Commit 20c57ea7 authored by Ayush Tiwari's avatar Ayush Tiwari Committed by Douglas

erp5_data_notebook: Check user permission for at entry point for...

erp5_data_notebook: Check user permission for at entry point for Base_executeJupyter python script so that non-developer user cannot execute python code through script
parent 955890da
......@@ -61,9 +61,12 @@
</item>
<item>
<key> <string>_body</string> </key>
<value> <string>import json\n
<value> <string>portal = context.getPortalObject()\n
# Check permissions for current user \n
if not portal.Base_checkPermission(\'portal_components\', \'Manage Portal\'):\n
return "You are not authorized to access the script"\n
\n
portal = context.getPortalObject()\n
import json\n
\n
# The boolean values via requests are received as \n
request_reference = {\'True\': True, \'False\': False}.get(request_reference, False)\n
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment