Security update

lib/python/OFS/DraftFolder.py

@@ -14,8 +14,8 @@ Provide an area where people can work without others seeing their changes.
 A Draft folder is a surrogate for a folder.  It get\'s subobjects by
 gettingthem from a session copy of a base folder.
 
-$Id: DraftFolder.py,v 1.5 1997/12/18 16:45:40 jeffrey Exp $'''
-__version__='$Revision: 1.5 $'[11:-2]
+$Id: DraftFolder.py,v 1.6 1997/12/31 17:22:51 brian Exp $'''
+__version__='$Revision: 1.6 $'[11:-2]
 
 import time, SimpleItem, AccessControl.Role, Persistence, Acquisition, Globals
 import AccessControl.User, Session
@@ -38,9 +38,8 @@ def hack(self):
 	     'action':'manage_main',   'target':'manage_main'},
 	    {'icon':'OFS/Properties_icon.gif', 'label':'Properties',
 	     'action':'manage_propertiesForm',   'target':'manage_main'},
-	    {'icon':'AccessControl/AccessControl_icon.gif',
-	     'label':'Security',
-	     'action':'manage_rolesForm',   'target':'manage_main'},
+	    {'icon':'', 'label':'Security',
+	     'action':'manage_access',   'target':'manage_main'},
 	    {'icon':'App/undo_icon.gif', 'label':'Undo',
 	     'action':'manage_UndoForm',   'target':'manage_main'},
 	    {'icon':'OFS/DraftFolderControl.gif', 'label':'Supervise',
@@ -64,8 +63,8 @@ class DraftFolder(Persistence.Persistent,
      'action':'manage_main',   'target':'manage_main'},
     {'icon':'OFS/Properties_icon.gif', 'label':'Properties',
      'action':'manage_propertiesForm',   'target':'manage_main'},
-    {'icon':'AccessControl/AccessControl_icon.gif', 'label':'Security',
-     'action':'manage_rolesForm',   'target':'manage_main'},
+    {'icon':'', 'label':'Security',
+     'action':'manage_access',   'target':'manage_main'},
     {'icon':'App/undo_icon.gif', 'label':'Undo',
      'action':'manage_UndoForm',   'target':'manage_main'},
     {'icon':'OFS/DraftFolderControl.gif', 'label':'Supervise',
@@ -212,6 +211,9 @@ class Supervisor(AccessControl.User.UserFolder, Session.Session):
 ############################################################################## 
 #
 # $Log: DraftFolder.py,v $
+# Revision 1.6  1997/12/31 17:22:51  brian
+# Security update
+#
 # Revision 1.5  1997/12/18 16:45:40  jeffrey
 # changeover to new ImageFile and HTMLFile handling
 #

lib/python/OFS/rolesForm.dtml

-<HTML>
-<HEAD>
-<TITLE>Security</TITLE>
-</HEAD>
-<BODY BGCOLOR="#FFFFFF" LINK="#000099" VLINK="#555555" ALINK="#77003B">
-<!--#var manage_tabs-->
-<P>
-You may restrict access to <EM><!--#var title--></EM> using the form 
-below. To add or remove roles, select or deselect 
-the desired role names and click &quot;Change&quot;.
-<P>
-<FORM ACTION="manage_editRoles" METHOD="POST">
-<TABLE>
-<TR>
-<TD VALIGN="TOP">
-<INPUT TYPE="RADIO" NAME="acl_type" VALUE="E"<!--#var aclEChecked-->>
-Allow users with selected roles
-<BR>
-<INPUT TYPE="RADIO" NAME="acl_type" VALUE="P"<!--#var aclPChecked-->> 
-Allow all users
-</TD>
-<TD VALIGN="TOP">
-<SELECT NAME="acl_roles:list" SIZE="4" MULTIPLE>
-<!--#in selectedRoles-->
-<!--#var sequence-item-->
-<!--#/in selectedRoles-->
-</SELECT>
-<BR>
-<INPUT TYPE="SUBMIT" VALUE="Change">
-</TD>
-</TR>
-</TABLE>
-</FORM>
-
-<P>
-<FORM ACTION="manage_addRole" METHOD="POST">
-To add a new, user-defined role to this object, enter the name of 
-the new role and click &quot;Add&quot;.
-<BR>
-<INPUT TYPE="TEXT" NAME="role" SIZE="20">
-<BR>
-<INPUT TYPE="SUBMIT" VALUE=" Add ">
-</FORM>
-</BODY>
-</HTML>

lib/python/Products/OFSP/DraftFolder.py

@@ -14,8 +14,8 @@ Provide an area where people can work without others seeing their changes.
 A Draft folder is a surrogate for a folder.  It get\'s subobjects by
 gettingthem from a session copy of a base folder.
 
-$Id: DraftFolder.py,v 1.6 1997/12/19 17:06:20 jim Exp $'''
-__version__='$Revision: 1.6 $'[11:-2]
+$Id: DraftFolder.py,v 1.7 1997/12/31 17:17:04 brian Exp $'''
+__version__='$Revision: 1.7 $'[11:-2]
 
 import time, OFS.SimpleItem, AccessControl.Role
 import Persistence, Acquisition, Globals
@@ -63,8 +63,8 @@ class DraftFolder(Persistence.Persistent,
      'action':'manage_main',   'target':'manage_main'},
     {'icon':'OFS/Properties_icon.gif', 'label':'Properties',
      'action':'manage_propertiesForm',   'target':'manage_main'},
-    {'icon':'AccessControl/AccessControl_icon.gif', 'label':'Security',
-     'action':'manage_rolesForm',   'target':'manage_main'},
+    {'icon':'', 'label':'Security',
+     'action':'manage_access',   'target':'manage_main'},
     {'icon':'App/undo_icon.gif', 'label':'Undo',
      'action':'manage_UndoForm',   'target':'manage_main'},
     {'icon':'OFS/DraftFolderControl.gif', 'label':'Supervise',
@@ -211,6 +211,9 @@ class Supervisor(AccessControl.User.UserFolder, Session.Session):
 ############################################################################## 
 #
 # $Log: DraftFolder.py,v $
+# Revision 1.7  1997/12/31 17:17:04  brian
+# Security update
+#
 # Revision 1.6  1997/12/19 17:06:20  jim
 # moved Sessions and Daft folders here.
 #

lib/python/Products/OFSP/Session.py

@@ -12,7 +12,7 @@ __doc__='''A drop-in object that represents a session.
 
 
 
-$Id: Session.py,v 1.9 1997/12/19 17:06:20 jim Exp $'''
+$Id: Session.py,v 1.10 1997/12/31 17:17:04 brian Exp $'''
 
 import time, OFS.SimpleItem, AccessControl.Role
 import Persistence, Acquisition, Globals
@@ -20,20 +20,12 @@ from string import rfind
 
 _addForm=Globals.HTMLFile('sessionAdd', globals())
 def addForm(realself, self, REQUEST, **ignored):
-    return _addForm(self, REQUEST,
-		    selectedRoles=map(
-			lambda i:
-			('<OPTION VALUE="%s"%s>%s' %
-			 (i, i=='manage' and ' SELECTED' or '', i))
-			, self.validRoles()),
-		    aclEChecked=' CHECKED', aclAChecked='', aclPChecked=''
-		    )
-
-def add(self, id, title, acl_type='A',acl_roles=[], REQUEST=None):
+    return _addForm(self, REQUEST)
+
+def add(self, id, title, REQUEST=None):
     'Add a session'
     i=Session()
     i._init(id, title, REQUEST)
-    i._setRoles(acl_type,acl_roles)
     self._setObject(id,i)
     return self.manage_main(self,REQUEST)
 
@@ -56,13 +48,24 @@ class Session(Persistence.Persistent,
 		     'action':'manage_propertiesForm', 'target':'manage_main',
 	            },
 		    {'icon':'', 'label':'Security',
-		     'action':'manage_rolesForm', 'target':'manage_main',
+		     'action':'manage_access', 'target':'manage_main',
 		    },
 		    {'icon':'', 'label':'Undo',
 		     'action':'manage_UndoForm','target':'manage_main',
 		    },
 		   )
 
+    __ac_permissions__=(
+    ('View management screens', ['manage','manage_tabs','index_html']),
+    ('Change permissions', ['manage_access']),
+    ('Edit session', ['manage_edit']),
+    ('Join/leave session', ['enter','leave','leave_another']),
+    ('Save/discard session', ['save','discard']),
+    )
+   
+    __ac_types__=(('Full Access', map(lambda x: x[0], __ac_permissions__)),
+		 )
+
     def _init(self, id, title, REQUEST):
 	self.id=id
 	self.title=title
@@ -79,11 +82,9 @@ class Session(Persistence.Persistent,
 	if Globals.SessionBase[self.cookie].nonempty(): return '%s *' % r
 	return r
 
-    def manage_edit(self, title, acl_type='A',acl_roles=[], REQUEST=None):
+    def manage_edit(self, title, REQUEST=None):
 	'Modify a session'
-	self._setRoles(acl_type,acl_roles)
 	self.title=title
-	
 	if REQUEST is not None: return self.manage_editedDialog(REQUEST)
 
     def enter(self, REQUEST, RESPONSE):
@@ -124,7 +125,7 @@ class Session(Persistence.Persistent,
 	
     def nonempty(self): return Globals.SessionBase[self.cookie].nonempty()
 
-__version__='$Revision: 1.9 $'[11:-2]
+__version__='$Revision: 1.10 $'[11:-2]
 
 
 
@@ -132,6 +133,9 @@ __version__='$Revision: 1.9 $'[11:-2]
 ############################################################################## 
 #
 # $Log: Session.py,v $
+# Revision 1.10  1997/12/31 17:17:04  brian
+# Security update
+#
 # Revision 1.9  1997/12/19 17:06:20  jim
 # moved Sessions and Daft folders here.
 #

lib/python/Products/OFSP/Version.py

@@ -12,7 +12,7 @@ __doc__='''A drop-in object that represents a session.
 
 
 
-$Id: Version.py,v 1.9 1997/12/19 17:06:20 jim Exp $'''
+$Id: Version.py,v 1.10 1997/12/31 17:17:04 brian Exp $'''
 
 import time, OFS.SimpleItem, AccessControl.Role
 import Persistence, Acquisition, Globals
@@ -20,20 +20,12 @@ from string import rfind
 
 _addForm=Globals.HTMLFile('sessionAdd', globals())
 def addForm(realself, self, REQUEST, **ignored):
-    return _addForm(self, REQUEST,
-		    selectedRoles=map(
-			lambda i:
-			('<OPTION VALUE="%s"%s>%s' %
-			 (i, i=='manage' and ' SELECTED' or '', i))
-			, self.validRoles()),
-		    aclEChecked=' CHECKED', aclAChecked='', aclPChecked=''
-		    )
-
-def add(self, id, title, acl_type='A',acl_roles=[], REQUEST=None):
+    return _addForm(self, REQUEST)
+
+def add(self, id, title, REQUEST=None):
     'Add a session'
     i=Session()
     i._init(id, title, REQUEST)
-    i._setRoles(acl_type,acl_roles)
     self._setObject(id,i)
     return self.manage_main(self,REQUEST)
 
@@ -56,13 +48,24 @@ class Session(Persistence.Persistent,
 		     'action':'manage_propertiesForm', 'target':'manage_main',
 	            },
 		    {'icon':'', 'label':'Security',
-		     'action':'manage_rolesForm', 'target':'manage_main',
+		     'action':'manage_access', 'target':'manage_main',
 		    },
 		    {'icon':'', 'label':'Undo',
 		     'action':'manage_UndoForm','target':'manage_main',
 		    },
 		   )
 
+    __ac_permissions__=(
+    ('View management screens', ['manage','manage_tabs','index_html']),
+    ('Change permissions', ['manage_access']),
+    ('Edit session', ['manage_edit']),
+    ('Join/leave session', ['enter','leave','leave_another']),
+    ('Save/discard session', ['save','discard']),
+    )
+   
+    __ac_types__=(('Full Access', map(lambda x: x[0], __ac_permissions__)),
+		 )
+
     def _init(self, id, title, REQUEST):
 	self.id=id
 	self.title=title
@@ -79,11 +82,9 @@ class Session(Persistence.Persistent,
 	if Globals.SessionBase[self.cookie].nonempty(): return '%s *' % r
 	return r
 
-    def manage_edit(self, title, acl_type='A',acl_roles=[], REQUEST=None):
+    def manage_edit(self, title, REQUEST=None):
 	'Modify a session'
-	self._setRoles(acl_type,acl_roles)
 	self.title=title
-	
 	if REQUEST is not None: return self.manage_editedDialog(REQUEST)
 
     def enter(self, REQUEST, RESPONSE):
@@ -124,7 +125,7 @@ class Session(Persistence.Persistent,
 	
     def nonempty(self): return Globals.SessionBase[self.cookie].nonempty()
 
-__version__='$Revision: 1.9 $'[11:-2]
+__version__='$Revision: 1.10 $'[11:-2]
 
 
 
@@ -132,6 +133,9 @@ __version__='$Revision: 1.9 $'[11:-2]
 ############################################################################## 
 #
 # $Log: Version.py,v $
+# Revision 1.10  1997/12/31 17:17:04  brian
+# Security update
+#
 # Revision 1.9  1997/12/19 17:06:20  jim
 # moved Sessions and Daft folders here.
 #

lib/python/Products/OFSP/sessionAdd.dtml

@@ -23,7 +23,6 @@
   <INPUT TYPE="TEXT" NAME="title" SIZE="40">
   </TD>
 </TR>
-<!--#var smallRolesWidget-->
 <TR>
 <TD></TD>
 <TD>

lib/python/Products/OFSP/sessionEdit.dtml

@@ -23,7 +23,6 @@
   <INPUT TYPE="TEXT" NAME="title" SIZE="40" VALUE="<!--#var title-->">
   </TD>
 </TR>
-<!--#var smallRolesWidget-->
 <TR>
 <TD></TD>
 <TD><BR><INPUT TYPE="SUBMIT" VALUE="Edit"></TD>

lib/python/Products/OFSP/versionAdd.dtml

@@ -23,7 +23,6 @@
   <INPUT TYPE="TEXT" NAME="title" SIZE="40">
   </TD>
 </TR>
-<!--#var smallRolesWidget-->
 <TR>
 <TD></TD>
 <TD>

lib/python/Products/OFSP/versionEdit.dtml

@@ -23,7 +23,6 @@
   <INPUT TYPE="TEXT" NAME="title" SIZE="40" VALUE="<!--#var title-->">
   </TD>
 </TR>
-<!--#var smallRolesWidget-->
 <TR>
 <TD></TD>
 <TD><BR><INPUT TYPE="SUBMIT" VALUE="Edit"></TD>