Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
erp5_fork
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Eteri
erp5_fork
Commits
a237ef9c
Commit
a237ef9c
authored
Jan 20, 2021
by
Vincent Pelletier
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
WebSite_logout: Further reduce diff with erp5_core's logout.
parent
bd1b6f9e
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
29 additions
and
6 deletions
+29
-6
bt5/erp5_web/SkinTemplateItem/portal_skins/erp5_web/WebSite_logout.py
.../SkinTemplateItem/portal_skins/erp5_web/WebSite_logout.py
+16
-4
bt5/erp5_web_renderjs_ui/SkinTemplateItem/portal_skins/erp5_web_renderjs_ui/WebSite_logout.py
...eItem/portal_skins/erp5_web_renderjs_ui/WebSite_logout.py
+13
-2
No files found.
bt5/erp5_web/SkinTemplateItem/portal_skins/erp5_web/WebSite_logout.py
View file @
a237ef9c
...
...
@@ -3,16 +3,28 @@
"""
from
AccessControl
import
getSecurityManager
portal
=
context
.
getPortalObject
()
user
=
getSecurityManager
().
getUser
()
username
=
user
.
getId
()
if
username
is
not
None
:
portal
.
portal_sessions
.
manage_delObjects
(
portal
.
Base_getAutoLogoutSessionKey
(
username
=
username
,
)
)
REQUEST
=
portal
.
REQUEST
if
not
portal
.
ERP5Site_isCookieAuthenticationTrustable
(
REQUEST
):
# Prevent an attacker from logging-out users by tricking them into opening this script's URL (DoS).
return
if
REQUEST
.
has_key
(
'portal_skin'
):
portal
.
portal_skins
.
clearSkinCookie
()
REQUEST
.
RESPONSE
.
expireCookie
(
'__ac'
,
path
=
'/'
)
if
getattr
(
portal
.
portal_skins
,
"erp5_oauth_google_login"
,
None
):
REQUEST
.
RESPONSE
.
expireCookie
(
'__ac_google_hash'
,
path
=
'/'
)
if
getattr
(
portal
.
portal_skins
,
"erp5_oauth_facebook_login"
,
None
):
REQUEST
.
RESPONSE
.
expireCookie
(
'__ac_facebook_hash'
,
path
=
'/'
)
# PAS logout, if user is from a PAS user folder (which is the acquisition parent of the user)
getattr
(
getSecurityManager
().
getUser
()
,
user
,
'resetCredentials'
,
lambda
**
kw
:
None
,
)(
...
...
bt5/erp5_web_renderjs_ui/SkinTemplateItem/portal_skins/erp5_web_renderjs_ui/WebSite_logout.py
View file @
a237ef9c
...
...
@@ -3,17 +3,28 @@
"""
from
AccessControl
import
getSecurityManager
portal
=
context
.
getPortalObject
()
REQUEST
=
context
.
REQUEST
user
=
getSecurityManager
().
getUser
()
username
=
user
.
getId
()
if
username
is
not
None
:
portal
.
portal_sessions
.
manage_delObjects
(
portal
.
Base_getAutoLogoutSessionKey
(
username
=
username
,
)
)
REQUEST
=
portal
.
REQUEST
if
REQUEST
.
has_key
(
'portal_skin'
):
portal
.
portal_skins
.
clearSkinCookie
()
REQUEST
.
RESPONSE
.
expireCookie
(
'__ac'
,
path
=
'/'
)
if
getattr
(
portal
.
portal_skins
,
"erp5_oauth_google_login"
,
None
):
REQUEST
.
RESPONSE
.
expireCookie
(
'__ac_google_hash'
,
path
=
'/'
)
if
getattr
(
portal
.
portal_skins
,
"erp5_oauth_facebook_login"
,
None
):
REQUEST
.
RESPONSE
.
expireCookie
(
'__ac_facebook_hash'
,
path
=
'/'
)
# PAS logout, if user is from a PAS user folder (which is the acquisition parent of the user)
getattr
(
getSecurityManager
().
getUser
()
,
user
,
'resetCredentials'
,
lambda
**
kw
:
None
,
)(
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment