From 40bc120a38eb25dbda57938044867a1190d9dcb9 Mon Sep 17 00:00:00 2001
From: Jean-Paul Smets <jp@nexedi.com>
Date: Tue, 26 Feb 2008 14:37:17 +0000
Subject: [PATCH] Use PermanentURLMixIn to provide permanent URL access
 everywhere.

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@19518 20353a03-c40f-0410-a6d1-a30d3c3de9de
---
 product/ERP5/Document/WebSection.py | 109 +++++-----------------------
 1 file changed, 19 insertions(+), 90 deletions(-)

diff --git a/product/ERP5/Document/WebSection.py b/product/ERP5/Document/WebSection.py
index e0f7211f33..693d1734fd 100644
--- a/product/ERP5/Document/WebSection.py
+++ b/product/ERP5/Document/WebSection.py
@@ -1,15 +1,7 @@
 ##############################################################################
 #
-# Copyright (c) 2001 Zope Corporation and Contributors. All Rights Reserved.
-# Copyright (c) 2002-2006 Nexedi SARL and Contributors. All Rights Reserved.
-# Copyright (c) 2006-2007 Nexedi SA and Contributors. All Rights Reserved.
-#
-# This software is subject to the provisions of the Zope Public License,
-# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
-# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
-# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
-# FOR A PARTICULAR PURPOSE.
+# Copyright (c) 2002-2008 Nexedi SA and Contributors. All Rights Reserved.
+#                    Jean-Paul Smets-Solanes <jp@nexedi.com>
 #
 # WARNING: This program as such is intended to be used by professional
 # programmers who take the whole responsability of assessing all potential
@@ -18,18 +10,30 @@
 # garantees and support are strongly adviced to contract a Free Software
 # Service Company
 #
+# This program is Free Software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+#
 ##############################################################################
 
 from AccessControl import ClassSecurityInfo
-from AccessControl.SecurityManagement import getSecurityManager, newSecurityManager, setSecurityManager
 from Products.CMFCore.utils import getToolByName
 from Products.ERP5Type import Permissions, PropertySheet,\
                               Constraint, Interface, Cache
 from Products.ERP5.Document.Domain import Domain
-#from Products.ERP5.Document.WebSite import WebSite
+from Products.ERP5.Document.Document import PermanentURLMixIn
 from Acquisition import ImplicitAcquisitionWrapper, aq_base, aq_inner
 from Products.ERP5Type.Base import TempBase
-from Globals import get_request
 
 from zLOG import LOG, WARNING
 import sys
@@ -40,7 +44,7 @@ from Products.ERP5Type.Cache import getReadOnlyTransactionCache
 WEBSECTION_KEY = 'web_section_value'
 MARKER = []
 
-class WebSection(Domain):
+class WebSection(Domain, PermanentURLMixIn):
     """
       A Web Section is a Domain with an extended API intended to
       support the creation of Web front ends to
@@ -111,82 +115,7 @@ class WebSection(Domain):
             else:
               request.set(web_param, False)
 
-      # Normal traversal
-      try:
-        return getattr(self, name)
-      except AttributeError:
-        pass
-
-      try:
-        return self[name]
-      except KeyError:
-        pass
-
-      # Permanent URL traversal
-      # First we must get the logged user by forcing identification
-      cache = getReadOnlyTransactionCache(self)
-      # LOG('getReadOnlyTransactionCache', 0, repr(cache)) # Currently, it is always None
-      if cache is not None:
-        key = ('__bobo_traverse__', self, 'user')
-        try:
-          user = cache[key]
-        except KeyError:
-          user = MARKER
-      else:
-        user = MARKER
-      old_user = getSecurityManager().getUser()
-      if user is MARKER:
-        user = None # By default, do nothing
-        if old_user is None or old_user.getUserName() == 'Anonymous User':
-          user_folder = getToolByName(self, 'acl_users', None)
-          if user_folder is not None:
-            try:
-              if request.get('PUBLISHED', MARKER) is MARKER:
-                # request['PUBLISHED'] is required by validate
-                request.other['PUBLISHED'] = self
-                has_published = False
-              else:
-                has_published = True
-              user = user_folder.validate(request)
-              if not has_published:
-                del request.other['PUBLISHED']
-            except:
-              LOG("ERP5 WARNING",0,
-                  "Failed to retrieve user in __bobo_traverse__ of WebSection %s" % self.getPath(),
-                  error=sys.exc_info())
-              user = None
-        if user is not None and user.getUserName() == 'Anonymous User':
-          user = None # If the user which is connected is anonymous,
-                      # do not try to change SecurityManager
-        if cache is not None:
-          cache[key] = user
-      if user is not None:
-        # We need to perform identification
-        old_manager = getSecurityManager()
-        newSecurityManager(get_request(), user)
-      # Next get the document per name
-      portal = self.getPortalObject()
-      document = self.getDocumentValue(name=name, portal=portal)
-      # Last, cleanup everything
-      if user is not None:
-        setSecurityManager(old_manager)
-      if document is not None:
-        document = aq_base(document.asContext(id=name, # Hide some properties to permit locating the original
-                                              original_container=document.getParentValue(),
-                                              original_id=document.getId(),
-                                              editable_absolute_url=document.absolute_url()))
-        return document.__of__(self)
-
-      # Not found section
-      method = request.get('REQUEST_METHOD', 'GET')
-      if not method in ('GET', 'POST'):
-        return NullResource(self, name, request).__of__(self)
-      # Waaa. unrestrictedTraverse calls us with a fake REQUEST.
-      # There is proabably a better fix for this.
-      try:
-        request.RESPONSE.notFoundError("%s\n%s" % (name, method))
-      except AttributeError:
-        raise KeyError, name
+      return PermanentURLMixIn.__bobo_traverse__(self, request, name)
 
     security.declareProtected(Permissions.AccessContentsInformation, 'getWebSectionValue')
     def getWebSectionValue(self):
-- 
2.30.9