Allow UnrestrictedMethod to be used as a decorator

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@30329 20353a03-c40f-0410-a6d1-a30d3c3de9de

Allow UnrestrictedMethod to be used as a decorator
git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@30329 20353a03-c40f-0410-a6d1-a30d3c3de9de
81819f22 · Julien Muchembled · 9cc88da0 · 81819f22 · 81819f22 · 81819f22
Commit 81819f22 authored Nov 05, 2009 by Julien Muchembled
Showing with 8 additions and 13 deletions

product/ERP5Type/Base.py product/ERP5Type/Base.py +0 -1

product/ERP5Type/ERP5Type.py product/ERP5Type/ERP5Type.py +2 -4

product/ERP5Type/UnrestrictedMethod.py product/ERP5Type/UnrestrictedMethod.py +6 -8

No files found.
--- a/product/ERP5Type/Base.py
+++ b/product/ERP5Type/Base.py
@@ -79,7 +79,6 @@ from Products.CMFActivity.ActiveObject import ActiveObject
 from Products.ERP5Type.Accessor.Accessor import Accessor as Method
 from Products.ERP5Type.Accessor.TypeDefinition import asDate
 from Products.ERP5Type.Message import Message
-from Products.ERP5Type.UnrestrictedMethod import UnrestrictedMethod

 from zope.interface import classImplementsOnly, implementedBy


--- a/product/ERP5Type/ERP5Type.py
+++ b/product/ERP5Type/ERP5Type.py
@@ -55,10 +55,8 @@ class LocalRoleAssignorMixIn(object):
    zope.interface.implements(interfaces.ILocalRoleAssignor)

    security.declarePrivate('updateLocalRolesOnObject')
-    def updateLocalRolesOnDocument(self, *args, **kw):
-      return UnrestrictedMethod(self._updateLocalRolesOnDocument)(*args, **kw)
-
-    def _updateLocalRolesOnDocument(self, ob, user_name=None, reindex=True):
+    @UnrestrictedMethod
+    def updateLocalRolesOnDocument(self, ob, user_name=None, reindex=True):
      """
        Assign Local Roles to Groups on object 'ob', based on Portal Type Role
        Definitions and "ERP5 Role Definition" objects contained inside 'ob'.

--- a/product/ERP5Type/UnrestrictedMethod.py
+++ b/product/ERP5Type/UnrestrictedMethod.py
@@ -48,13 +48,13 @@ class PrivilegedUser(UnrestrictedUser):
    """Get the ID of the user. This is disabled in UnrestrictedUser."""
    return self.getUserName()

-class UnrestrictedMethod(object):
-  """Callable object that bypasses all security checks.
+def UnrestrictedMethod(function):
+  """Decorator to bypass all security checks.

  This method is dangerous. Never use this, until you are 100% certain
  that you have no other way.

-  When a method is wrapped with an instance of this class, it will behave
+  When a function is wrapped with this decorator, it will behave
  in the same way as before, besides that all security checks pass through.
  This is required, for example, for the simulation to expand movements,
  regardless of the permissions given to a user.
@@ -66,10 +66,9 @@ class UnrestrictedMethod(object):

  This method is dangerous. Enough said. Be careful.
  """
-  def __init__(self, method):
-    self._m = method
+  return lambda *args, **kw: _unrestricted_apply(function, args, kw)

-  def __call__(self, *args, **kw):
+def _unrestricted_apply(function, args, kw):
    security_manager = getSecurityManager()
    user = security_manager.getUser()
    anonymous = (user.getUserName() == 'Anonymous User')
@@ -94,8 +93,7 @@ class UnrestrictedMethod(object):
                                  role_list, user.getDomains()).__of__(uf)
    newSecurityManager(None, super_user)
    try:
-      return self._m(*args, **kw)
+      return apply(function, args, kw)
    finally:
      # Make sure that the original user is back.
      setSecurityManager(security_manager)
-