Commit bcae0538 authored by Rafael Monnerat's avatar Rafael Monnerat

slapos_web: Filter the allowed websections

This scripts prevents introduce complex security on the website ommiting certain functionalities that the user is not allowed (or not interested) to see.
parent ae1024ad
<?xml version="1.0"?>
<ZopeData>
<record id="1" aka="AAAAAAAAAAE=">
<pickle>
<global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
</pickle>
<pickle>
<dictionary>
<item>
<key> <string>Script_magic</string> </key>
<value> <int>3</int> </value>
</item>
<item>
<key> <string>_bind_names</string> </key>
<value>
<object>
<klass>
<global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
</klass>
<tuple/>
<state>
<dictionary>
<item>
<key> <string>_asgns</string> </key>
<value>
<dictionary>
<item>
<key> <string>name_container</string> </key>
<value> <string>container</string> </value>
</item>
<item>
<key> <string>name_context</string> </key>
<value> <string>context</string> </value>
</item>
<item>
<key> <string>name_m_self</string> </key>
<value> <string>script</string> </value>
</item>
<item>
<key> <string>name_subpath</string> </key>
<value> <string>traverse_subpath</string> </value>
</item>
</dictionary>
</value>
</item>
</dictionary>
</state>
</object>
</value>
</item>
<item>
<key> <string>_body</string> </key>
<value> <string>person = context.getPortalObject().ERP5Site_getAuthenticatedMemberPersonValue()\n
\n
if person is None:\n
return False\n
\n
if required_role_list is None:\n
required_role_list = context.getLayoutProperty(\'layout_required_role\', [])\n
\n
if not len(required_role_list):\n
return True\n
\n
for role in required_role_list:\n
if person.Person_hasRequiredRole(role):\n
return True\n
\n
return False\n
</string> </value>
</item>
<item>
<key> <string>_params</string> </key>
<value> <string>required_role_list=None</string> </value>
</item>
<item>
<key> <string>id</string> </key>
<value> <string>WebSection_isSectionAllowed</string> </value>
</item>
</dictionary>
</pickle>
</record>
</ZopeData>
...@@ -46,12 +46,12 @@ ...@@ -46,12 +46,12 @@
current_web_section python:request.get(\'current_web_section\', here);"\n current_web_section python:request.get(\'current_web_section\', here);"\n
i18n:domain="ui">\n i18n:domain="ui">\n
<ul tal:define="main_section python: context.WebSite_getMainSection();\n <ul tal:define="main_section python: context.WebSite_getMainSection();\n
subsection_list python: (main_section or current_web_section ).WebSection_getSiteMapTree(property_mapping=(\'translated_title\',\'id\',),depth=1)"\n subsection_list python: (main_section or current_web_section ).WebSection_getSiteMapTree(property_mapping=(\'translated_title\',\'id\',\'layout_required_role\'),depth=1)"\n
tal:condition="python:current_web_site != current_web_section and subsection_list" \n tal:condition="python:current_web_site != current_web_section and subsection_list" \n
tal:attributes="class python:\'subsection_navigation\';" >\n tal:attributes="class python:\'subsection_navigation\';" >\n
<!-- Link to main section -->\n <!-- Link to main section -->\n
<li tal:define="is_active python: current_web_section == main_section;"> \n <li tal:define="is_active python: current_web_section == main_section;"> \n
<img tal:attributes="src python: \'%s/vifib_%s_image/%s%s.png\' % (web_site_url,current_web_site.getId(),main_section.getId(),is_active and \'_active\' or \'\');\n <img tal:attributes="src python: \'%s/vifib_hosting_image/%s%s.png\' % (web_site_url,main_section.getId(),is_active and \'_active\' or \'\');\n
alt main_section/getId;" />\n alt main_section/getId;" />\n
<a tal:attributes="href python: main_section.WebSection_getPermanentURL(document=main_section, view=False);\n <a tal:attributes="href python: main_section.WebSection_getPermanentURL(document=main_section, view=False);\n
class python:is_active and \'active\' or \'\';" \n class python:is_active and \'active\' or \'\';" \n
...@@ -60,13 +60,16 @@ ...@@ -60,13 +60,16 @@
<!-- Link to sub section -->\n <!-- Link to sub section -->\n
<li tal:repeat="sub_item subsection_list" >\n <li tal:repeat="sub_item subsection_list" >\n
<tal:block tal:define="is_active python: current_web_section.getTranslatedTitle()==sub_item[\'translated_title\']">\n <tal:block tal:define="is_active python: current_web_section.getTranslatedTitle()==sub_item[\'translated_title\']">\n
<img tal:attributes="src python: \'%s/vifib_%s_image/%s%s.png\' % (web_site_url,current_web_site.getId(),sub_item[\'id\'],is_active and \'_active\' or \'\');\n <tal:block tal:condition="python: current_web_section.WebSection_isSectionAllowed(sub_item[\'layout_required_role\'])">\n
\n
<img tal:attributes="src python: \'%s/vifib_hosting_image/%s%s.png\' % (web_site_url,sub_item[\'id\'],is_active and \'_active\' or \'\');\n
alt sub_item/id;" />\n alt sub_item/id;" />\n
<a i18n:translate="" \n <a i18n:translate="" \n
tal:attributes="href sub_item/url ;\n tal:attributes="href sub_item/url ;\n
class python: is_active and \'active\' or \'\';" \n class python: is_active and \'active\' or \'\';" \n
tal:content="sub_item/translated_title">Menu subitem 1</a>\n tal:content="sub_item/translated_title">Menu subitem 1</a>\n
</tal:block>\n </tal:block>\n
</tal:block>\n
</li>\n </li>\n
</ul>\n </ul>\n
</tal:block> </tal:block>
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment