Commit a80099b4 authored by Vincent Pelletier's avatar Vincent Pelletier

ERP5Security.ERP5GroupManager: Get rid of try..finally: pass block.

parent 7a3a0a4c
...@@ -93,88 +93,85 @@ class ERP5GroupManager(BasePlugin): ...@@ -93,88 +93,85 @@ class ERP5GroupManager(BasePlugin):
security_group_list = [] security_group_list = []
security_definition_list = () security_definition_list = ()
try: # To get the complete list of groups, we try to call the
# To get the complete list of groups, we try to call the # ERP5Type_getSecurityCategoryMapping which should return a list
# ERP5Type_getSecurityCategoryMapping which should return a list # of lists of two elements (script, base_category_list) like :
# of lists of two elements (script, base_category_list) like : # (
# ( # ('script_1', ['base_category_1', 'base_category_2', ...]),
# ('script_1', ['base_category_1', 'base_category_2', ...]), # ('script_2', ['base_category_1', 'base_category_3', ...])
# ('script_2', ['base_category_1', 'base_category_3', ...]) # )
# ) #
# # else, if the script does not exist, falls back to a list containng
# else, if the script does not exist, falls back to a list containng # only one list :
# only one list : # (('ERP5Type_getSecurityCategoryFromAssignment',
# (('ERP5Type_getSecurityCategoryFromAssignment', # self.getPortalAssignmentBaseCategoryList() ),)
# self.getPortalAssignmentBaseCategoryList() ),)
mapping_method = getattr(self,
mapping_method = getattr(self, 'ERP5Type_getSecurityCategoryMapping', None)
'ERP5Type_getSecurityCategoryMapping', None) if mapping_method is None:
if mapping_method is None: security_definition_list = ((
security_definition_list = (( 'ERP5Type_getSecurityCategoryFromAssignment',
'ERP5Type_getSecurityCategoryFromAssignment', self.getPortalAssignmentBaseCategoryList()
self.getPortalAssignmentBaseCategoryList() ),)
),) else:
else: security_definition_list = mapping_method()
security_definition_list = mapping_method()
# get the person from its login - no security check needed
# get the person from its login - no security check needed user_path_set = {
user_path_set = { x['path']
x['path'] for x in self.searchUsers(id=user_id, exact_match=True)
for x in self.searchUsers(id=user_id, exact_match=True) if 'path' in x
if 'path' in x }
} if not user_path_set:
if not user_path_set: return ()
return () user_path, = user_path_set
user_path, = user_path_set person_object = self.getPortalObject().unrestrictedTraverse(user_path)
person_object = self.getPortalObject().unrestrictedTraverse(user_path)
# Fetch category values from defined scripts
# Fetch category values from defined scripts for (method_name, base_category_list) in security_definition_list:
for (method_name, base_category_list) in security_definition_list: base_category_list = tuple(base_category_list)
base_category_list = tuple(base_category_list) security_category_list = security_category_dict.setdefault(
security_category_list = security_category_dict.setdefault( base_category_list, [])
base_category_list, []) try:
# The called script may want to distinguish if it is called
# from here or from _updateLocalRolesOnSecurityGroups.
# Currently, passing portal_type='' (instead of 'Person')
# is the only way to make the difference.
method = getattr(self, method_name)
security_category_list.extend(
method(base_category_list, user_id, person_object, '')
)
except ConflictError:
raise
except:
LOG('ERP5GroupManager', WARNING,
'could not get security categories from %s' % (method_name,),
error = sys.exc_info())
# Get group names from category values
# XXX try ERP5Type_asSecurityGroupIdList first for compatibility
generator_name = 'ERP5Type_asSecurityGroupIdList'
group_id_list_generator = getattr(self, generator_name, None)
if group_id_list_generator is None:
generator_name = ERP5TYPE_SECURITY_GROUP_ID_GENERATION_SCRIPT
group_id_list_generator = getattr(self, generator_name, None)
for base_category_list, category_value_list in \
security_category_dict.iteritems():
for category_dict in category_value_list:
try: try:
# The called script may want to distinguish if it is called group_id_list = group_id_list_generator(
# from here or from _updateLocalRolesOnSecurityGroups. category_order=base_category_list,
# Currently, passing portal_type='' (instead of 'Person') **category_dict)
# is the only way to make the difference. if isinstance(group_id_list, str):
method = getattr(self, method_name) group_id_list = [group_id_list]
security_category_list.extend( security_group_list.extend(group_id_list)
method(base_category_list, user_id, person_object, '')
)
except ConflictError: except ConflictError:
raise raise
except: except:
LOG('ERP5GroupManager', WARNING, LOG('ERP5GroupManager', WARNING,
'could not get security categories from %s' % (method_name,), 'could not get security groups from %s' %
generator_name,
error = sys.exc_info()) error = sys.exc_info())
# Get group names from category values
# XXX try ERP5Type_asSecurityGroupIdList first for compatibility
generator_name = 'ERP5Type_asSecurityGroupIdList'
group_id_list_generator = getattr(self, generator_name, None)
if group_id_list_generator is None:
generator_name = ERP5TYPE_SECURITY_GROUP_ID_GENERATION_SCRIPT
group_id_list_generator = getattr(self, generator_name, None)
for base_category_list, category_value_list in \
security_category_dict.iteritems():
for category_dict in category_value_list:
try:
group_id_list = group_id_list_generator(
category_order=base_category_list,
**category_dict)
if isinstance(group_id_list, str):
group_id_list = [group_id_list]
security_group_list.extend(group_id_list)
except ConflictError:
raise
except:
LOG('ERP5GroupManager', WARNING,
'could not get security groups from %s' %
generator_name,
error = sys.exc_info())
finally:
pass
return tuple(security_group_list) return tuple(security_group_list)
if not NO_CACHE_MODE: if not NO_CACHE_MODE:
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment