Commit f21eb128 authored by Yoshinori Okuji's avatar Yoshinori Okuji

Fix security declarations.


git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@390 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent 4b0a3bbd
......@@ -192,11 +192,11 @@ workflow and provide a translation to an existing document in a portal'"""
return md.manage_export('locale.pt')
# Implementation with Message Catalogs
security.declareProtected(CMFCorePermissions.View, 'messageCatalog')
security.declareProtected(CMFCorePermissions.View, 'getMessageCatalog')
def getMessageCatalog(self):
return self.messageCatalog
security.declareProtected(CMFCorePermissions.View, 'targetContentPath')
security.declareProtected(CMFCorePermissions.View, 'targetContentPath')
def targetContentPath(self):
return string.join(self.targetContent,'/')
......
......@@ -59,7 +59,7 @@ class ActiveObject(ExtensionClass.Base):
if passive_commit: get_transaction().commit()
return self
security.declareProtected( CMFCorePermissions.ModifyPortalContent, 'hasActivity' )
security.declareProtected( CMFCorePermissions.ModifyPortalContent, 'flushActivity' )
def flushActivity(self, invoke=0, **kw):
activity_tool = getattr(self, 'portal_activities', None)
if activity_tool is None: return # Do nothing if no portal_activities
......@@ -72,7 +72,7 @@ class ActiveObject(ExtensionClass.Base):
# # nothing to do
# pass
security.declareProtected( CMFCorePermissions.ModifyPortalContent, 'hasActivity' )
security.declareProtected( CMFCorePermissions.ModifyPortalContent, 'recursiveFlushActivity' )
def recursiveFlushActivity(self, invoke=0, **kw):
# flush all activities related to this object
self.flushActivity(invoke=invoke, **kw)
......@@ -95,7 +95,7 @@ class ActiveObject(ExtensionClass.Base):
# there can not be any activity
return 0
security.declareProtected( CMFCorePermissions.View, 'hasActivity' )
security.declareProtected( CMFCorePermissions.View, 'getActiveProcess' )
def getActiveProcess(self):
activity_tool = getattr(self, 'portal_activities', None)
if activity_tool is None: return None # Do nothing if no portal_activities
......
......@@ -125,7 +125,7 @@ An ERP5 Rule..."""
)
}
security.declareProtected(Permissions.AccessContentsInformation, 'getCausalitySate')
security.declareProtected(Permissions.AccessContentsInformation, 'getCausalityState')
def getCausalityState(self, id_only=1):
"""
Returns the current state in causality
......@@ -272,7 +272,7 @@ An ERP5 Rule..."""
else:
self.getRootAppliedRule().reindexObject() # Reindex the whole applied rule
security.declareProtected(Permissions.View, 'reindexObject')
security.declareProtected(Permissions.View, 'hasActivity')
def hasActivity(self, **kw):
"""
We reindex the whole applied rule
......@@ -282,7 +282,7 @@ An ERP5 Rule..."""
else:
self.getRootAppliedRule().hasActivity(**kw) # Reindex the whole applied rule
security.declareProtected(Permissions.View, 'getMovementIndex')
security.declareProtected(Permissions.View, 'isRootAppliedRule')
def isRootAppliedRule(self):
"""
Returns 1 is this is a root applied rule
......
......@@ -261,7 +261,7 @@ une liste de mouvements..."""
# wf = portal_workflow.getWorkflowById('causality_workflow')
# return wf._getWorkflowStateOf(self, id_only=id_only)
security.declareProtected(Permissions.AccessContentsInformation, 'getSimulationSate')
security.declareProtected(Permissions.AccessContentsInformation, 'getSimulationState')
def getSimulationState(self, id_only=1):
"""
Returns the current state in simulation
......@@ -392,7 +392,7 @@ une liste de mouvements..."""
# """
# return self._getTotalPrice(self.asContext(context=context, REQUEST=REQUEST, **kw))
security.declareProtected(Permissions.AccessContentsInformation, 'getDefaultTotalprice')
security.declareProtected(Permissions.AccessContentsInformation, 'getDefaultTotalPrice')
def getDefaultTotalPrice(self, context=None, REQUEST=None, **kw):
"""
"""
......
......@@ -123,7 +123,7 @@ une liste de mouvements..."""
"""
return 1
security.declareProtected(Permissions.AccessContentsInformation, 'getSimulationSate')
security.declareProtected(Permissions.AccessContentsInformation, 'getSimulationState')
def getSimulationState(self, id_only=1):
"""
Returns the current state in simulation
......
......@@ -127,7 +127,7 @@ An order..."""
# Nothing to do
self._createOrderRule()
security.declareProtected(Permissions.AccessContentsInformation, 'getSimulationSate')
security.declareProtected(Permissions.AccessContentsInformation, 'getSimulationState')
def getSimulationState(self, id_only=1):
"""
Returns the current state in simulation
......
......@@ -60,6 +60,6 @@ class Predicate:
return "%s %s %s" % (self.predicate_property, self.predicate_operator, self.predicate_value)
# Compatibility
security.declareProtected( Permissions.View, 'getTitle' )
security.declareProtected( Permissions.View, 'getPredicateAttribute' )
def getPredicateAttribute(self):
return self.getPredicateProperty()
......@@ -164,7 +164,7 @@ a service in a public administration)."""
"""
return self._baseGetPrice() # Call the price method
security.declareProtected(Permissions.AccessContentsInformation, 'getCausalitySate')
security.declareProtected(Permissions.AccessContentsInformation, 'getCausalityState')
def getCausalityState(self):
"""
Returns the current state in causality
......@@ -177,7 +177,7 @@ a service in a public administration)."""
"""
self.causality_state = value
security.declareProtected(Permissions.AccessContentsInformation, 'getSimulationSate')
security.declareProtected(Permissions.AccessContentsInformation, 'getSimulationState')
def getSimulationState(self, id_only=1):
"""
Returns the current state in simulation
......@@ -341,7 +341,7 @@ a service in a public administration)."""
result.extend(m.getMovementIndex())
return result
security.declareProtected(Permissions.View, 'reindexObject')
security.declareProtected(Permissions.View, 'hasActivity')
def hasActivity(self, **kw):
"""
We reindex the whole applied rule
......
......@@ -220,7 +220,7 @@ Une ligne tarifaire."""
# """
# return self._getTotalPrice(self.asContext(context=context, REQUEST=REQUEST, **kw))
security.declareProtected(Permissions.AccessContentsInformation, 'getDefaultTotalprice')
security.declareProtected(Permissions.AccessContentsInformation, 'getDefaultTotalPrice')
def getDefaultTotalPrice(self, context=None, REQUEST=None, **kw):
"""
"""
......
......@@ -91,7 +91,7 @@ class ERP5Site ( CMFSite, FolderMixIn ):
security = ClassSecurityInfo()
security.declareObjectProtected(Permissions.View)
security.declareProtected(Permissions.View, 'getUid')
security.declareProtected(Permissions.View, 'view')
def view(self):
"""
Returns the default view.
......@@ -125,7 +125,7 @@ class ERP5Site ( CMFSite, FolderMixIn ):
return None
# Required to allow content creation outside folders
security.declareProtected(Permissions.View, 'getIdGroup')
security.declareProtected(Permissions.View, 'setLastId')
def setLastId(self, id):
self.last_id = id
......@@ -164,7 +164,7 @@ class ERP5Site ( CMFSite, FolderMixIn ):
"""
return ERP5Globals.movement_type_list
security.declarePublic('getOrderedGlobalActionList')
security.declarePublic('getModuleList')
def getModuleList(self):
"""
Return a list of modules - result dependent on user - result is translated and cached
......
......@@ -194,7 +194,7 @@ Un tissu est une resource variantable en couleur."""
self._country ,
self._eu_vat )))
security.declareProtected(Permissions.View, 'Description')
security.declareProtected(Permissions.View, 'TranslatedTitle')
def TranslatedTitle(self):
"""
Return a translated title
......@@ -211,7 +211,7 @@ Un tissu est une resource variantable en couleur."""
# Do nothing
return
security.declareProtected(Permissions.ManageProperties, 'addProductToOrder')
security.declareProtected(Permissions.ManageProperties, 'addLineToOrder')
def addLineToOrder(self, title, description, price, quantity, producturl=None,
variation_value=None):
"""
......
......@@ -218,6 +218,6 @@ Un tissu est une resource variantable en couleur."""
def getProductPath(self, REQUEST=None):
return self.getRelativeUrl()
security.declareProtected(Permissions.View, 'getProductPath')
security.declareProtected(Permissions.View, 'getOptionValues')
def getOptionValues(self, REQUEST=None):
return ()
......@@ -492,7 +492,7 @@ class Base( CopyContainer, PortalContent, Base18, ActiveObject, ERP5PropertyMana
"""
self._getCategoryTool().updateRelatedContent(self, previous_category_url, new_category_url)
security.declareProtected( Permissions.ModifyPortalContent, 'getObject' )
security.declareProtected( Permissions.ModifyPortalContent, 'edit' )
def edit(self, REQUEST=None, force_update = 0, **kw):
return self._edit(REQUEST=REQUEST, force_update=force_update, **kw)
edit = WorkflowMethod( edit )
......@@ -588,7 +588,7 @@ class Base( CopyContainer, PortalContent, Base18, ActiveObject, ERP5PropertyMana
return self.portal_workflow.getWorkflowIds()
# Object Database Management
security.declareProtected( Permissions.ManagePortal, 'Upgrade' )
security.declareProtected( Permissions.ManagePortal, 'upgrade' )
def upgrade(self, REQUEST=None):
"""
Upgrade an object and do whatever necessary
......@@ -749,7 +749,7 @@ class Base( CopyContainer, PortalContent, Base18, ActiveObject, ERP5PropertyMana
def _delValue(self, id, value, spec=(), filter=None, portal_type=()):
pass
security.declareProtected( Permissions.ModifyPortalContent, '_delValue' )
security.declareProtected( Permissions.ModifyPortalContent, 'updateRelation' )
def updateRelation(self, key, value, REQUEST):
return REQUEST
......
......@@ -243,7 +243,9 @@ be a problem)."""
}
# Class inheritance fixes
security.declareProtected( Permissions.ModifyPortalContent, 'edit' )
edit = Base.edit
security.declareProtected( Permissions.ModifyPortalContent, '_edit' )
_edit = Base._edit
# Implementation
......
......@@ -68,11 +68,6 @@ class ERP5TypeInformation( ScriptableTypeInformation, ERP5AcquisitionType ):
ScriptableTypeInformation.manage_options[2:])
security = ClassSecurityInfo()
security.declareProtected(ERP5Permissions.ManagePortal, 'manage_editAcquisitionForm')
#
# Acquisition editing interface
#
......
......@@ -372,8 +372,6 @@ class ComputerProduct( ShopProduct, Document18 ):
return self.newVariationValue(variant=variant).asString()
return "%s/%s/%s/%s/%s" % (variant[0],variant[1],variant[2],variant[3],variant[5])
shortVariation = shortVariant
security.declareProtected(View, 'shortVariation')
def addComputerProduct(self, id, title='', REQUEST=None):
ob=ComputerProduct(id,title)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment