContentsInformation, 'viewOpenAPIAsJson')
 
+  @security.protected(Permissions.AccessContentsInformation)
   def viewOpenAPIAsJson(self):
     """Return the Open API as JSON, with the current endpoint added as first servers
     """
@@ -277,9 +276,8 @@ class OpenAPIService(XMLObject):
         raise SchemaDefinitionError('unable to bind requestBody')
     return parameter_dict
 
-  security.declareProtected(
-    Permissions.AccessContentsInformation, 'validateParameter')
 
+  @security.protected(Permissions.AccessContentsInformation)
   def validateParameter(
       self, parameter_name, parameter_value, parameter, schema):
     # type: (str, Any, dict, dict) -> Any
@@ -298,9 +296,8 @@ class OpenAPIService(XMLObject):
             parameter_name=parameter_name, e=e.message), str(e))
     return parameter_value
 
-  security.declareProtected(
-    Permissions.AccessContentsInformation, 'validateRequestBody')
 
+  @security.protected(Permissions.AccessContentsInformation)
   def validateRequestBody(self, parameter_value, schema):
     # type: (str, dict) -> Any
     """Validate the request body raising a ParameterValidationError

bt5/erp5_open_api/DocumentTemplateItem/portal_components/document.erp5.OpenAPITypeInformation.py

@@ -361,9 +361,8 @@ class OpenAPITypeInformation(ERP5TypeInformation):
     else:
       return json.load(stream)
 
-  security.declareProtected(
-    Permissions.AccessContentsInformation, 'getOpenAPIOperationIterator')
 
+  @security.protected(Permissions.AccessContentsInformation)
   def getOpenAPIOperationIterator(self):
     # type: () -> typing.Iterator[OpenAPIOperation]
     """Iterator over the operations defined in the schema

bt5/erp5_open_trade/DocumentTemplateItem/portal_components/document.erp5.OpenOrderLine.py

@@ -62,7 +62,7 @@ class OpenOrderLine(SupplyLine):
                     , PropertySheet.Comment
                     )
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'getTotalQuantity')
+  @security.protected(Permissions.AccessContentsInformation)
   def getTotalQuantity(self, default=0):
     """Returns the total quantity for this open order line.
     If the order line contains cells, the total quantity of cells are
@@ -73,7 +73,7 @@ class OpenOrderLine(SupplyLine):
                     self.getCellValueList(base_id='path')])
     return self.getQuantity(default)
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'getTotalPrice')
+  @security.protected(Permissions.AccessContentsInformation)
   def getTotalPrice(self):
     """Returns the total price for this open order line.
     If the order line contains cells, the total price of cells are

bt5/erp5_open_trade_periodicity_line/DocumentTemplateItem/portal_components/document.erp5.PeriodicityLine.py

@@ -42,7 +42,7 @@ class PeriodicityLineMixin(PeriodicityMixin):
   property_sheets = ( PropertySheet.PeriodicityTerm,
                       PropertySheet.CategoryCore, )
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'getPeriodicityTermStopDate')
+  @security.protected(Permissions.AccessContentsInformation)
   def getPeriodicityTermStopDate(self, start_date, default=None):
     """Return periodicity term's stop_date by calculating periodicity term
     length with a start_date argument and other own properties.
@@ -82,7 +82,7 @@ class PeriodicityLine(Path, PeriodicityLineMixin):
                                           PropertySheet.PeriodicityTerm,
                                           )
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'getDatePeriodList')
+  @security.protected(Permissions.AccessContentsInformation)
   def getDatePeriodList(self, from_date, to_date):
     """
     Returns a list of a tuple of start_date and stop_date.

bt5/erp5_payroll/DocumentTemplateItem/portal_components/document.erp5.PaySheetModel.py

@@ -67,7 +67,7 @@ class PaySheetModel(TradeCondition, XMLMatrix):
                     , PropertySheet.DefaultAnnotationLine
                     )
 
-  security.declareProtected( Permissions.AccessContentsInformation, 'getCell')
+  @security.protected(Permissions.AccessContentsInformation)
   def getCell(self, *args, **kw):
     '''Overload the function getCell to be able to search a cell on the
     inheritance model tree if the cell is not found on current one.
@@ -85,8 +85,7 @@ class PaySheetModel(TradeCondition, XMLMatrix):
       if cell is not None:
         return cell
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getReferenceDict')
+  @security.protected(Permissions.AccessContentsInformation)
   def getReferenceDict(self, portal_type_list, property_list=None):
     """Return a dict containing all id's of the objects contained in
     this model and corresponding to the given portal_type. The key of the dict
@@ -107,8 +106,7 @@ class PaySheetModel(TradeCondition, XMLMatrix):
         reference_dict[obj.getProperty('reference', obj.getId())] = obj.getId()
     return reference_dict
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getInheritanceReferenceDict')
+  @security.protected(Permissions.AccessContentsInformation)
   def getInheritanceReferenceDict(self, context, portal_type_list,
                                   property_list=None):
     '''Returns a dict with the model url as key and a list of reference as
@@ -130,8 +128,7 @@ class PaySheetModel(TradeCondition, XMLMatrix):
         model_reference_dict[model.getRelativeUrl()]=id_list
     return model_reference_dict
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-      'getModelInheritanceEffectiveProperty')
+  @security.protected(Permissions.AccessContentsInformation)
   def getModelInheritanceEffectiveProperty(self, paysheet, property_name):
     """Get a property from an effective model
     """

bt5/erp5_payroll/DocumentTemplateItem/portal_components/document.erp5.PaySheetModelLine.py

@@ -64,8 +64,7 @@ class PaySheetModelLine(TradeModelLine):
                     , PropertySheet.Reference
                     )
 
-  security.declareProtected(Permissions.ModifyPortalContent,
-                            'newCellContent' )
+  @security.protected(Permissions.ModifyPortalContent)
   def newCellContent(self, id, portal_type='Pay Sheet Model Cell', **kw): # pylint:disable=redefined-builtin
     """Overriden to specify default portal type
     """

bt5/erp5_payroll/DocumentTemplateItem/portal_components/document.erp5.PaySheetTransaction.py

@@ -61,8 +61,7 @@ class PaySheetTransaction(Invoice):
                     )
 
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getRatioQuantityFromReference')
+  @security.protected(Permissions.AccessContentsInformation)
   def getRatioQuantityFromReference(self, ratio_reference=None):
     """
     return the ratio value correponding to the ratio_reference,
@@ -84,8 +83,7 @@ class PaySheetTransaction(Invoice):
         return document.getQuantity()
     return None
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getRatioQuantityList')
+  @security.protected(Permissions.AccessContentsInformation)
   def getRatioQuantityList(self, ratio_reference_list):
     """
     Return a list of reference_ratio_list correponding values.
@@ -97,8 +95,7 @@ class PaySheetTransaction(Invoice):
     return [self.getRatioQuantityFromReference(reference) \
         for reference in ratio_reference_list]
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getAnnotationLineFromReference')
+  @security.protected(Permissions.AccessContentsInformation)
   def getAnnotationLineFromReference(self, reference=None):
     """Return the annotation line corresponding to the reference.
     Returns None if reference not found
@@ -115,8 +112,7 @@ class PaySheetTransaction(Invoice):
         return annotation_line
     return None
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getAnnotationLineListList')
+  @security.protected(Permissions.AccessContentsInformation)
   def getAnnotationLineListList(self, reference_list):
     """Return a list of annotation lines corresponding to the reference_list
     reference_list is a list of references to the Annotation Line we want
@@ -127,8 +123,7 @@ class PaySheetTransaction(Invoice):
     return [self.getAnnotationLineFromReference(reference) \
         for reference in reference_list]
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getInheritedObjectValueList')
+  @security.protected(Permissions.AccessContentsInformation)
   def getInheritedObjectValueList(self, portal_type_list, property_list=()):
     '''Return a list of all subobjects of the herited model (incuding the
       dependencies).
@@ -148,7 +143,7 @@ class PaySheetTransaction(Invoice):
         sub_object_list.extend([model._getOb(x) for x in id_list])
     return sub_object_list
 
-  security.declarePrivate('updateAggregatedAmountList')
+  @security.private
   def updateAggregatedAmountList(self, *args, **kw):
     amount_dict = {(x.getReference(),
                     tuple(x.getVariationCategoryList())): x
@@ -170,8 +165,7 @@ class PaySheetTransaction(Invoice):
     return {'movement_to_delete_list': movement_to_delete_list,
             'movement_to_add_list': amount_dict.values()}
 
-  security.declareProtected(Permissions.ModifyPortalContent,
-                            'applyTransformation')
+  @security.protected(Permissions.ModifyPortalContent)
   def applyTransformation(self):
     '''use a delivery builder to create all the paysheet lines using
       movements return by updateAggregatedAmountList

bt5/erp5_pdm/DocumentTemplateItem/portal_components/document.erp5.AssortedResource.py

@@ -128,7 +128,7 @@ class AssortedResource(TransformedResource):
   )
 
   getCellAggregateKey = AmountGeneratorLine.getCellAggregateKey
-  security.declareProtected(Permissions.AccessContentsInformation, 'getAssortedVariationCategoryList')
+  @security.protected(Permissions.AccessContentsInformation)
   def getAssortedVariationCategoryList(self, cell_index):
     """
         Nice for A
@@ -143,14 +143,14 @@ class AssortedResource(TransformedResource):
     #LOG('getAssortedVariationCategoryList', 0, repr(variation_category_list))
     return variation_category_list
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'getAssortedVariationBaseCategoryList')
+  @security.protected(Permissions.AccessContentsInformation)
   def getAssortedVariationBaseCategoryList(self):
     """
         Nice for A
     """
     return self.getQVariationBaseCategoryList()
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'getAssortmentVariationCategoryList')
+  @security.protected(Permissions.AccessContentsInformation)
   def getAssortmentVariationCategoryList(self, cell_index):
     """
         Nice for C
@@ -165,7 +165,7 @@ class AssortedResource(TransformedResource):
     #LOG('getAssortmentVariationCategoryList', 0, repr(variation_category_list))
     return variation_category_list
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'getAssortmentVariationBaseCategoryList')
+  @security.protected(Permissions.AccessContentsInformation)
   def getAssortmentVariationBaseCategoryList(self):
     """
         Nice for C
@@ -231,7 +231,7 @@ class AssortedResource(TransformedResource):
 
   ### Variation matrix definition
   #
-  security.declareProtected(Permissions.ModifyPortalContent, '_setQVariationBaseCategoryList')
+  @security.protected(Permissions.ModifyPortalContent)
   def _setQVariationBaseCategoryList(self, value):
     """
         Defines the possible base categories which Quantity value (Q)
@@ -242,7 +242,7 @@ class AssortedResource(TransformedResource):
     # And fix it in case the cells are not renamed (XXX this will be removed in the future)
     self._checkConsistency(fixit=1)
 
-  security.declareProtected(Permissions.ModifyPortalContent, 'setQVariationBaseCategoryList')
+  @security.protected(Permissions.ModifyPortalContent)
   def setQVariationBaseCategoryList(self, value):
     """
         Defines the possible base categories which Quantity value (Q)
@@ -251,7 +251,7 @@ class AssortedResource(TransformedResource):
     self._setQVariationBaseCategoryList(value)
     self.reindexObject()
 
-  security.declareProtected(Permissions.ModifyPortalContent, '_setVVariationBaseCategoryList')
+  @security.protected(Permissions.ModifyPortalContent)
   def _setVVariationBaseCategoryList(self, value):
     """
         Defines the possible base categories which Variation value (V)
@@ -281,7 +281,7 @@ class AssortedResource(TransformedResource):
     # And fix it in case the cells are not renamed (XXX this will be removed in the future)
     self._checkConsistency(fixit=1)
 
-  security.declareProtected(Permissions.ModifyPortalContent, 'setVVariationBaseCategoryList')
+  @security.protected(Permissions.ModifyPortalContent)
   def setVVariationBaseCategoryList(self, value):
     """
         Defines the possible base categories which Variation value (V)
@@ -291,7 +291,7 @@ class AssortedResource(TransformedResource):
     self.reindexObject()
 
   # Methods for matrix UI widgets
-  security.declareProtected(Permissions.AccessContentsInformation, 'getQLineItemList')
+  @security.protected(Permissions.AccessContentsInformation)
   def getQLineItemList(self, display_id='getTitle', base=1, current_category=None):
     """
     """
@@ -307,7 +307,7 @@ class AssortedResource(TransformedResource):
     #LOG('getQLineItemList', 10, "%s" % str(result))
     return result
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'getQColumnItemList')
+  @security.protected(Permissions.AccessContentsInformation)
   def getQColumnItemList(self, display_id='getTitle', base=1, current_category=None):
     """
     """
@@ -323,7 +323,7 @@ class AssortedResource(TransformedResource):
     #LOG('getQColumnItemList', 0, "%s" % str(result))
     return result
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'getQTabItemList')
+  @security.protected(Permissions.AccessContentsInformation)
   def getQTabItemList(self, display_id='getTitle', base=1, current_category=None):
     """
         Returns a list of items which can be used as index for
@@ -357,7 +357,7 @@ class AssortedResource(TransformedResource):
       result = [(None,'')]
     return result
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'getVLineItemList')
+  @security.protected(Permissions.AccessContentsInformation)
   def getVLineItemList(self):
     base_category = self.getParentValue().getVariationBaseCategoryLine()
     if base_category in self.getVVariationBaseCategoryList():
@@ -369,7 +369,7 @@ class AssortedResource(TransformedResource):
       result += [(c,c)]
     return result
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'getVColumnItemList')
+  @security.protected(Permissions.AccessContentsInformation)
   def getVColumnItemList(self):
     base_category = self.getParentValue().getVariationBaseCategoryColumn()
     if base_category in self.getVVariationBaseCategoryList():
@@ -384,7 +384,7 @@ class AssortedResource(TransformedResource):
 
     return result
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'getVTabItemList')
+  @security.protected(Permissions.AccessContentsInformation)
   def getVTabItemList(self):
     transformation = self.getParentValue()
     line_id = transformation.getVariationBaseCategoryLine()
@@ -407,7 +407,7 @@ class AssortedResource(TransformedResource):
 
     return result
 
-  security.declareProtected( Permissions.ModifyPortalContent, 'newCell' )
+  @security.protected(Permissions.ModifyPortalContent)
   def newCell(self, *kw, **kwd):
     result = XMLMatrix.newCell(self, *kw, **kwd)
     result._setPredicateOperator("SUPERSET_OF")
@@ -424,13 +424,13 @@ class AssortedResource(TransformedResource):
 
     return result
 
-  security.declareProtected( Permissions.ModifyPortalContent, 'newCellContent' )
+  @security.protected(Permissions.ModifyPortalContent)
   def newCellContent(self, id, portal_type='Set Mapped Value', **kw): # pylint: disable=redefined-builtin
     """Overriden to specify default portal type
     """
     return self.newContent(id=id, portal_type=portal_type, **kw)
 
-  security.declarePrivate('_checkConsistency')
+  @security.private
   def _checkConsistency(self, fixit=0):
     """
         Check the constitency of transformation elements

bt5/erp5_pdm/DocumentTemplateItem/portal_components/document.erp5.Consumption.py

@@ -57,8 +57,7 @@ class Consumption(XMLObject, XMLMatrix, VariatedMixin):
                     , PropertySheet.VariationRange
                     )
 
-  security.declareProtected(Permissions.ModifyPortalContent,
-                            '_setVariationCategoryList')
+  @security.protected(Permissions.ModifyPortalContent)
   def _setVariationCategoryList(self, value, base_category_list=()):
     """
       Set consumption variation category list.
@@ -72,8 +71,7 @@ class Consumption(XMLObject, XMLMatrix, VariatedMixin):
     # Kept for compatibility.
     self.updateCellRange(base_id='quantity')
 
-  security.declareProtected(Permissions.ModifyPortalContent,
-                            'setVariationCategoryList')
+  @security.protected(Permissions.ModifyPortalContent)
   def setVariationCategoryList(self, value, base_category_list=()):
     """
       Set consumption variation category list.
@@ -82,8 +80,7 @@ class Consumption(XMLObject, XMLMatrix, VariatedMixin):
     self._setVariationCategoryList(value)
     self.reindexObject()
 
-  security.declareProtected(Permissions.ModifyPortalContent,
-                            'getVariationRangeBaseCategoryItemList')
+  @security.protected(Permissions.ModifyPortalContent)
   def getVariationRangeBaseCategoryItemList(
       self,
       base=1,
@@ -96,8 +93,7 @@ class Consumption(XMLObject, XMLMatrix, VariatedMixin):
     # XXX get TitleOrId
     return [(x, x) for x in self.getVariationRangeBaseCategoryList()]
 
-  security.declareProtected(Permissions.ModifyPortalContent,
-                            'getQuantityRatio')
+  @security.protected(Permissions.ModifyPortalContent)
   def getQuantityRatio(self, variation_category_line,
                         variation_category_column):
     """

bt5/erp5_pdm/DocumentTemplateItem/portal_components/document.erp5.Measure.py

@@ -53,7 +53,7 @@ class Measure(XMLMatrix):
                     , PropertySheet.Measure
                     )
 
-  security.declareProtected(AccessContentsInformation, 'getResourceValue')
+  @security.protected(AccessContentsInformation)
   def getResourceValue(self):
     """
     Gets the resource object described by this measure.
@@ -63,7 +63,7 @@ class Measure(XMLMatrix):
   ##
   #  Forms.
 
-  security.declareProtected(AccessContentsInformation, 'getVariationRangeCategoryItemList')
+  @security.protected(AccessContentsInformation)
   def getVariationRangeCategoryItemList(self, variation):
     """
     Returns possible variation category values for the selected variation.
@@ -80,7 +80,7 @@ class Measure(XMLMatrix):
       display_base_category=0,
       sort_id='id')
 
-  security.declareProtected(AccessContentsInformation, 'getQuantityUnitItemList')
+  @security.protected(AccessContentsInformation)
   def getQuantityUnitItemList(self):
     """
     Returns the list of possible quantity units for the current metric type.
@@ -98,7 +98,7 @@ class Measure(XMLMatrix):
         'getCategoryChildCompactLogicalPathItemList')
     )(recursive=0, local_sort_id='quantity', checked_permission='View')
 
-  security.declareProtected(AccessContentsInformation, 'getLocalQuantityUnit')
+  @security.protected(AccessContentsInformation)
   def getLocalQuantityUnit(self):
     """
     Returns the 'quantity_unit' category without acquisition.
@@ -113,7 +113,7 @@ class Measure(XMLMatrix):
   #  Measures associated to a quantity unit of the resource
   #  have a specific behaviour.
 
-  security.declareProtected(AccessContentsInformation, 'isDefaultMeasure')
+  @security.protected(AccessContentsInformation)
   def isDefaultMeasure(self, quantity_unit=None):
     """
     Checks if self is a default measure for the associated resource.
@@ -125,7 +125,7 @@ class Measure(XMLMatrix):
   ##
   #  Conversion.
 
-  security.declareProtected(AccessContentsInformation, 'getConvertedQuantityUnit')
+  @security.protected(AccessContentsInformation)
   def getConvertedQuantityUnit(self):
     """
     Gets the quantity unit ratio, in respect to the base quantity unit.
@@ -136,7 +136,7 @@ class Measure(XMLMatrix):
         quantity_unit.getParentId() == metric_type.split('/', 1)[0]:
       return self.getQuantityUnitDefinitionRatio(quantity_unit)
 
-  security.declareProtected(AccessContentsInformation, 'getConvertedQuantity')
+  @security.protected(AccessContentsInformation)
   def getConvertedQuantity(self, variation_list=()):
     """
     Gets the measure value for a specified variation,
@@ -162,7 +162,7 @@ class Measure(XMLMatrix):
   ##
   #  Cataloging.
 
-  security.declareProtected(AccessContentsInformation, 'asCatalogRowList')
+  @security.protected(AccessContentsInformation)
   def asCatalogRowList(self, quantity_unit_definition_dict):
     """
     Returns the list of rows to insert in the measure table of the catalog.

bt5/erp5_pdm/DocumentTemplateItem/portal_components/document.erp5.QuantityUnitConversionDefinition.py

@@ -52,8 +52,7 @@ class QuantityUnitConversionDefinition(XMLObject):
                     , PropertySheet.QuantityUnitConversionDefinition
                     )
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getTitle')
+  @security.protected(Permissions.AccessContentsInformation)
   def getTitle(self):
     """
       Set a title that includes the Quantity Unit
@@ -67,8 +66,7 @@ class QuantityUnitConversionDefinition(XMLObject):
 
     return default_title
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getConversionRatio')
+  @security.protected(Permissions.AccessContentsInformation)
   def getConversionRatio(self):
     """
       Compute conversion ratio associated with this definition

bt5/erp5_pdm/DocumentTemplateItem/portal_components/document.erp5.QuantityUnitConversionGroup.py

@@ -51,8 +51,7 @@ class QuantityUnitConversionGroup(XMLObject):
                     , PropertySheet.Amount
                     )
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getTitle')
+  @security.protected(Permissions.AccessContentsInformation)
   def getTitle(self):
     """
       Set a title that includes the Quantity Unit

bt5/erp5_pdm/DocumentTemplateItem/portal_components/document.erp5.Transformation.py

@@ -112,8 +112,7 @@ class Transformation(MappedValue, VariatedMixin, Amount, AmountGeneratorMixin):
     return ()
 
   # IVariationRange and IVariated Implementation
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'updateVariationCategoryList')
+  @security.protected(Permissions.AccessContentsInformation)
   def updateVariationCategoryList(self):
     """
     Check if variation category list of the resource has changed and update
@@ -124,8 +123,7 @@ class Transformation(MappedValue, VariatedMixin, Amount, AmountGeneratorMixin):
     for transformation_line in transformation_line_list:
       transformation_line.updateVariationCategoryList()
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getVariationRangeBaseCategoryList')
+  @security.protected(Permissions.AccessContentsInformation)
   def getVariationRangeBaseCategoryList(self):
     """
     Returns possible variation base_category ids of the
@@ -142,8 +140,7 @@ class Transformation(MappedValue, VariatedMixin, Amount, AmountGeneratorMixin):
       result = self.getPortalVariationBaseCategoryList()
     return result
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getVariationRangeBaseCategoryItemList')
+  @security.protected(Permissions.AccessContentsInformation)
   def getVariationRangeBaseCategoryItemList(self, display_id='getTitleOrId', **kw):
     """
     Returns possible variations of the transformation
@@ -155,8 +152,7 @@ class Transformation(MappedValue, VariatedMixin, Amount, AmountGeneratorMixin):
                               self.getVariationRangeBaseCategoryList(),
                               display_id=display_id, **kw)
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getVariationRangeCategoryItemList')
+  @security.protected(Permissions.AccessContentsInformation)
   def getVariationRangeCategoryItemList(self, base_category_list=(),
                                         omit_individual_variation=0,
                                         display_base_category=1, **kw):
@@ -186,8 +182,7 @@ class Transformation(MappedValue, VariatedMixin, Amount, AmountGeneratorMixin):
                          base_category_list, base=1, display_none_category=0)
     return result
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'setVariationBaseCategoryList')
+  @security.protected(Permissions.AccessContentsInformation)
   def setVariationBaseCategoryList(self, value):
     """
     Define the possible base categories and reindex object
@@ -195,8 +190,7 @@ class Transformation(MappedValue, VariatedMixin, Amount, AmountGeneratorMixin):
     self._setVariationBaseCategoryList(value)
     self.reindexObject()
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getVariationCategoryItemList')
+  @security.protected(Permissions.AccessContentsInformation)
   def getVariationCategoryItemList(self, base_category_list=(), base=1,
                                    display_id='title',
                                    current_category=None,

bt5/erp5_pdm/DocumentTemplateItem/portal_components/document.erp5.TransformedResource.py

@@ -103,15 +103,13 @@ class TransformedResource(AmountGeneratorLine):
       value += delivery_amount.getConvertedQuantity()
     return value
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getBaseApplication')
+  @security.protected(Permissions.AccessContentsInformation)
   def getBaseApplication(self):
     """
     """
     return self.getBaseApplicationList()[0]
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getBaseApplicationList')
+  @security.protected(Permissions.AccessContentsInformation)
   def getBaseApplicationList(self):
     """
     """
@@ -121,8 +119,7 @@ class TransformedResource(AmountGeneratorLine):
 
   ### Variation matrix definition
   # XXX-JPS Some explanation needed
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'updateVariationCategoryList')
+  @security.protected(Permissions.AccessContentsInformation)
   def updateVariationCategoryList(self):
     """
         Check if variation category list of the resource changed and
@@ -131,8 +128,7 @@ class TransformedResource(AmountGeneratorLine):
     self.setQVariationBaseCategoryList(self.getQVariationBaseCategoryList())
     self.setVVariationBaseCategoryList(self.getVVariationBaseCategoryList())
 
-  security.declareProtected(Permissions.ModifyPortalContent,
-                            '_setQVariationBaseCategoryList')
+  @security.protected(Permissions.ModifyPortalContent)
   def _setQVariationBaseCategoryList(self, value):
     """
         Defines the possible base categories which Quantity value (Q)
@@ -141,8 +137,7 @@ class TransformedResource(AmountGeneratorLine):
     self._baseSetQVariationBaseCategoryList(value)
     self._updateCellRange('quantity')
 
-  security.declareProtected(Permissions.ModifyPortalContent,
-                            '_setVVariationBaseCategoryList')
+  @security.protected(Permissions.ModifyPortalContent)
   def _setVVariationBaseCategoryList(self, value):
     """
         Defines the possible base categories which Variation value (V)
@@ -154,8 +149,7 @@ class TransformedResource(AmountGeneratorLine):
     # XXX-JPS This should be handled by interaction workflow or interactor
     # XXX-JPS SO many cases are not handled well...
 
-  security.declareProtected(Permissions.ModifyPortalContent,
-                            'setVVariationBaseCategoryList')
+  @security.protected(Permissions.ModifyPortalContent)
   def setVVariationBaseCategoryList(self, value):
     """
         Defines the possible base categories which Variation value (V)

bt5/erp5_safeimage/ExtensionTemplateItem/portal_components/extension.erp5.ERP5ZoomifyImage.py

@@ -471,7 +471,7 @@ class ZoomifyZopeProcessor(ZoomifyBase):
     #del app
     return
 
-  security.declareProtected('Add Documents, Images, and Files', 'ZoomifyProcess')
+  @security.protected('Add Documents, Images, and Files')
   def ZoomifyProcess(self, id, imageObject=None):
     """ factored out threading of process (removed for now) """
     if imageObject:

bt5/erp5_short_message/DocumentTemplateItem/portal_components/document.erp5.DummyGateway.py

@@ -71,7 +71,7 @@ class DummyGateway(XMLObject):
                     , PropertySheet.SMSGateway
                     )
 
-  security.declareProtected(Permissions.ManagePortal, 'send')
+  @security.protected(Permissions.ManagePortal)
   def send(self, text, recipient, sender):
     """Send a short message.
     """
@@ -80,12 +80,12 @@ class DummyGateway(XMLObject):
       return None
     return self._generateRandomMessageId()
 
-  security.declareProtected(Permissions.ManagePortal, 'getMessageStatus')
+  @security.protected(Permissions.ManagePortal)
   def getMessageStatus(self, message_id):
     """Retrive the status of a message"""
     return "delivered"
 
-  security.declarePublic('receive')
+  @security.public
   def receive(self,REQUEST):
     """Receive push notification from the gateway"""
 
@@ -106,7 +106,7 @@ class DummyGateway(XMLObject):
 
 
 
-  security.declareProtected(Permissions.ManagePortal, 'notifyReception')
+  @security.protected(Permissions.ManagePortal)
   def notifyReception(self, sender, text, message_id):
     """The gateway inform what we ha a new message.
     """

bt5/erp5_short_message/DocumentTemplateItem/portal_components/document.erp5.EssendexGateway.py

@@ -77,7 +77,7 @@ class EssendexGateway(XMLObject):
 
   api_url = "https://www.esendex.com/secure/messenger/formpost"
 
-  security.declarePrivate("_fetchPageAsDict")
+  @security.private
   def _fetchPageAsDict(self,page):
     """Page result is like Key=value in text format.
        We transform it to a more powerfull dictionnary"""
@@ -106,7 +106,7 @@ class EssendexGateway(XMLObject):
 
     return result
 
-  security.declarePrivate("_transformPhoneUrlToGatewayNumber")
+  @security.private
   def _transformPhoneUrlToGatewayNumber(self,phone):
     """Transform url of phone number to a valid phone number (gateway side)"""
     phone = phone.replace('tel:', '').replace('+','').replace('(0)','').replace('-','')
@@ -114,12 +114,12 @@ class EssendexGateway(XMLObject):
     assert not(phone.startswith('99000'))
     return phone
 
-  security.declarePrivate("_parsePhoneNumber")
+  @security.private
   def _parsePhoneNumber(self,number):
     """Convert phone number for erp5 compliance"""
     return "+%s(%s)-%s" % (number[0:2],0,number[2:])
 
-  security.declarePrivate("_parseDate")
+  @security.private
   def _parseDate(self, string):
     """Convert a string (like 2011-05-03 10:23:16Z) to a DateTime"""
     return DateTime(string.replace('Z', ' GTM+2'))
@@ -128,7 +128,7 @@ class EssendexGateway(XMLObject):
     """ Convert a timedelta to seconds """
     return timedelta.seconds + (timedelta.days * 24 * 60 * 60)
 
-  security.declareProtected(Permissions.ManagePortal, 'send')
+  @security.protected(Permissions.ManagePortal)
   def send(self, text, recipient, sender):
     """Send a message.
     """
@@ -179,7 +179,7 @@ class EssendexGateway(XMLObject):
     else:
       raise ValueError("Unknown result", 0, result)
 
-  security.declareProtected(Permissions.ManagePortal, 'getMessageStatus')
+  @security.protected(Permissions.ManagePortal)
   def getMessageStatus(self, message_id):
     """Retrive the status of a message"""
     base_url = self.api_url + "/QueryStatus.aspx"
@@ -201,7 +201,7 @@ class EssendexGateway(XMLObject):
       #we get an error when call the gateway
       raise SMSGatewayError(unquote(result.get('Message', "Impossible to get the message status")))
 
-  security.declarePublic('receive')
+  @security.public
   def receive(self, REQUEST, **kw):
     """Receive push notification"""
 
@@ -248,7 +248,7 @@ class EssendexGateway(XMLObject):
       setSecurityManager(sm)
 
 
-  security.declareProtected(Permissions.ManagePortal, 'notifyReception')
+  @security.protected(Permissions.ManagePortal)
   def notifyReception(self, xml):
     """The gateway inform what we ha a new message.
        root: lxml Element"""
@@ -274,7 +274,7 @@ class EssendexGateway(XMLObject):
                               reception_date=DateTime(),
                               mode="push")
 
-  security.declareProtected(Permissions.ManagePortal, 'notifyDelivery')
+  @security.protected(Permissions.ManagePortal)
   def notifyDelivery(self, xml):
     """Handle delivery info
         xml: lxml Element"""

bt5/erp5_short_message/DocumentTemplateItem/portal_components/document.erp5.MobytGateway.py

@@ -76,7 +76,7 @@ class MobytGateway(XMLObject):
   # for documentation of this old API
   api_url = "https://multilevel.mobyt.fr/sms"
 
-  security.declarePrivate("_fetchSendResponseAsDict")
+  @security.private
   def _fetchSendResponseAsDict(self,page):
     """Page result is like Key=value in text format.
        We transform it to a more powerfull dictionnary"""
@@ -91,7 +91,7 @@ class MobytGateway(XMLObject):
 
     return result
 
-  security.declarePrivate("_fetchStatusResponseAsDict")
+  @security.private
   def _fetchStatusResponseAsDict(self,page):
     """Page result is like Key=value in text format.
        We transform it to a more powerfull dictionnary"""
@@ -128,7 +128,7 @@ class MobytGateway(XMLObject):
 
     return result
 
-  security.declarePrivate("_transformPhoneUrlToGatewayNumber")
+  @security.private
   def _transformPhoneUrlToGatewayNumber(self,phone):
     """Transform url of phone number to a valid phone number (gateway side)"""
     phone = phone.replace('tel:', '').replace('(0)','').replace('-','')
@@ -136,7 +136,7 @@ class MobytGateway(XMLObject):
     assert not(phone.startswith('99000'))
     return phone
 
-  security.declareProtected(Permissions.ManagePortal, 'send')
+  @security.protected(Permissions.ManagePortal)
   def send(self, text, recipient, sender):
     """Send a message.
     """
@@ -196,7 +196,7 @@ class MobytGateway(XMLObject):
     else:
       raise ValueError("Unknown result", 0, result)
 
-  security.declareProtected(Permissions.ManagePortal, 'getMessageStatus')
+  @security.protected(Permissions.ManagePortal)
   def getMessageStatus(self, message_id):
     """Retrive the status of a message"""
     base_url = self.api_url + "/batch-status.php"
@@ -226,7 +226,7 @@ class MobytGateway(XMLObject):
       #we get an error when call the gateway
       raise SMSGatewayError(unquote(result.get('status_info', "Impossible to get the message status")))
 
-  security.declarePublic('receive')
+  @security.public
   def receive(self,REQUEST):
     """Receive push notification from the gateway"""
 
@@ -245,7 +245,7 @@ class MobytGateway(XMLObject):
       #Restore orinal user
       setSecurityManager(sm)
 
-  security.declareProtected(Permissions.ManagePortal, 'notifyReception')
+  @security.protected(Permissions.ManagePortal)
   def notifyReception(self, sender, text, message_id):
     """The gateway inform what we ha a new message.
     """

bt5/erp5_short_message/ToolComponentTemplateItem/portal_components/tool.erp5.SMSTool.py

@@ -48,7 +48,7 @@ class SMSTool(BaseTool):
   security.declareProtected(ManagePortal, 'manage_overview')
   #manage_overview = DTMLFile('explainSMSTool', _dtmldir )
 
-  security.declareProtected(ManagePortal, 'send')
+  @security.protected(ManagePortal)
   @non_publishable
   def send(self, text, recipient, sender, gateway_reference='default',
            document_relative_url=None, activate_kw=None):
@@ -77,13 +77,13 @@ class SMSTool(BaseTool):
               document_relative_url=document_relative_url,
               gateway_relative_url=gateway.getRelativeUrl())
 
-  security.declareProtected(ManagePortal, 'getMessageStatus')
+  @security.protected(ManagePortal)
   def getMessageStatus(self,message_id, gateway_reference='default'):
 
     gateway = self._findGateway(gateway_reference)
     return gateway.getMessageStatus(message_id)
 
-  security.declarePublic('isSendByTitleAllowed')
+  @security.public
   def isSendByTitleAllowed(self, gateway_reference='default'):
     """Define the support or not to use the title of the telephone instead of
         the number when send a message."""

bt5/erp5_simulation/DocumentTemplateItem/portal_components/document.erp5.FIFODeliverySolver.py

@@ -56,7 +56,7 @@ class FIFODeliverySolver(XMLObject):
                     )
 
   # IDeliverySolver Implementation
-  security.declareProtected(Permissions.AccessContentsInformation, 'getTotalQuantity')
+  @security.protected(Permissions.AccessContentsInformation)
   def getTotalQuantity(self):
     """
       Move this to mixin
@@ -66,7 +66,7 @@ class FIFODeliverySolver(XMLObject):
       total_quantity += movement.getQuantity()
     return total_quantity
 
-  security.declareProtected(Permissions.ModifyPortalContent, 'setTotalQuantity')
+  @security.protected(Permissions.ModifyPortalContent)
   def setTotalQuantity(self, new_quantity, activate_kw=None):
     """
     Affect the difference of quantity to different simulation movements

bt5/erp5_simulation/DocumentTemplateItem/portal_components/document.erp5.MinimisePriceDeliverySolver.py

@@ -56,7 +56,7 @@ class MinimisePriceDeliverySolver(FIFODeliverySolver):
                     )
 
   # IDeliverySolver Implementation
-  security.declareProtected(Permissions.ModifyPortalContent, 'setTotalQuantity')
+  @security.protected(Permissions.ModifyPortalContent)
   def setTotalQuantity(self, new_quantity, activate_kw=None):
     """
     """

bt5/erp5_simulation/DocumentTemplateItem/portal_components/document.erp5.NetConvertedQuantityEquivalenceTester.py

@@ -72,8 +72,7 @@ class NetConvertedQuantityEquivalenceTester(FloatEquivalenceTester):
                                                decision_movement,
                                                decision_value)
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getUpdatablePropertyDict')
+  @security.protected(Permissions.AccessContentsInformation)
   def getUpdatablePropertyDict(self, prevision_movement, decision_movement):
     """
     Returns a list of properties to update on decision_movement

bt5/erp5_simulation/DocumentTemplateItem/portal_components/document.erp5.SolverDecision.py

@@ -73,8 +73,7 @@ class SolverDecision(ConfigurableMixin, XMLObject):
                     , PropertySheet.Configurable
                     )
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getDefaultConfigurationPropertyDict')
+  @security.protected(Permissions.AccessContentsInformation)
   def getDefaultConfigurationPropertyDict(self):
     """
     Returns a dictionary of default properties for specified
@@ -87,8 +86,7 @@ class SolverDecision(ConfigurableMixin, XMLObject):
     else:
       return solver_type.getDefaultConfigurationPropertyDict(self)
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getConfigurationPropertyListDict')
+  @security.protected(Permissions.AccessContentsInformation)
   def getConfigurationPropertyListDict(self):
     """
     Returns a dictionary of possible values for specified
@@ -101,8 +99,7 @@ class SolverDecision(ConfigurableMixin, XMLObject):
     else:
       return solver_type.getConfigurationPropertyListDict(self)
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'searchDeliverySolverList')
+  @security.protected(Permissions.AccessContentsInformation)
   def searchDeliverySolverList(self, **kw):
     """
     this method returns a list of delivery solvers, as predicates against
@@ -114,8 +111,7 @@ class SolverDecision(ConfigurableMixin, XMLObject):
     solver_list = target_solver_type.getDeliverySolverValueList()
     return [x for x in solver_list if x.test(self)]
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getExplanationMessage')
+  @security.protected(Permissions.AccessContentsInformation)
   def getExplanationMessage(self, all=False): # pylint: disable=redefined-builtin
     """
     Returns the HTML message that describes the detail of divergences to

bt5/erp5_simulation/DocumentTemplateItem/portal_components/document.erp5.SolverProcess.py

@@ -78,7 +78,7 @@ class SolverProcess(XMLObject, ActiveProcess):
                     )
 
   # Implementation
-  security.declareProtected(Permissions.ModifyPortalContent, 'buildTargetSolverList')
+  @security.protected(Permissions.ModifyPortalContent)
   @UnrestrictedMethod
   def buildTargetSolverList(self):
     """
@@ -176,7 +176,7 @@ class SolverProcess(XMLObject, ActiveProcess):
   # ISolver implementation
   # Solver Process Workflow Interface
   #  NOTE: how can we consider that a workflow defines or provides an interface ?
-  security.declareProtected(Permissions.ModifyPortalContent, 'solve')
+  @security.protected(Permissions.ModifyPortalContent)
   def solve(self, activate_kw=None):
     """
       Start solving
@@ -201,8 +201,7 @@ class SolverProcess(XMLObject, ActiveProcess):
           activate_kw=activate_kw)
 
   # API
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'isSolverDecisionListConsistent')
+  @security.protected(Permissions.AccessContentsInformation)
   def isSolverDecisionListConsistent(self):
     """
     Returns True is the Solver Process decisions do not
@@ -211,8 +210,7 @@ class SolverProcess(XMLObject, ActiveProcess):
     this helps reducing CPU time.
     """
 
-  security.declareProtected(Permissions.ModifyPortalContent,
-                            'buildSolverDecisionList')
+  @security.protected(Permissions.ModifyPortalContent)
   def buildSolverDecisionList(self, delivery_or_movement=None):
     """
     Build (or rebuild) the solver decisions in the solver process

bt5/erp5_simulation/DocumentTemplateItem/portal_components/document.erp5.VariationEquivalenceTester.py

@@ -93,8 +93,7 @@ class VariationEquivalenceTester(Predicate, EquivalenceTesterMixin):
           dict(property_name=property_name))
     return None
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'generateHashKey')
+  @security.protected(Permissions.AccessContentsInformation)
   def generateHashKey(self, movement):
     """
     Returns a hash key which can be used to optimise the
@@ -115,8 +114,7 @@ class VariationEquivalenceTester(Predicate, EquivalenceTesterMixin):
                                                        tested_property))
     return 'variation/%r' % (value_list)
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getUpdatablePropertyDict')
+  @security.protected(Permissions.AccessContentsInformation)
   def getUpdatablePropertyDict(self, prevision_movement, decision_movement):
     """
     Returns a list of properties to update on decision_movement

bt5/erp5_simulation/MixinTemplateItem/portal_components/mixin.erp5.ConfigurableMixin.py

@@ -48,29 +48,25 @@ class ConfigurableMixin:
   security = ClassSecurityInfo()
   security.declareObjectProtected(Permissions.AccessContentsInformation)
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getConfigurationProperty')
+  @security.protected(Permissions.AccessContentsInformation)
   def getConfigurationProperty(self, key, default=None):
     """
     """
     return self._getConfigurationPropertyDict().get(key, default)
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getConfigurationPropertyIdList')
+  @security.protected(Permissions.AccessContentsInformation)
   def getConfigurationPropertyIdList(self):
     """
     """
     return self._getConfigurationPropertyDict().keys()
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getConfigurationPropertyDict')
+  @security.protected(Permissions.AccessContentsInformation)
   def getConfigurationPropertyDict(self):
     """
     """
     return dict(self._getConfigurationPropertyDict())
 
-  security.declareProtected(Permissions.ModifyPortalContent,
-                            'updateConfiguration')
+  @security.protected(Permissions.ModifyPortalContent)
   def updateConfiguration(self, **kw):
     """
     """

bt5/erp5_simulation/MixinTemplateItem/portal_components/mixin.erp5.EquivalenceTesterMixin.py

@@ -47,7 +47,7 @@ class EquivalenceTesterMixin:
   security.declareObjectProtected(Permissions.AccessContentsInformation)
 
   # Implementation of IEquivalenceTester
-  security.declarePrivate('testEquivalence')
+  @security.private
   def testEquivalence(self, simulation_movement):
     """
     Tests if simulation_movement is divergent. Returns False (0)
@@ -60,7 +60,7 @@ class EquivalenceTesterMixin:
     """
     return self.explain(simulation_movement) is not None
 
-  security.declarePrivate('explain')
+  @security.private
   def explain(self, simulation_movement):
     """
     Returns a single message which explain the nature of
@@ -101,7 +101,7 @@ class EquivalenceTesterMixin:
     """
     return movement.getProperty(property)
 
-  security.declarePrivate('generateHashKey')
+  @security.private
   def generateHashKey(self, movement):
     """
     Returns a hash key which can be used to optimise the
@@ -120,7 +120,7 @@ class EquivalenceTesterMixin:
       value = self._getTestedPropertyValue(movement, tested_property)
     return '%s/%r' % (tested_property, value)
 
-  security.declarePrivate('compare')
+  @security.private
   def compare(self, prevision_movement, decision_movement):
     """
     Returns True if prevision_movement and delivery_movement
@@ -140,7 +140,7 @@ class EquivalenceTesterMixin:
     """
     return (self._compare(prevision_movement, decision_movement) is None)
 
-  security.declarePrivate('update')
+  @security.private
   def update(self, prevision_movement, decision_movement):
     """
     Updates decision_movement with properties from
@@ -169,8 +169,7 @@ class EquivalenceTesterMixin:
     decision_movement.edit(
       **self.getUpdatablePropertyDict(prevision_movement, decision_movement))
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getExplanationMessage')
+  @security.protected(Permissions.AccessContentsInformation)
   def getExplanationMessage(self, simulation_movement):
     """
     Returns the HTML message that describes the detail of the
@@ -211,8 +210,7 @@ class EquivalenceTesterMixin:
     """
     raise NotImplementedError
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getUpdatablePropertyDict')
+  @security.protected(Permissions.AccessContentsInformation)
   def getUpdatablePropertyDict(self, prevision_movement, decision_movement):
     """
     Returns a mapping of properties to update on decision_movement so that next
@@ -228,8 +226,7 @@ class EquivalenceTesterMixin:
 
   # Temporary compatibility code that will fix existing data.
   # This Code must be removed in 2 years (end of 2017)
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'getTestedProperty')
+  @security.protected(Permissions.AccessContentsInformation)
   def getTestedProperty(self):
     """
     Override getTestedProperty to fix the way it is stored. Some time

bt5/erp5_simulation/MixinTemplateItem/portal_components/mixin.erp5.SolverMixin.py

@@ -48,7 +48,7 @@ class SolverMixin(object):
     raise NotImplementedError
 
   # Implementation of ISolver
-  security.declarePrivate('solve')
+  @security.private
   def solve(self, activate_kw=None):
     with super_user():
       self._solve(activate_kw=activate_kw)
@@ -56,8 +56,7 @@ class SolverMixin(object):
   def getPortalTypeValue(self):
     return self.getPortalObject().portal_solvers._getOb(self.getPortalType())
 
-  security.declareProtected(Permissions.AccessContentsInformation,
-                            'searchDeliverySolverList')
+  @security.protected(Permissions.AccessContentsInformation)
   def searchDeliverySolverList(self, **kw):
     """
     this method returns a list of delivery solvers