Merge remote-tracking branch 'origin/master' into zope4py2

bt5/erp5_core_test/TestTemplateItem/portal_components/test.erp5.testRestrictedPythonSecurity.py

@@ -770,6 +770,41 @@ class TestRestrictedPythonSecurity(ERP5TypeTestCase):
         '''.format(malicous_input)
       )
 
+  def testIpAddressModuleAllowance(self):
+    # Test ipaddress usability
+    self.createAndRunScript('import ipaddress')
+    self.createAndRunScript('''
+        from ipaddress import ip_address
+        return ip_address(u'90.4.85.17').is_global
+        ''')
+    self.createAndRunScript('''
+        from ipaddress import ip_network
+        return ip_network(u'90.4.0.0/16').is_private
+        ''')
+    self.createAndRunScript('''
+        from ipaddress import ip_address, ip_network
+        return ip_address(u'90.4.85.17') in ip_network(u'90.4.0.0/16')
+        ''')
+    self.createAndRunScript('''
+        from ipaddress import ip_interface
+        return ip_interface(u'90.4.85.17').with_prefixlen
+        ''')
+    self.createAndRunScript('''
+        from ipaddress import ip_address
+        return ip_address(u'2a01:cb14:818:0:7312:e251:f251:ffbe').is_global
+        ''')
+    self.createAndRunScript('''
+        from ipaddress import ip_network
+        return ip_network(u'2a01:cb14:818:0:7312:e251:f251::/112').is_private
+        ''')
+    self.createAndRunScript('''
+        from ipaddress import ip_address, ip_network
+        return ip_address(u'2a01:cb14:818:0:7312:e251:f251:ffbe') in ip_network(u'2a01:cb14:818:0:7312:e251:f251::/112')
+        ''')
+    self.createAndRunScript('''
+        from ipaddress import ip_interface
+        return ip_interface(u'2a01:cb14:818:0:7312:e251:f251:ffbe').with_prefixlen
+        ''')
 
 def test_suite():
   suite = unittest.TestSuite()

product/ERP5/bootstrap/erp5_core/ToolComponentTemplateItem/portal_components/tool.erp5.SessionTool.py

@@ -92,11 +92,11 @@ class Session(UserDict):
   # used to set duration of session
   session_duration = None
 
-  # a handle to current aquisition context
+  # a handle to current acquisition context
   _aq_context = None
 
   def __getstate__(self):
-    """filter out acqusition wrappers when serializing.
+    """filter out acquisition wrappers when serializing.
     """
     state = {
         'session_duration': self.session_duration,
@@ -107,12 +107,12 @@ class Session(UserDict):
     return state
 
   def _updatecontext(self, aq_context):
-    """ Update current aquisition context. """
+    """ Update current acquisition context. """
     self._aq_context = aq_context
 
   def __getitem__(self, key):
     if key in self.data:
-      # returned it wrapped in aquisition context
+      # returned it wrapped in acquisition context
       return restore_acquisition_wrapper(self.data[key], self._aq_context)
     raise KeyError(key)
 
@@ -213,10 +213,10 @@ class SessionTool(BaseTool):
       shopping_cart = session['shopping_cart']
 
       Please note that:
-        - developer is responsible for handling an unique sessiond_id (using cookies for example).
+        - developer is responsible for handling an unique session_id (using cookies for example).
         - it's not recommended to store in portal_sessions ZODB persistent objects because in order
-      to store them in Local RAM portal_sessions tool will remove aquisition wrapper. At "get"
-      request they'll be returend wrapped.
+      to store them in Local RAM portal_sessions tool will remove acquisition wrapper. At "get"
+      request they'll be returned wrapped.
         - developer can store temporary ERP5 documents like 'TempOrder', but keep
       in mind that after making changes to temporary documents they need to be
       saved again in portal_sessions, so:

product/ERP5Type/patches/CMFCoreSkinnable.py

@@ -201,7 +201,7 @@ class SkinDataCleanup:
     if skindata is not None:
       if self.hashSkinData(skindata) == self.skindata_id:
         try:
-          # Entry might have already disapeared. Ignore.
+          # Entry might have already disappeared. Ignore.
           del SKINDATA[tid]
         except KeyError:
           pass

product/ERP5Type/patches/Restricted.py

@@ -574,3 +574,12 @@ else:
   allow_full_write(pd.core.indexing._LocIndexer)
   allow_full_write(pd.MultiIndex)
   allow_full_write(pd.Index)
+
+import ipaddress
+allow_module('ipaddress')
+allow_type(ipaddress.IPv4Address)
+allow_type(ipaddress.IPv6Address)
+allow_type(ipaddress.IPv4Network)
+allow_type(ipaddress.IPv6Network)
+allow_type(ipaddress.IPv4Interface)
+allow_type(ipaddress.IPv6Interface)

product/ERP5Type/tests/ERP5TypeLiveTestCase.py

@@ -80,14 +80,14 @@ class ERP5TypeLiveTestCase(ERP5TypeTestCaseMixin):
     def getPortal(self):
       """Returns the portal object, i.e. the "fixture root".
 
-      Rewrap the portal in an independant request for this test.
+      Rewrap the portal in an independent request for this test.
       """
       if self.portal is not None:
         return self.portal
 
       from Products.ERP5.ERP5Site import getSite
       site = getSite()
-      # reconstruct the acquistion chain with an independant request.
+      # reconstruct the acquisition chain with an independent request.
       #   RequestContainer -> Application -> Site
       from Testing.makerequest import makerequest
       environ = {}

product/ERP5Type/tests/ERP5TypeTestCase.py

@@ -550,7 +550,7 @@ class ERP5TypeTestCaseMixin(ProcessingNodeTestCase, PortalTestCase):
         User password is the reference.
       """
       user = self.createUser(reference, person_kw=dict(title=title))
-      assignment = self.createUserAssignement(user, assignment_kw=dict(function=function))
+      assignment = self.createUserAssignment(user, assignment_kw=dict(function=function))
       return user
 
     def createUser(self, reference, password=None, person_kw=None):