Commit 4baef747 authored by Jean-Paul Smets's avatar Jean-Paul Smets

Added checked_permission support to all category accessors.

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@16518 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent a300098d
......@@ -714,7 +714,7 @@ class CategoryTool( UniqueObject, Folder, Base ):
security.declareProtected( Permissions.AccessContentsInformation,
'getSingleCategoryMembershipList' )
def getSingleCategoryMembershipList(self, context, base_category, base=0,
spec=(), filter=None, **kw):
spec=(), filter=None, checked_permission=None, **kw):
"""
Returns the local membership of the context for a single base category
represented as a list of relative URLs
......@@ -733,15 +733,28 @@ class CategoryTool( UniqueObject, Folder, Base ):
portal_type = kw.get('portal_type', ())
if spec is (): spec = portal_type
# Build the ckecked_permission filter
if checked_permission is None:
permissionFilter = lambda x: x
else:
def permissionFilter(category_list):
filtered_category_list = []
checkPermission = self.portal_membership.checkPermission
for category in category_list:
object = self.unrestrictedTraverse(category)
if object is not None and checkPermission(checked_permission, object):
filtered_category_list.append(category)
return filtered_category_list
# We must treat parent in a different way
#LOG('getSingleCategoryMembershipList', 0, 'base_category = %s, spec = %s, base = %s, context = %s, context.aq_inner.aq_parent = %s' % (repr(base_category), repr(spec), repr(base), repr(context), repr(context.aq_inner.aq_parent)))
if base_category == 'parent':
parent = context.aq_inner.aq_parent # aq_inner is required to make sure we use containment
if parent.portal_type in spec:
if base:
return ['parent/' + parent.getRelativeUrl()]
return permissionFilter(['parent/' + parent.getRelativeUrl()])
else:
return [parent.getRelativeUrl()]
return permissionFilter([parent.getRelativeUrl()])
#LOG('getSingleCategoryMembershipList', 0, 'not in spec: parent.portal_type = %s, spec = %s' % (repr(parent.portal_type), repr(spec)))
return []
......@@ -777,7 +790,7 @@ class CategoryTool( UniqueObject, Folder, Base ):
append(category_url)
else:
append(category_url[len(my_base_category)+1:])
return result
return permissionFilter(result)
security.declareProtected( Permissions.AccessContentsInformation,
'getSingleCategoryAcquiredMembershipList' )
......@@ -820,6 +833,9 @@ class CategoryTool( UniqueObject, Folder, Base ):
base -- if set to 1, returns relative URLs to portal_categories
if set to 0, returns relative URLs to the base category
checked_permission -- a string which defined the permission
to filter the object on
acquired_object_dict -- this is the list of object used by acquisition, so
we can check if we already have used this object
......
......@@ -94,6 +94,7 @@ class Getter(Method):
alt_accessor_id=self._alt_accessor_id,
is_list_type=self._is_list_type,
is_tales_type=self._is_tales_type,
checked_permission=kw.get('checked_permission', None)
)
if value is not None:
return value.getProperty(self._acquired_property, default, **kw)
......
......@@ -57,7 +57,8 @@ class ListSetter(Method):
filter=kw.get('filter', None),
portal_type=kw.get('portal_type',()),
base=kw.get('base', 0),
keep_default=0)
keep_default=0,
checked_permission=kw.get('checked_permission', None))
if self._reindex:
warnings.warn("The reindexing accessors are deprecated.\n"
"Please use Alias.Reindex instead.",
......@@ -90,7 +91,8 @@ class DefaultSetter(Method):
spec=kw.get('spec',()),
filter=kw.get('filter', None),
portal_type=kw.get('portal_type',()),
base=kw.get('base', 0))
base=kw.get('base', 0),
checked_permission=kw.get('checked_permission', None))
if self._reindex:
warnings.warn("The reindexing accessors are deprecated.\n"
"Please use Alias.Reindex instead.",
......@@ -133,7 +135,8 @@ class SetSetter(Method):
filter=kw.get('filter', None),
portal_type=kw.get('portal_type',()),
base=kw.get('base', 0),
keep_default=1)
keep_default=1,
checked_permission=kw.get('checked_permission', None))
if self._reindex:
warnings.warn("The reindexing accessors are deprecated.\n"
"Please use Alias.Reindex instead.",
......@@ -168,7 +171,8 @@ class DefaultGetter(Method):
spec=kw.get('spec',()),
filter=kw.get('filter', None),
portal_type=kw.get('portal_type',()),
base=kw.get('base',0), default=default)
base=kw.get('base',0), default=default,
checked_permission=kw.get('checked_permission', None))
psyco.bind(__call__)
class ListGetter(Method):
......
This diff is collapsed.
This diff is collapsed.
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment