Skip to content

Z
Zope
Commit 133fb0cb authored by Florent Guillaume's avatar Florent Guillaume
Browse files
Options

Code cleanup.

parent 047841d7
Show whitespace changes
Inline Side-by-side
Showing with 50 additions and 60 deletions
lib/python/OFS/Traversable.py
View file @ 133fb0cb
...@@ -118,7 +118,7 @@ class Traversable: ...@@ -118,7 +118,7 @@ class Traversable:
return path return path
security.declarePrivate('unrestrictedTraverse') security.declarePrivate('unrestrictedTraverse')
def unrestrictedTraverse(self, path, default=_marker, restricted=0): def unrestrictedTraverse(self, path, default=_marker, restricted=False):
"""Lookup an object by path. """Lookup an object by path.
path -- The path to the object. May be a sequence of strings or a slash path -- The path to the object. May be a sequence of strings or a slash
...@@ -139,10 +139,6 @@ class Traversable: ...@@ -139,10 +139,6 @@ class Traversable:
if not path: if not path:
return self return self
_getattr = getattr
_none = None
marker = _marker
if isinstance(path, str): if isinstance(path, str):
# Unicode paths are not allowed # Unicode paths are not allowed
path = path.split('/') path = path.split('/')
...@@ -151,27 +147,25 @@ class Traversable: ...@@ -151,27 +147,25 @@ class Traversable:
REQUEST = {'TraversalRequestNameStack': path} REQUEST = {'TraversalRequestNameStack': path}
path.reverse() path.reverse()
path_pop=path.pop path_pop = path.pop
if len(path) > 1 and not path[0]: if len(path) > 1 and not path[0]:
# Remove trailing slash # Remove trailing slash
path.pop(0) path_pop(0)
if restricted: if restricted:
securityManager = getSecurityManager() validate = getSecurityManager().validate
else:
securityManager = _none
if not path[-1]: if not path[-1]:
# If the path starts with an empty string, go to the root first. # If the path starts with an empty string, go to the root first.
path_pop() path_pop()
self = self.getPhysicalRoot() obj = self.getPhysicalRoot()
if (restricted if restricted and not validate(None, None, None, obj):
and not securityManager.validate(None, None, None, self)): raise Unauthorized(name)
raise Unauthorized, name else:
obj = self
try: try:
obj = self
while path: while path:
name = path_pop() name = path_pop()
__traceback_info__ = path, name __traceback_info__ = path, name
...@@ -182,76 +176,74 @@ class Traversable: ...@@ -182,76 +176,74 @@ class Traversable:
if name == '..': if name == '..':
next = aq_parent(obj) next = aq_parent(obj)
if next is not _none: if next is not None:
if restricted and not securityManager.validate( if restricted and not validate(obj, obj, name, next):
obj, obj,name, next): raise Unauthorized(name)
raise Unauthorized, name
obj = next obj = next
continue continue
bobo_traverse = _getattr(obj, '__bobo_traverse__', _none) bobo_traverse = getattr(obj, '__bobo_traverse__', None)
try: try:
if name and name[:1] in '@+': if name and name[:1] in '@+':
# Process URI segment parameters. # Process URI segment parameters.
ns, nm = nsParse(name) ns, nm = nsParse(name)
if ns: if ns:
try: try:
next = namespaceLookup(ns, nm, obj, next = namespaceLookup(
self.REQUEST).__of__(obj) ns, nm, obj, self.REQUEST).__of__(obj)
if restricted and not securityManager.validate( if restricted and not validate(
obj, obj, name, next): obj, obj, name, next):
raise Unauthorized, name raise Unauthorized(name)
except TraversalError: except TraversalError:
raise AttributeError(name) raise AttributeError(name)
elif bobo_traverse is not _none: elif bobo_traverse is not None:
next = bobo_traverse(REQUEST, name) next = bobo_traverse(REQUEST, name)
if restricted: if restricted:
if aq_base(next) is not next: if aq_base(next) is not next:
# The object is wrapped, so the acquisition # The object is wrapped, so the acquisition
# context is the container. # context is the container.
container = aq_parent(aq_inner(next)) container = aq_parent(aq_inner(next))
elif _getattr(next, 'im_self', _none) is not _none: elif getattr(next, 'im_self', None) is not None:
# Bound method, the bound instance # Bound method, the bound instance
# is the container # is the container
container = next.im_self container = next.im_self
elif _getattr(aq_base(obj), name, marker) == next: elif getattr(aq_base(obj), name, _marker) is next:
# Unwrapped direct attribute of the object so # Unwrapped direct attribute of the object so
# object is the container # object is the container
container = obj container = obj
else: else:
# Can't determine container # Can't determine container
container = _none container = None
# If next is a simple unwrapped property, its
# parentage is indeterminate, but it may have
# been acquired safely. In this case validate
# will raise an error, and we can explicitly
# check that our value was acquired safely.
try: try:
validated = securityManager.validate( ok = validate(obj, container, name, next)
obj, container, name, next)
except Unauthorized: except Unauthorized:
# If next is a simple unwrapped property, it's ok = False
# parentage is indeterminate, but it may have been if not ok:
# acquired safely. In this case validate will if (container is not None or
# raise an error, and we can explicitly check that guarded_getattr(obj, name, _marker)
# our value was acquired safely. is not next):
validated = 0 raise Unauthorized(name)
if container is _none and \
guarded_getattr(obj, name, marker) is next:
validated = 1
if not validated:
raise Unauthorized, name
else: else:
if getattr(aq_base(obj), name, marker) is not marker: if getattr(aq_base(obj), name, _marker) is not _marker:
if restricted: if restricted:
next = guarded_getattr(obj, name) next = guarded_getattr(obj, name)
else: else:
next = _getattr(obj, name) next = getattr(obj, name)
else: else:
try: try:
next=obj[name] next = obj[name]
except AttributeError: except AttributeError:
# Raise NotFound for easier debugging # Raise NotFound for easier debugging
# instead of AttributeError: __getitem__ # instead of AttributeError: __getitem__
raise NotFound, name raise NotFound(name)
if restricted and not securityManager.validate( if restricted and not validate(
obj, obj, _none, next): obj, obj, None, next):
raise Unauthorized, name raise Unauthorized(name)
except (AttributeError, NotFound, KeyError), e: except (AttributeError, NotFound, KeyError), e:
# Try to look for a view # Try to look for a view
...@@ -260,10 +252,8 @@ class Traversable: ...@@ -260,10 +252,8 @@ class Traversable:
if next is not None: if next is not None:
next = next.__of__(obj) next = next.__of__(obj)
if restricted: if restricted and not validate(obj, obj, name, next):
if not securityManager.validate( raise Unauthorized(name)
obj, obj, name, next):
raise Unauthorized, name
elif bobo_traverse is not None: elif bobo_traverse is not None:
# Attribute lookup should not be done after # Attribute lookup should not be done after
# __bobo_traverse__: # __bobo_traverse__:
...@@ -272,12 +262,12 @@ class Traversable: ...@@ -272,12 +262,12 @@ class Traversable:
# No view, try acquired attributes # No view, try acquired attributes
try: try:
if restricted: if restricted:
next = guarded_getattr(obj, name, marker) next = guarded_getattr(obj, name, _marker)
else: else:
next = _getattr(obj, name, marker) next = getattr(obj, name, _marker)
except AttributeError: except AttributeError:
raise e raise e
if next is marker: if next is _marker:
# Nothing found re-raise error # Nothing found re-raise error
raise e raise e
...@@ -288,7 +278,7 @@ class Traversable: ...@@ -288,7 +278,7 @@ class Traversable:
except ConflictError: except ConflictError:
raise raise
except: except:
if default is not marker: if default is not _marker:
return default return default
else: else:
raise raise
...@@ -296,7 +286,7 @@ class Traversable: ...@@ -296,7 +286,7 @@ class Traversable:
security.declarePublic('restrictedTraverse') security.declarePublic('restrictedTraverse')
def restrictedTraverse(self, path, default=_marker): def restrictedTraverse(self, path, default=_marker):
# Trusted code traversal code, always enforces securitys # Trusted code traversal code, always enforces securitys
return self.unrestrictedTraverse(path, default, restricted=1) return self.unrestrictedTraverse(path, default, restricted=True)
InitializeClass(Traversable) InitializeClass(Traversable)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7