Commit fdb4f4af authored by Jérome Perrin's avatar Jérome Perrin

check acl_user's meta_type rather than installed products to know if we have...

check acl_user's meta_type rather than installed products to know if we have ERP5Security or NuxUserGroup.



git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@9073 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent dc691a29
......@@ -48,19 +48,33 @@ from MethodObject import Method
import os, time, urllib
from zLOG import LOG
# Security uses ERP5Security by default
SECURITY_USING_NUX_USER_GROUPS, SECURITY_USING_PAS = range(2)
try:
from Products.ERP5Security import ERP5UserManager
withnuxgroups = 0
from Products.PluggableAuthService import PluggableAuthService
PAS_meta_type = PluggableAuthService.PluggableAuthService.meta_type
except ImportError:
ERP5UserManager = None
# If NuxUserGroups is installed and ERP5Security is not installed, we use NuxUserGroups groups
try:
PAS_meta_type = ''
try:
from Products.NuxUserGroups import UserFolderWithGroups
NUG_meta_type = UserFolderWithGroups.meta_type
except ImportError:
NUG_meta_type = ''
def getSecurityProduct(acl_users):
"""returns the security used by the user folder passed.
(NuxUserGroup, ERP5Security, or None if anything else).
"""
if acl_users.meta_type == PAS_meta_type:
return SECURITY_USING_PAS
elif acl_users.meta_type == NUG_meta_type:
return SECURITY_USING_NUX_USER_GROUPS
try:
from Products.NuxUserGroups.CatalogToolWithGroups import mergedLocalRoles
from Products.NuxUserGroups.CatalogToolWithGroups import _getAllowedRolesAndUsers
withnuxgroups = 1
except ImportError:
withnuxgroups = 0
except ImportError:
pass
class IndexableObjectWrapper(CMFCoreIndexableObjectWrapper):
......@@ -78,6 +92,8 @@ class IndexableObjectWrapper(CMFCoreIndexableObjectWrapper):
Used by PortalCatalog to filter out items you're not allowed to see.
"""
ob = self.__ob
withnuxgroups = getSecurityProduct(ob.acl_users)\
== SECURITY_USING_NUX_USER_GROUPS
allowed = {}
for r in rolesForPermissionOn('Access contents information', ob):
allowed[r] = 1
......@@ -119,7 +135,6 @@ class IndexableObjectWrapper(CMFCoreIndexableObjectWrapper):
allowed['user:' + user + ':' + role] = 1
if allowed.has_key('Owner'):
del allowed['Owner']
#LOG("allowedRolesAndUsers",0,str(allowed.keys()))
return list(allowed.keys())
class RelatedBaseCategory(Method):
......@@ -259,7 +274,8 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
return msg
def _listAllowedRolesAndUsers(self, user):
if ERP5UserManager is not None:
security_product = getSecurityProduct(self.acl_users)
if security_product == SECURITY_USING_PAS:
# We use ERP5Security PAS based authentication
result = CMFCoreCatalogTool._listAllowedRolesAndUsers(self, user)
# deal with groups
......@@ -273,7 +289,7 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
result.append('user:%s' % group)
# end groups
return result
elif withnuxgroups:
elif security_product == SECURITY_USING_NUX_USER_GROUPS:
return _getAllowedRolesAndUsers(user)
else:
return CMFCoreCatalogTool._listAllowedRolesAndUsers(self, user)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment