Made a reusable method out of last Base.py commit.

Reused the method in manage_copyObjects. git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@4079 20353a03-c40f-0410-a6d1-a30d3c3de9de

Made a reusable method out of last Base.py commit.
Reused the method in manage_copyObjects. git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@4079 20353a03-c40f-0410-a6d1-a30d3c3de9de
95ac6cf7 · Alexandre Boeglin · e7010195 · 95ac6cf7 · 95ac6cf7
Commit 95ac6cf7 authored Oct 19, 2005 by Alexandre Boeglin
Hide whitespace changes
Inline Side-by-side

Showing with 39 additions and 31 deletions

product/ERP5Type/Base.py product/ERP5Type/Base.py +5 -28

product/ERP5Type/CopySupport.py product/ERP5Type/CopySupport.py +34 -3

No files found.
--- a/product/ERP5Type/Base.py
+++ b/product/ERP5Type/Base.py
@@ -28,7 +28,7 @@

 import ExtensionClass
 from Globals import InitializeClass, DTMLFile, PersistentMapping
-from AccessControl import ClassSecurityInfo, getSecurityManager
+from AccessControl import ClassSecurityInfo
 from AccessControl.Permission import pname, Permission
 from Acquisition import aq_base, aq_inner, aq_acquire, aq_chain

@@ -51,11 +51,10 @@ from Products.ERP5Type.XMLExportImport import Base_asXML
 from Products.CMFCore.WorkflowCore import ObjectDeleted
 from Accessor import WorkflowState

-from OFS.CopySupport import CopyError
-
 from ZopePatch import ERP5PropertyManager

-from CopySupport import CopyContainer
+from CopySupport import CopyContainer, CopyError,\
+    tryMethodCallWithTemporaryPermission
 from Errors import DeferredCatalogError
 from Products.CMFActivity.ActiveObject import ActiveObject
 from Products.ERP5Type.Accessor.Accessor import Accessor as Method
@@ -961,30 +960,8 @@ class Base( CopyContainer, PortalContent, ActiveObject, ERP5PropertyManager ):
    # Do not rename until everything flushed
    self.recursiveFlushActivity(invoke=1)
    previous_relative_url = self.getRelativeUrl()
-    try:
-      self.aq_parent.manage_renameObject(self.id, id)
-    except CopyError:
-      # we want to catch the explicit security check done in
-      # manage_renameObject and bypass it. for this, we temporarily give the
-      # Copy or Move right to the user. We assume that if the user has enough
-      # rights to pass the "declareProtected" check around "setId", he should
-      # be really able to rename the object.
-      user = getSecurityManager().getUser()
-      user_role_list = user.getRolesInContext(self)
-      if len(user_role_list) > 0:
-        perm_list = self.ac_inherited_permissions()
-        for p in perm_list:
-          if p[0] == 'Copy or Move':
-            name, value = p[:2]
-            break
-        else:
-          name, value = ('Copy or Move', ())
-        p = Permission(name,value,self)
-        old_role_list = p.getRoles(default=[])
-        p.setRoles(user_role_list)
-        self.aq_parent.manage_renameObject(self.id, id)
-        p.setRoles(old_role_list)
-
+    tryMethodCallWithTemporaryPermission(self, 'Copy or Move',
+        self.aq_parent.manage_renameObject, (self.id, id), {}, CopyError)
    new_relative_url = self.getRelativeUrl()
    if reindex:
      self.flushActivity(invoke=1) # Required if we wish that news ids appear instantly

--- a/product/ERP5Type/CopySupport.py
+++ b/product/ERP5Type/CopySupport.py
@@ -13,7 +13,8 @@
 ##############################################################################

 from OFS import Moniker
-from AccessControl import ClassSecurityInfo
+from AccessControl import ClassSecurityInfo, getSecurityManager
+from AccessControl.Permission import Permission
 from OFS.ObjectManager import ObjectManager
 from OFS.CopySupport import CopyContainer as OriginalCopyContainer
 from OFS.CopySupport import CopyError
@@ -54,7 +55,9 @@ class CopyContainer:
      #LOG("Manage Copy",0, "ids:%s uids:%s" % (str(ids), str(uids)))
      if ids is not None:
        # Use default methode
-        return OriginalCopyContainer.manage_copyObjects(self, ids, REQUEST, RESPONSE)
+        return tryMethodCallWithTemporaryPermission(self, 'Copy or Move',
+            OriginalCopyContainer.manage_copyObjects, (self, ids, REQUEST,
+            RESPONSE), {}, CopyError)
      if uids is None and REQUEST is not None:
          return eNoItemsSpecified
      elif uids is None:
@@ -189,7 +192,7 @@ class CopyContainer:

    # Pass - need to find a way to pass calls...
    self.notifyWorkflowCreated()
-    
+
    # Add info about copy to edit workflow
    REQUEST = get_request()
    if REQUEST is not None and REQUEST.get('__cp', None) :
@@ -287,4 +290,32 @@ class CopyContainer:
      if catalog is not None:
          catalog.moveObject(self, idxs=idxs)

+#### Helper methods
+
+def tryMethodCallWithTemporaryPermission(context, permission, method,
+    method_argv, method_kw, exception):
+  # we want to catch the explicit security check done in manage_renameObject
+  # and bypass it. for this, we temporarily give the Copy or Move right to the
+  # user. We assume that if the user has enough rights to pass the
+  # "declareProtected" check around "setId", he should be really able to
+  # rename the object.
+  try:
+    return method(*method_argv, **method_kw)
+  except exception:
+    user = getSecurityManager().getUser()
+    user_role_list = user.getRolesInContext(context)
+    if len(user_role_list) > 0:
+      perm_list = context.ac_inherited_permissions()
+      for p in perm_list:
+        if p[0] == permission:
+          name, value = p[:2]
+          break
+      else:
+        name, value = (permission, ())
+      p = Permission(name,value,context)
+      old_role_list = p.getRoles(default=[])
+      p.setRoles(user_role_list)
+      result = method(*method_argv, **method_kw)
+      p.setRoles(old_role_list)
+      return result