Commit c5f8e57a by Kazuhiko Shiozaki

update to Products.PloneHotfix20121106 based on version 1.2.

parent 8d582563
import AccessControl.SecurityInfo
from AccessControl.SecurityInfo import ModuleSecurityInfo
import AccessControl
def allow_module(module_name):
"""Allow a module and all its contents to be used from a
restricted Script. The argument module_name may be a simple
or dotted module or package name. Note that if a package
path is given, all modules in the path will be available."""
ModuleSecurityInfo(module_name).setDefaultAccess(1)
ModuleSecurityInfo(module_name).declarePrivate('allow_module')
dot = module_name.find('.')
while dot > 0:
ModuleSecurityInfo(module_name[:dot]).setDefaultAccess(1)
ModuleSecurityInfo(module_name).declarePrivate('allow_module')
dot = module_name.find('.', dot + 1)
AccessControl.allow_module = AccessControl.SecurityInfo.allow_module = allow_module
AccessControl.allow_module.__roles__ = ()
......@@ -2,8 +2,19 @@ from AccessControl import getSecurityManager
from zExceptions import Unauthorized
from OFS.ObjectManager import ObjectManager
old_manage_FTPlist = ObjectManager.manage_FTPlist
ObjectManager.__old_manage_FTPlist = ObjectManager.manage_FTPlist
def manage_FTPlist(self, REQUEST):
if not getSecurityManager().checkPermission('Access contents information', self):
raise Unauthorized('Not allowed to access contents.')
ObjectManager.manage_FTPlist = manage_FTPlist
\ No newline at end of file
"""Returns a directory listing consisting of a tuple of
(id,stat) tuples, marshaled to a string. Note, the listing it
should include '..' if there is a Folder above the current
one.
In the case of non-foldoid objects it should return a single
tuple (id,stat) representing itself."""
if not getSecurityManager().checkPermission('Access contents information', self):
raise Unauthorized('Not allowed to access contents.')
return self.__old_manage_FTPlist(REQUEST)
ObjectManager.manage_FTPlist = manage_FTPlist
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment