Products.ERP5Security._setUserNameForAccessLog: Do nothing on Zope4

The way Zope4 logs the authenticated user is radically different from Zope2, and makes this function useless. So, unless when running on Zope2, do nothing when this function is called.

Products.ERP5Security._setUserNameForAccessLog: Do nothing on Zope4
The way Zope4 logs the authenticated user is radically different from Zope2, and makes this function useless. So, unless when running on Zope2, do nothing when this function is called.
1cfc0ad4 · Vincent Pelletier · 86582f1f · 1cfc0ad4
Commit 1cfc0ad4 authored Oct 10, 2023 by Vincent Pelletier
Hide whitespace changes
Inline Side-by-side

Showing with 26 additions and 18 deletions

product/ERP5Security/__init__.py product/ERP5Security/__init__.py +26 -18

No files found.
--- a/product/ERP5Security/__init__.py
+++ b/product/ERP5Security/__init__.py
@@ -24,6 +24,7 @@ from Acquisition import aq_inner, aq_parent
 from AccessControl.Permissions import manage_users as ManageUsers
 from Products.PluggableAuthService.PluggableAuthService import registerMultiPlugin
 from Products.PluggableAuthService.permissions import ManageGroups
+from Products.ERP5Type import IS_ZOPE2
 import six
 # This user is used to bypass all security checks.
@@ -57,27 +58,34 @@ def mergedLocalRoles(object):
  return deepcopy(merged)
-def _setUserNameForAccessLog(username, REQUEST):
+if IS_ZOPE2: # BBB
-  """Make the current user look as `username` in Zope's Z2.log
+  def _setUserNameForAccessLog(username, REQUEST):
+    """Make the current user look as `username` in Zope's Z2.log
-  Taken from Products.CMFCore.CookieCrumbler._setAuthHeader
+    Taken from Products.CMFCore.CookieCrumbler._setAuthHeader
-  """
+    """
-  # Set the authorization header in the medusa http request
+    # Set the authorization header in the medusa http request
-  # so that the username can be logged to the Z2.log
+    # so that the username can be logged to the Z2.log
-  # Put the full-arm latex glove on now...
+    # Put the full-arm latex glove on now...
-  try:
-    # Is this WSGI ?
-    REQUEST._orig_env['wsgi.input']
-  except KeyError:
-    # Not WSGI, maybe Medusa
    try:
-      medusa_headers = REQUEST.RESPONSE.stdout._request._header_cache
+      # Is this WSGI ?
-    except AttributeError:
+      REQUEST._orig_env['wsgi.input']
-      pass
+    except KeyError:
+      # Not WSGI, maybe Medusa
+      try:
+        medusa_headers = REQUEST.RESPONSE.stdout._request._header_cache
+      except AttributeError:
+        pass
+      else:
+        medusa_headers['authorization'] = 'Basic %s' % encodestring('%s:' % username).rstrip()
    else:
-      medusa_headers['authorization'] = 'Basic %s' % encodestring('%s:' % username).rstrip()
+      REQUEST._orig_env['REMOTE_USER'] = username
-  else:
+else: # zope4
-    REQUEST._orig_env['REMOTE_USER'] = username
+  def _setUserNameForAccessLog(username, REQUEST):
+    """
+    Nothing to do for this on Zope4.
+    """
+    pass
 def initialize(context):