Commit d377560f authored by Sebastien Robin's avatar Sebastien Robin

remove unused patch and udpate ZSQLMethod so that it can read correctly

a file with all parameters and properties


git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@122 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent 751acae6
...@@ -20,68 +20,40 @@ ...@@ -20,68 +20,40 @@
# #
############################################################################## ##############################################################################
from Products.CMFCore.CatalogTool import IndexableObjectWrapper, CatalogTool from Products.CMFCore.FSZSQLMethod import FSZSQLMethod
from Products.CMFCore.DirectoryView import expandpath
class PatchedIndexableObjectWrapper(IndexableObjectWrapper): from Products.ZSQLMethods.SQL import SQL
def allowedRolesAndUsers(self): class PatchedFSZSQLMethod(FSZSQLMethod):
"""
Return a list of roles and users with View permission. def _readFile(self, reparse):
Used by PortalCatalog to filter out items you're not allowed to see. fp = expandpath(self._filepath)
""" file = open(fp, 'r') # not 'rb', as this is a text file!
ob = self.__ob try:
allowed = {} data = file.read()
for r in rolesForPermissionOn('View', ob): finally: file.close()
allowed[r] = 1
localroles = _mergedLocalRoles(ob) RESPONSE = {}
for user, roles in localroles.items(): RESPONSE['BODY'] = data
for role in roles:
if allowed.has_key(role): self.PUT(RESPONSE,None)
allowed['user:' + user] = 1
# Added for ERP5 project by JP Smets
if role != 'Owner': allowed['user:' + user + ':' + role] = 1 def _createZODBClone(self):
if allowed.has_key('Owner'): """Create a ZODB (editable) equivalent of this object."""
del allowed['Owner'] # I guess it's bad to 'reach inside' ourselves like this,
return list(allowed.keys()) # but Z SQL Methods don't have accessor methdods ;-)
s = SQL(self.id,
IndexableObjectWrapper.allowedRolesAndUsers = PatchedIndexableObjectWrapper.allowedRolesAndUsers self.title,
self.connection_id,
class PatchedCatalogTool(CatalogTool): self.arguments_src,
self.src)
def searchResults(self, REQUEST=None, **kw): s.manage_advanced(self.max_rows_,
""" self.max_cache_,
Calls ZCatalog.searchResults with extra arguments that self.cache_time_,
limit the results to what the user is allowed to see. self.class_name_,
""" self.class_file_)
user = _getAuthenticatedUser(self) return s
kw[ 'allowedRolesAndUsers' ] = self._listAllowedRolesAndUsers( user )
FSZSQLMethod._readFile = PatchedFSZSQLMethod._readFile
# Patch for ERP5 by JP Smets in order FSZSQLMethod._createZODBClone = PatchedFSZSQLMethod._createZODBClone
# to implement worklists and search of local roles
if kw.has_key('local_roles'):
# Only consider local_roles if it is not empty
if kw['local_roles'] != '' and kw['local_roles'] != [] and \
kw['local_roles'] is not None:
local_roles = kw['local_roles']
# Turn it into a list if necessary according to ';' separator
if type(local_roles) == type('a'):
local_roles = local_roles.split(';')
# Local roles now has precedence (since it comes from a WorkList)
kw[ 'allowedRolesAndUsers' ] = []
for role in local_roles:
kw[ 'allowedRolesAndUsers' ].append('user:%s:%s' % (user, role))
if not _checkPermission( AccessInactivePortalContent, self ):
base = aq_base( self )
now = DateTime()
if hasattr( base, 'addIndex' ): # Zope 2.4 and above
kw[ 'effective' ] = { 'query' : now, 'range' : 'max' }
kw[ 'expires' ] = { 'query' : now, 'range' : 'min' }
else: # Zope 2.3
kw[ 'effective' ] = kw[ 'expires' ] = now
kw[ 'effective_usage'] = 'range:max'
kw[ 'expires_usage' ] = 'range:min'
return apply(ZCatalog.searchResults, (self, REQUEST), kw)
CatalogTool.searchResults = PatchedCatalogTool.searchResults
\ No newline at end of file
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment