Secure certificate management.

Use by default checkUserCanChangePassword, but as in ERP5 users do not have
such persmission to Person document which defines them, check if logged in user
login is same as document reference.

master/bt5/vifib_base/DocumentTemplateItem/Person.py

-from AccessControl import ClassSecurityInfo
+from AccessControl import ClassSecurityInfo, Unauthorized, getSecurityManager
 from Products.ERP5.Document.Person import Person as ERP5Person
+
 class Person(ERP5Person):
   security = ClassSecurityInfo()
   security.declarePublic('getCertificate')
 
-  def _checkReference(self):
-    if not self.getReference():
-      raise ValueError('No reference set.')
+  def _checkCertificateRequest(self):
+    try:
+      self.checkUserCanChangePassword()
+    except Unauthorized:
+      # in ERP5 user has no SetOwnPassword permission on Person document
+      # referring himself, so implement "security" by checking that currently
+      # logged in user is trying to get/revoke his own certificate
+      reference = self.getReference()
+      if not reference:
+        raise
+      if getSecurityManager().getUser().getId() != reference:
+        raise
 
   def _getCertificate(self):
     return self.getPortalObject().portal_certificate_authority\
@@ -18,13 +28,11 @@ class Person(ERP5Person):
 
   def getCertificate(self):
     """Returns new SSL certificate"""
-    self._checkReference()
-    self.checkUserCanChangePassword()
+    self._checkCertificateRequest()
     return self._getCertificate()
 
   security.declarePublic('revokeCertificate')
   def revokeCertificate(self):
     """Revokes existing certificate"""
-    self._checkReference()
-    self.checkUserCanChangePassword()
+    self._checkCertificateRequest()
     self._revokeCertificate()

master/bt5/vifib_base/bt/revision

-242
\ No newline at end of file
+243
\ No newline at end of file