ERP5Security.ERP5GroupManager: Get rid of try..finally: pass block.

a80099b4 · Vincent Pelletier · 7a3a0a4c · a80099b4
Commit a80099b4 authored Jul 09, 2018 by Vincent Pelletier
Hide whitespace changes
Inline Side-by-side

Showing with 73 additions and 76 deletions

product/ERP5Security/ERP5GroupManager.py product/ERP5Security/ERP5GroupManager.py +73 -76

No files found.
--- a/product/ERP5Security/ERP5GroupManager.py
+++ b/product/ERP5Security/ERP5GroupManager.py
@@ -93,88 +93,85 @@ class ERP5GroupManager(BasePlugin):
      security_group_list = []
      security_definition_list = ()
-      try:
+      # To get the complete list of groups, we try to call the
-        # To get the complete list of groups, we try to call the
+      # ERP5Type_getSecurityCategoryMapping which should return a list
-        # ERP5Type_getSecurityCategoryMapping which should return a list
+      # of lists of two elements (script, base_category_list) like :
-        # of lists of two elements (script, base_category_list) like :
+      # (
-        # (
+      #   ('script_1', ['base_category_1', 'base_category_2', ...]),
-        #   ('script_1', ['base_category_1', 'base_category_2', ...]),
+      #   ('script_2', ['base_category_1', 'base_category_3', ...])
-        #   ('script_2', ['base_category_1', 'base_category_3', ...])
+      # )
-        # )
+      #
-        #
+      # else, if the script does not exist, falls back to a list containng
-        # else, if the script does not exist, falls back to a list containng
+      # only one list :
-        # only one list :
+      # (('ERP5Type_getSecurityCategoryFromAssignment',
-        # (('ERP5Type_getSecurityCategoryFromAssignment',
+      #   self.getPortalAssignmentBaseCategoryList() ),)
-        #   self.getPortalAssignmentBaseCategoryList() ),)
+      mapping_method = getattr(self,
-        mapping_method = getattr(self,
+          'ERP5Type_getSecurityCategoryMapping', None)
-            'ERP5Type_getSecurityCategoryMapping', None)
+      if mapping_method is None:
-        if mapping_method is None:
+        security_definition_list = ((
-          security_definition_list = ((
+            'ERP5Type_getSecurityCategoryFromAssignment',
-              'ERP5Type_getSecurityCategoryFromAssignment',
+            self.getPortalAssignmentBaseCategoryList()
-              self.getPortalAssignmentBaseCategoryList()
+        ),)
-          ),)
+      else:
-        else:
+        security_definition_list = mapping_method()
-          security_definition_list = mapping_method()
+      # get the person from its login - no security check needed
-        # get the person from its login - no security check needed
+      user_path_set = {
-        user_path_set = {
+        x['path']
-          x['path']
+        for x in self.searchUsers(id=user_id, exact_match=True)
-          for x in self.searchUsers(id=user_id, exact_match=True)
+        if 'path' in x
-          if 'path' in x
+      }
-        }
+      if not user_path_set:
-        if not user_path_set:
+        return ()
-          return ()
+      user_path, = user_path_set
-        user_path, = user_path_set
+      person_object = self.getPortalObject().unrestrictedTraverse(user_path)
-        person_object = self.getPortalObject().unrestrictedTraverse(user_path)
+      # Fetch category values from defined scripts
-        # Fetch category values from defined scripts
+      for (method_name, base_category_list) in security_definition_list:
-        for (method_name, base_category_list) in security_definition_list:
+        base_category_list = tuple(base_category_list)
-          base_category_list = tuple(base_category_list)
+        security_category_list = security_category_dict.setdefault(
-          security_category_list = security_category_dict.setdefault(
+                                          base_category_list, [])
-                                            base_category_list, [])
+        try:
+          # The called script may want to distinguish if it is called
+          # from here or from _updateLocalRolesOnSecurityGroups.
+          # Currently, passing portal_type='' (instead of 'Person')
+          # is the only way to make the difference.
+          method = getattr(self, method_name)
+          security_category_list.extend(
+            method(base_category_list, user_id, person_object, '')
+          )
+        except ConflictError:
+          raise
+        except:
+          LOG('ERP5GroupManager', WARNING,
+              'could not get security categories from %s' % (method_name,),
+              error = sys.exc_info())
+      # Get group names from category values
+      # XXX try ERP5Type_asSecurityGroupIdList first for compatibility
+      generator_name = 'ERP5Type_asSecurityGroupIdList'
+      group_id_list_generator = getattr(self, generator_name, None)
+      if group_id_list_generator is None:
+        generator_name = ERP5TYPE_SECURITY_GROUP_ID_GENERATION_SCRIPT
+        group_id_list_generator = getattr(self, generator_name, None)
+      for base_category_list, category_value_list in \
+          security_category_dict.iteritems():
+        for category_dict in category_value_list:
          try:
-            # The called script may want to distinguish if it is called
+            group_id_list = group_id_list_generator(
-            # from here or from _updateLocalRolesOnSecurityGroups.
+                                      category_order=base_category_list,
-            # Currently, passing portal_type='' (instead of 'Person')
+                                      **category_dict)
-            # is the only way to make the difference.
+            if isinstance(group_id_list, str):
-            method = getattr(self, method_name)
+              group_id_list = [group_id_list]
-            security_category_list.extend(
+            security_group_list.extend(group_id_list)
-              method(base_category_list, user_id, person_object, '')
-            )
          except ConflictError:
            raise
          except:
            LOG('ERP5GroupManager', WARNING,
-                'could not get security categories from %s' % (method_name,),
+                'could not get security groups from %s' %
+                generator_name,
                error = sys.exc_info())
-        # Get group names from category values
-        # XXX try ERP5Type_asSecurityGroupIdList first for compatibility
-        generator_name = 'ERP5Type_asSecurityGroupIdList'
-        group_id_list_generator = getattr(self, generator_name, None)
-        if group_id_list_generator is None:
-          generator_name = ERP5TYPE_SECURITY_GROUP_ID_GENERATION_SCRIPT
-          group_id_list_generator = getattr(self, generator_name, None)
-        for base_category_list, category_value_list in \
-            security_category_dict.iteritems():
-          for category_dict in category_value_list:
-            try:
-              group_id_list = group_id_list_generator(
-                                        category_order=base_category_list,
-                                        **category_dict)
-              if isinstance(group_id_list, str):
-                group_id_list = [group_id_list]
-              security_group_list.extend(group_id_list)
-            except ConflictError:
-              raise
-            except:
-              LOG('ERP5GroupManager', WARNING,
-                  'could not get security groups from %s' %
-                  generator_name,
-                  error = sys.exc_info())
-      finally:
-        pass
      return tuple(security_group_list)
    if not NO_CACHE_MODE: