Commit 4bc67ddd authored by Jean-Paul Smets's avatar Jean-Paul Smets

Added support for ERP5Security


git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@4171 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent 2c50316b
......@@ -45,9 +45,22 @@ from Products.CMFCore.Expression import Expression
from Products.PageTemplates.Expressions import getEngine
import os, time, urllib
from zLOG import LOG
# Security uses ERP5Security by default
try:
from Products.ERP5Security import ERP5UserManager
withnuxgroups = 0
except ImportError:
ERP5UserManager = None
# If NuxUserGroups is installed and ERP5Security is not installed, we use NuxUserGroups groups
try:
from Products.NuxUserGroups.CatalogToolWithGroups import mergedLocalRoles
from Products.NuxUserGroups.CatalogToolWithGroups import _getAllowedRolesAndUsersh
withnuxgroups = 1
except ImportError:
withnuxgroups = 0
class IndexableObjectWrapper(CMFCoreIndexableObjectWrapper):
def __setattr__(self, name, value):
......@@ -62,18 +75,11 @@ class IndexableObjectWrapper(CMFCoreIndexableObjectWrapper):
Return a list of roles and users with View permission.
Used by PortalCatalog to filter out items you're not allowed to see.
"""
# Try to import CPS (import here to make sure no circular)
try:
from Products.NuxUserGroups.CatalogToolWithGroups import mergedLocalRoles
withgroups = 1
except ImportError:
withgroups = 0
ob = self.__ob
allowed = {}
for r in rolesForPermissionOn('View', ob):
allowed[r] = 1
if withgroups:
if withnuxgroups:
localroles = mergedLocalRoles(ob, withgroups=1)
else:
# CMF
......@@ -99,13 +105,13 @@ class IndexableObjectWrapper(CMFCoreIndexableObjectWrapper):
for user, roles in localroles.items():
for role in roles:
if allowed.has_key(role):
if withgroups:
if withnuxgroups:
allowed[user] = 1
else:
allowed['user:' + user] = 1
# Added for ERP5 project by JP Smets
if role != 'Owner':
if withgroups:
if withnuxgroups:
allowed[user + ':' + role] = 1
else:
allowed['user:' + user + ':' + role] = 1
......@@ -235,10 +241,23 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
return msg
def _listAllowedRolesAndUsers(self, user):
try:
from Products.NuxUserGroups.CatalogToolWithGroups import _getAllowedRolesAndUsers
if ERP5UserManager is not None:
# We use ERP5Security PAS based authentication
result = CMFCoreCatalogTool._listAllowedRolesAndUsers(self, user)
# deal with groups
getGroups = getattr(user, 'getGroups', None)
if getGroups is not None:
groups = user.getGroups()
groups.append('role:Anonymous')
if 'Authenticated' in result:
groups.append('role:Authenticated')
for group in groups:
result.append('user:%s' % group)
# end groups
return result
elif withnuxgroups:
return _getAllowedRolesAndUsers(user)
except ImportError:
else:
return CMFCoreCatalogTool._listAllowedRolesAndUsers(self, user)
# Schema Management
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment