Commit fdb4f4af authored by Jérome Perrin's avatar Jérome Perrin

check acl_user's meta_type rather than installed products to know if we have...

check acl_user's meta_type rather than installed products to know if we have ERP5Security or NuxUserGroup.



git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@9073 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent dc691a29
...@@ -48,20 +48,34 @@ from MethodObject import Method ...@@ -48,20 +48,34 @@ from MethodObject import Method
import os, time, urllib import os, time, urllib
from zLOG import LOG from zLOG import LOG
# Security uses ERP5Security by default SECURITY_USING_NUX_USER_GROUPS, SECURITY_USING_PAS = range(2)
try: try:
from Products.ERP5Security import ERP5UserManager from Products.PluggableAuthService import PluggableAuthService
withnuxgroups = 0 PAS_meta_type = PluggableAuthService.PluggableAuthService.meta_type
except ImportError: except ImportError:
ERP5UserManager = None PAS_meta_type = ''
# If NuxUserGroups is installed and ERP5Security is not installed, we use NuxUserGroups groups
try: try:
from Products.NuxUserGroups.CatalogToolWithGroups import mergedLocalRoles from Products.NuxUserGroups import UserFolderWithGroups
from Products.NuxUserGroups.CatalogToolWithGroups import _getAllowedRolesAndUsers NUG_meta_type = UserFolderWithGroups.meta_type
withnuxgroups = 1 except ImportError:
except ImportError: NUG_meta_type = ''
withnuxgroups = 0
def getSecurityProduct(acl_users):
"""returns the security used by the user folder passed.
(NuxUserGroup, ERP5Security, or None if anything else).
"""
if acl_users.meta_type == PAS_meta_type:
return SECURITY_USING_PAS
elif acl_users.meta_type == NUG_meta_type:
return SECURITY_USING_NUX_USER_GROUPS
try:
from Products.NuxUserGroups.CatalogToolWithGroups import mergedLocalRoles
from Products.NuxUserGroups.CatalogToolWithGroups import _getAllowedRolesAndUsers
except ImportError:
pass
class IndexableObjectWrapper(CMFCoreIndexableObjectWrapper): class IndexableObjectWrapper(CMFCoreIndexableObjectWrapper):
def __setattr__(self, name, value): def __setattr__(self, name, value):
...@@ -78,6 +92,8 @@ class IndexableObjectWrapper(CMFCoreIndexableObjectWrapper): ...@@ -78,6 +92,8 @@ class IndexableObjectWrapper(CMFCoreIndexableObjectWrapper):
Used by PortalCatalog to filter out items you're not allowed to see. Used by PortalCatalog to filter out items you're not allowed to see.
""" """
ob = self.__ob ob = self.__ob
withnuxgroups = getSecurityProduct(ob.acl_users)\
== SECURITY_USING_NUX_USER_GROUPS
allowed = {} allowed = {}
for r in rolesForPermissionOn('Access contents information', ob): for r in rolesForPermissionOn('Access contents information', ob):
allowed[r] = 1 allowed[r] = 1
...@@ -119,7 +135,6 @@ class IndexableObjectWrapper(CMFCoreIndexableObjectWrapper): ...@@ -119,7 +135,6 @@ class IndexableObjectWrapper(CMFCoreIndexableObjectWrapper):
allowed['user:' + user + ':' + role] = 1 allowed['user:' + user + ':' + role] = 1
if allowed.has_key('Owner'): if allowed.has_key('Owner'):
del allowed['Owner'] del allowed['Owner']
#LOG("allowedRolesAndUsers",0,str(allowed.keys()))
return list(allowed.keys()) return list(allowed.keys())
class RelatedBaseCategory(Method): class RelatedBaseCategory(Method):
...@@ -208,7 +223,7 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject): ...@@ -208,7 +223,7 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
# Make this the default. # Make this the default.
self.default_sql_catalog_id = config_id self.default_sql_catalog_id = config_id
security.declareProtected( 'Import/Export objects', 'exportSQLMethods' ) security.declareProtected( 'Import/Export objects', 'exportSQLMethods' )
def exportSQLMethods(self, sql_catalog_id=None, config_id='erp5'): def exportSQLMethods(self, sql_catalog_id=None, config_id='erp5'):
""" """
...@@ -259,7 +274,8 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject): ...@@ -259,7 +274,8 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
return msg return msg
def _listAllowedRolesAndUsers(self, user): def _listAllowedRolesAndUsers(self, user):
if ERP5UserManager is not None: security_product = getSecurityProduct(self.acl_users)
if security_product == SECURITY_USING_PAS:
# We use ERP5Security PAS based authentication # We use ERP5Security PAS based authentication
result = CMFCoreCatalogTool._listAllowedRolesAndUsers(self, user) result = CMFCoreCatalogTool._listAllowedRolesAndUsers(self, user)
# deal with groups # deal with groups
...@@ -273,7 +289,7 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject): ...@@ -273,7 +289,7 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
result.append('user:%s' % group) result.append('user:%s' % group)
# end groups # end groups
return result return result
elif withnuxgroups: elif security_product == SECURITY_USING_NUX_USER_GROUPS:
return _getAllowedRolesAndUsers(user) return _getAllowedRolesAndUsers(user)
else: else:
return CMFCoreCatalogTool._listAllowedRolesAndUsers(self, user) return CMFCoreCatalogTool._listAllowedRolesAndUsers(self, user)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment