Commit 6248418d authored by Julien Muchembled's avatar Julien Muchembled

UnrestrictedMethod should only be used to decorate function at load time

* Copy docstring/name of the wrapped function onto the wrapper.
* Rename _unrestricted_apply to unrestricted_apply: for performance reason,
  this function should be used instead of creating a temporary wrapper at
  every call.

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@30412 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent ed51b0d4
...@@ -66,9 +66,18 @@ def UnrestrictedMethod(function): ...@@ -66,9 +66,18 @@ def UnrestrictedMethod(function):
This method is dangerous. Enough said. Be careful. This method is dangerous. Enough said. Be careful.
""" """
return lambda *args, **kw: _unrestricted_apply(function, args, kw) wrapper = lambda *args, **kw: unrestricted_apply(function, args, kw)
wrapper.__doc__ = function.__doc__
wrapper.__name__ = function.__name__
return wrapper
def _unrestricted_apply(function, args, kw): def unrestricted_apply(function, args=(), kw={}):
"""Function to bypass all security checks
This function is as dangerous as 'UnrestrictedMethod' decorator. Read its
docstring for more information. Never use this, until you are 100% certain
that you have no other way.
"""
security_manager = getSecurityManager() security_manager = getSecurityManager()
user = security_manager.getUser() user = security_manager.getUser()
anonymous = (user.getUserName() == 'Anonymous User') anonymous = (user.getUserName() == 'Anonymous User')
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment