Fix security declarations.

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@390 20353a03-c40f-0410-a6d1-a30d3c3de9de

product/Base18/Translation.py

@@ -192,11 +192,11 @@ workflow and provide a translation to an existing document in a portal'"""
         return md.manage_export('locale.pt')
 
     # Implementation with Message Catalogs
-    security.declareProtected(CMFCorePermissions.View, 'messageCatalog')   
+    security.declareProtected(CMFCorePermissions.View, 'getMessageCatalog')   
     def getMessageCatalog(self):
         return self.messageCatalog
-    
-    security.declareProtected(CMFCorePermissions.View, 'targetContentPath')   
+
+    security.declareProtected(CMFCorePermissions.View, 'targetContentPath')
     def targetContentPath(self):
         return string.join(self.targetContent,'/')
     

product/CMFActivity/ActiveObject.py

@@ -59,7 +59,7 @@ class ActiveObject(ExtensionClass.Base):
       if passive_commit: get_transaction().commit()
       return self
 
-  security.declareProtected( CMFCorePermissions.ModifyPortalContent, 'hasActivity' )
+  security.declareProtected( CMFCorePermissions.ModifyPortalContent, 'flushActivity' )
   def flushActivity(self, invoke=0, **kw):
     activity_tool = getattr(self, 'portal_activities', None)
     if activity_tool is None: return # Do nothing if no portal_activities
@@ -72,7 +72,7 @@ class ActiveObject(ExtensionClass.Base):
     #  # nothing to do
     #  pass
 
-  security.declareProtected( CMFCorePermissions.ModifyPortalContent, 'hasActivity' )
+  security.declareProtected( CMFCorePermissions.ModifyPortalContent, 'recursiveFlushActivity' )
   def recursiveFlushActivity(self, invoke=0, **kw):
     # flush all activities related to this object
     self.flushActivity(invoke=invoke, **kw)
@@ -95,7 +95,7 @@ class ActiveObject(ExtensionClass.Base):
       # there can not be any activity
       return 0
 
-  security.declareProtected( CMFCorePermissions.View, 'hasActivity' )
+  security.declareProtected( CMFCorePermissions.View, 'getActiveProcess' )
   def getActiveProcess(self):
     activity_tool = getattr(self, 'portal_activities', None)
     if activity_tool is None: return None # Do nothing if no portal_activities

product/ERP5/Document/AppliedRule.py

@@ -125,7 +125,7 @@ An ERP5 Rule..."""
         )
       }
 
-    security.declareProtected(Permissions.AccessContentsInformation, 'getCausalitySate')
+    security.declareProtected(Permissions.AccessContentsInformation, 'getCausalityState')
     def getCausalityState(self, id_only=1):
       """
         Returns the current state in causality
@@ -272,7 +272,7 @@ An ERP5 Rule..."""
       else:
         self.getRootAppliedRule().reindexObject() # Reindex the whole applied rule
 
-    security.declareProtected(Permissions.View, 'reindexObject')
+    security.declareProtected(Permissions.View, 'hasActivity')
     def hasActivity(self, **kw):
       """
         We reindex the whole applied rule
@@ -282,7 +282,7 @@ An ERP5 Rule..."""
       else:
         self.getRootAppliedRule().hasActivity(**kw) # Reindex the whole applied rule
 
-    security.declareProtected(Permissions.View, 'getMovementIndex')
+    security.declareProtected(Permissions.View, 'isRootAppliedRule')
     def isRootAppliedRule(self):
       """
         Returns 1 is this is a root applied rule

product/ERP5/Document/Delivery.py

@@ -261,7 +261,7 @@ une liste de mouvements..."""
 #       wf = portal_workflow.getWorkflowById('causality_workflow')
 #       return wf._getWorkflowStateOf(self, id_only=id_only)
 
-    security.declareProtected(Permissions.AccessContentsInformation, 'getSimulationSate')
+    security.declareProtected(Permissions.AccessContentsInformation, 'getSimulationState')
     def getSimulationState(self, id_only=1):
       """
         Returns the current state in simulation
@@ -392,7 +392,7 @@ une liste de mouvements..."""
 #       """
 #       return self._getTotalPrice(self.asContext(context=context, REQUEST=REQUEST, **kw))
 
-    security.declareProtected(Permissions.AccessContentsInformation, 'getDefaultTotalprice')
+    security.declareProtected(Permissions.AccessContentsInformation, 'getDefaultTotalPrice')
     def getDefaultTotalPrice(self, context=None, REQUEST=None, **kw):
       """
       """

product/ERP5/Document/Inventory.py

@@ -123,7 +123,7 @@ une liste de mouvements..."""
       """
       return 1
 
-    security.declareProtected(Permissions.AccessContentsInformation, 'getSimulationSate')
+    security.declareProtected(Permissions.AccessContentsInformation, 'getSimulationState')
     def getSimulationState(self, id_only=1):
       """
         Returns the current state in simulation

product/ERP5/Document/Order.py

@@ -127,7 +127,7 @@ An order..."""
         # Nothing to do
         self._createOrderRule()
 
-    security.declareProtected(Permissions.AccessContentsInformation, 'getSimulationSate')
+    security.declareProtected(Permissions.AccessContentsInformation, 'getSimulationState')
     def getSimulationState(self, id_only=1):
       """
         Returns the current state in simulation

product/ERP5/Document/Predicate.py

@@ -60,6 +60,6 @@ class Predicate:
     return "%s %s %s" % (self.predicate_property, self.predicate_operator, self.predicate_value)
 
   # Compatibility
-  security.declareProtected( Permissions.View, 'getTitle' )
+  security.declareProtected( Permissions.View, 'getPredicateAttribute' )
   def getPredicateAttribute(self):
     return self.getPredicateProperty()

product/ERP5/Document/SimulationMovement.py

@@ -164,7 +164,7 @@ a service in a public administration)."""
     """
     return self._baseGetPrice() # Call the price method
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'getCausalitySate')
+  security.declareProtected(Permissions.AccessContentsInformation, 'getCausalityState')
   def getCausalityState(self):
     """
       Returns the current state in causality
@@ -177,7 +177,7 @@ a service in a public administration)."""
     """
     self.causality_state = value
 
-  security.declareProtected(Permissions.AccessContentsInformation, 'getSimulationSate')
+  security.declareProtected(Permissions.AccessContentsInformation, 'getSimulationState')
   def getSimulationState(self, id_only=1):
     """
       Returns the current state in simulation
@@ -341,7 +341,7 @@ a service in a public administration)."""
       result.extend(m.getMovementIndex())
     return result
 
-  security.declareProtected(Permissions.View, 'reindexObject')
+  security.declareProtected(Permissions.View, 'hasActivity')
   def hasActivity(self, **kw):
     """
       We reindex the whole applied rule

product/ERP5/Document/SupplyLine.py

@@ -220,7 +220,7 @@ Une ligne tarifaire."""
 #       """
 #       return self._getTotalPrice(self.asContext(context=context, REQUEST=REQUEST, **kw))
 
-    security.declareProtected(Permissions.AccessContentsInformation, 'getDefaultTotalprice')
+    security.declareProtected(Permissions.AccessContentsInformation, 'getDefaultTotalPrice')
     def getDefaultTotalPrice(self, context=None, REQUEST=None, **kw):
       """
       """

product/ERP5/ERP5Site.py

@@ -91,7 +91,7 @@ class ERP5Site ( CMFSite, FolderMixIn ):
     security = ClassSecurityInfo()
     security.declareObjectProtected(Permissions.View)
 
-    security.declareProtected(Permissions.View, 'getUid')
+    security.declareProtected(Permissions.View, 'view')
     def view(self):
         """
           Returns the default view.
@@ -125,7 +125,7 @@ class ERP5Site ( CMFSite, FolderMixIn ):
       return None
 
     # Required to allow content creation outside folders
-    security.declareProtected(Permissions.View, 'getIdGroup')
+    security.declareProtected(Permissions.View, 'setLastId')
     def setLastId(self, id):
       self.last_id = id
 
@@ -164,7 +164,7 @@ class ERP5Site ( CMFSite, FolderMixIn ):
       """
       return ERP5Globals.movement_type_list
 
-    security.declarePublic('getOrderedGlobalActionList')
+    security.declarePublic('getModuleList')
     def getModuleList(self):
       """
          Return a list of modules - result dependent on user - result is translated and cached

product/ERP5Shop/Document/ShopOrder.py

@@ -194,7 +194,7 @@ Un tissu est une resource variantable en couleur."""
               self._country ,
               self._eu_vat )))
 
-    security.declareProtected(Permissions.View, 'Description')
+    security.declareProtected(Permissions.View, 'TranslatedTitle')
     def TranslatedTitle(self):
         """
           Return a translated title
@@ -211,7 +211,7 @@ Un tissu est une resource variantable en couleur."""
       # Do nothing
       return
 
-    security.declareProtected(Permissions.ManageProperties, 'addProductToOrder')
+    security.declareProtected(Permissions.ManageProperties, 'addLineToOrder')
     def addLineToOrder(self, title, description, price, quantity, producturl=None,
                                                                   variation_value=None):
       """

product/ERP5Shop/Document/ShopProduct.py

@@ -218,6 +218,6 @@ Un tissu est une resource variantable en couleur."""
     def getProductPath(self, REQUEST=None):
         return self.getRelativeUrl()
 
-    security.declareProtected(Permissions.View, 'getProductPath')
+    security.declareProtected(Permissions.View, 'getOptionValues')
     def getOptionValues(self, REQUEST=None):
         return ()

product/ERP5Type/Base.py

@@ -492,7 +492,7 @@ class Base( CopyContainer, PortalContent, Base18, ActiveObject, ERP5PropertyMana
     """
     self._getCategoryTool().updateRelatedContent(self, previous_category_url, new_category_url)
 
-  security.declareProtected( Permissions.ModifyPortalContent, 'getObject' )
+  security.declareProtected( Permissions.ModifyPortalContent, 'edit' )
   def edit(self, REQUEST=None, force_update = 0, **kw):
     return self._edit(REQUEST=REQUEST, force_update=force_update, **kw)
   edit = WorkflowMethod( edit )
@@ -588,7 +588,7 @@ class Base( CopyContainer, PortalContent, Base18, ActiveObject, ERP5PropertyMana
     return self.portal_workflow.getWorkflowIds()
 
   # Object Database Management
-  security.declareProtected( Permissions.ManagePortal, 'Upgrade' )
+  security.declareProtected( Permissions.ManagePortal, 'upgrade' )
   def upgrade(self, REQUEST=None):
     """
       Upgrade an object and do whatever necessary
@@ -749,7 +749,7 @@ class Base( CopyContainer, PortalContent, Base18, ActiveObject, ERP5PropertyMana
   def _delValue(self, id, value, spec=(), filter=None, portal_type=()):
     pass
 
-  security.declareProtected( Permissions.ModifyPortalContent, '_delValue' )
+  security.declareProtected( Permissions.ModifyPortalContent, 'updateRelation' )
   def updateRelation(self, key, value, REQUEST):
     return REQUEST
 

product/ERP5Type/Document/Folder.py

@@ -243,7 +243,9 @@ be a problem)."""
         }
 
   # Class inheritance fixes
+  security.declareProtected( Permissions.ModifyPortalContent, 'edit' )
   edit = Base.edit
+  security.declareProtected( Permissions.ModifyPortalContent, '_edit' )
   _edit = Base._edit
 
   # Implementation

product/ERP5Type/ERP5Type.py

@@ -68,11 +68,6 @@ class ERP5TypeInformation( ScriptableTypeInformation, ERP5AcquisitionType ):
                       ScriptableTypeInformation.manage_options[2:])
 
 
-    security = ClassSecurityInfo()
-    security.declareProtected(ERP5Permissions.ManagePortal, 'manage_editAcquisitionForm')
-
-
-
     #
     #   Acquisition editing interface
     #

product/StoreverShop/ComputerProduct.py

@@ -372,8 +372,6 @@ class ComputerProduct( ShopProduct, Document18 ):
         return self.newVariationValue(variant=variant).asString()
         return "%s/%s/%s/%s/%s" % (variant[0],variant[1],variant[2],variant[3],variant[5])
 
-    shortVariation = shortVariant
-    security.declareProtected(View, 'shortVariation')
 
 def addComputerProduct(self, id, title='', REQUEST=None):
         ob=ComputerProduct(id,title)