diff --git a/bt5/erp5_base/WorkflowTemplateItem/portal_workflow/delivery_causality_workflow/scripts/Delivery_solveDivergence.xml b/bt5/erp5_base/WorkflowTemplateItem/portal_workflow/delivery_causality_workflow/scripts/Delivery_solveDivergence.xml
index be14675f1b1f5c4705a8b4ab1f5760c923ac2d28..c85fa85b3ee14051029d841d0446ba974ba91a25 100644
--- a/bt5/erp5_base/WorkflowTemplateItem/portal_workflow/delivery_causality_workflow/scripts/Delivery_solveDivergence.xml
+++ b/bt5/erp5_base/WorkflowTemplateItem/portal_workflow/delivery_causality_workflow/scripts/Delivery_solveDivergence.xml
@@ -73,6 +73,14 @@ if len(delivery_solve_property_dict) or len(divergence_to_accept_list) \\\n
<key> <string>_params</string> </key>
<value> <string>state_change</string> </value>
</item>
+ <item>
+ <key> <string>_proxy_roles</string> </key>
+ <value>
+ <tuple>
+ <string>Manager</string>
+ </tuple>
+ </value>
+ </item>
<item>
<key> <string>id</string> </key>
<value> <string>Delivery_solveDivergence</string> </value>
diff --git a/bt5/erp5_credential/DocumentTemplateItem/portal_components/document.erp5.CredentialRecovery.py b/bt5/erp5_credential/DocumentTemplateItem/portal_components/document.erp5.CredentialRecovery.py
index 265794586448f8506eba1c44c466636f72c08fe7..e8ee5f86533d49813e57e69ad9cf0c8989391c02 100644
--- a/bt5/erp5_credential/DocumentTemplateItem/portal_components/document.erp5.CredentialRecovery.py
+++ b/bt5/erp5_credential/DocumentTemplateItem/portal_components/document.erp5.CredentialRecovery.py
@@ -58,6 +58,8 @@ class CredentialRecovery(Ticket, EncryptedPasswordMixin):
, PropertySheet.Url
)
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'isAnswerCorrect')
def isAnswerCorrect(self):
'''
Check if the given answer match the real answer
diff --git a/bt5/erp5_ui_test_core/SkinTemplateItem/portal_skins/erp5_ui_test_core/Zuite_waitForActivities.xml b/bt5/erp5_ui_test_core/SkinTemplateItem/portal_skins/erp5_ui_test_core/Zuite_waitForActivities.xml
index a1f3820f37a164e7c043310612ee0d845f772297..cb288655cb819dfebb56223f697e9242bf9b5155 100644
--- a/bt5/erp5_ui_test_core/SkinTemplateItem/portal_skins/erp5_ui_test_core/Zuite_waitForActivities.xml
+++ b/bt5/erp5_ui_test_core/SkinTemplateItem/portal_skins/erp5_ui_test_core/Zuite_waitForActivities.xml
@@ -76,6 +76,14 @@ return \'Done.\'\n
<key> <string>_params</string> </key>
<value> <string>count = 1000</string> </value>
</item>
+ <item>
+ <key> <string>_proxy_roles</string> </key>
+ <value>
+ <tuple>
+ <string>Manager</string>
+ </tuple>
+ </value>
+ </item>
<item>
<key> <string>id</string> </key>
<value> <string>Zuite_waitForActivities</string> </value>
diff --git a/product/CMFActivity/ActiveObject.py b/product/CMFActivity/ActiveObject.py
index 12ea47421cc7ee9a33a7609916b9fe6f948f8ea9..5f1ad34af0ef123ca61fbee4fcac11da79136fa2 100644
--- a/product/CMFActivity/ActiveObject.py
+++ b/product/CMFActivity/ActiveObject.py
@@ -31,6 +31,7 @@ import warnings
from contextlib import contextmanager
from AccessControl import ClassSecurityInfo
from Acquisition import aq_base
+from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type.TransactionalVariable import getTransactionalVariable
from ActivityRuntimeEnvironment import getActivityRuntimeEnvironment
from AccessControl import Unauthorized
@@ -58,6 +59,7 @@ class ActiveObject(ExtensionClass.Base):
security = ClassSecurityInfo()
+ security.declarePublic('activate')
def activate(self, activity=DEFAULT_ACTIVITY, active_process=None,
activate_kw=None, REQUEST=None, **kw):
"""Returns an active wrapper for this object.
@@ -207,3 +209,5 @@ class ActiveObject(ExtensionClass.Base):
def getActivityRuntimeEnvironment(self):
return getActivityRuntimeEnvironment()
+
+InitializeClass(ActiveObject)
diff --git a/product/CMFActivity/ActivityTool.py b/product/CMFActivity/ActivityTool.py
index 0677aaa141962cba158e2decb037b6b81efe2223..5910e0b6a4f36ce5359639a15a0fe6c91a15cc0c 100644
--- a/product/CMFActivity/ActivityTool.py
+++ b/product/CMFActivity/ActivityTool.py
@@ -808,6 +808,7 @@ class ActivityTool (Folder, UniqueObject):
self.subscribe()
Folder.inheritedAttribute('manage_afterAdd')(self, item, container)
+ security.declareProtected(CMFCorePermissions.ManagePortal, 'getServerAddress')
def getServerAddress(self):
"""
Backward-compatibility code only.
@@ -828,6 +829,7 @@ class ActivityTool (Folder, UniqueObject):
_server_address = '%s:%s' %(ip, port)
return _server_address
+ security.declareProtected(CMFCorePermissions.ManagePortal, 'getCurrentNode')
def getCurrentNode(self):
""" Return current node identifier """
global currentNode
@@ -848,7 +850,7 @@ class ActivityTool (Folder, UniqueObject):
currentNode = self.getServerAddress()
return currentNode
- security.declarePublic('getDistributingNode')
+ security.declareProtected(CMFCorePermissions.ManagePortal, 'getDistributingNode')
def getDistributingNode(self):
""" Return the distributingNode """
return self.distributingNode
@@ -977,6 +979,7 @@ class ActivityTool (Folder, UniqueObject):
'/manageLoadBalancing?manage_tabs_message=' +
urllib.quote(message))
+ security.declarePrivate('process_shutdown')
def process_shutdown(self, phase, time_in_phase):
"""
Prevent shutdown from happening while an activity queue is
@@ -989,6 +992,7 @@ class ActivityTool (Folder, UniqueObject):
is_running_lock.acquire()
LOG('CMFActivity', INFO, "Shutdown: Activities finished.")
+ security.declareProtected(CMFCorePermissions.ManagePortal, 'process_timer')
def process_timer(self, tick, interval, prev="", next=""):
"""
Call distribute() if we are the Distributing Node and call tic()
@@ -1112,6 +1116,7 @@ class ActivityTool (Folder, UniqueObject):
return True
return False
+ security.declarePrivate('getActivityBuffer')
def getActivityBuffer(self, create_if_not_found=True):
"""
Get activtity buffer for this thread for this activity tool.
diff --git a/product/CMFCategory/Category.py b/product/CMFCategory/Category.py
index 54ef0078857a36b5713af2a376b383828eb3fafb..cb39f58f24a4d25dbd3ad9e79d69216faa9296e0 100644
--- a/product/CMFCategory/Category.py
+++ b/product/CMFCategory/Category.py
@@ -452,6 +452,8 @@ class Category(Folder):
display_id='logical_path',
base=base, **kw)
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getCategoryChildTranslatedLogicalPathItemList')
def getCategoryChildTranslatedLogicalPathItemList(self,
recursive=1, base=0, **kw):
"""
@@ -652,6 +654,7 @@ class Category(Folder):
# Predicate interface
_operators = []
+ security.declareProtected(Permissions.AccessContentsInformation, 'test')
def test(self, context):
"""
A Predicate can be tested on a given context
@@ -799,10 +802,12 @@ class BaseCategory(Category):
# BBB: Required to start instance with old
# version of erp5_property_sheets BT.
related_locally_indexed = False
+ security.declarePrivate('isRelatedLocallyIndexed')
def isRelatedLocallyIndexed(self):
"""Determines if related values should be indexed on target documents"""
return self.related_locally_indexed
+ security.declareProtected(Permissions.AccessContentsInformation, 'asSQLExpression')
def asSQLExpression(self, strict_membership=0, table='category', base_category=None):
"""
A Predicate can be rendered as an sql expression. This
diff --git a/product/ERP5/Document/Agent.py b/product/ERP5/Document/Agent.py
index 938fba275843d1d6705bcde4cc26901b1a57ea84..6062998b8a9d801707b18296b973f6bac30d2ecf 100644
--- a/product/ERP5/Document/Agent.py
+++ b/product/ERP5/Document/Agent.py
@@ -65,7 +65,8 @@ class Agent(Folder, Image):
security.declareProtected(Permissions.AccessContentsInformation, 'viewImage')
viewImage = Image.index_html
-
+
+ security.declareProtected(Permissions.ModifyPortalContent, 'importSignature')
def importSignature(self, import_file=None, form_id=None, REQUEST=None, **kw):
"""
Imports a scan of a signature.
@@ -89,4 +90,3 @@ class Agent(Folder, Image):
ret_url = self.absolute_url() + '/' + REQUEST.get('form_id', 'view')
REQUEST.RESPONSE.redirect("%s?portal_status_message=Signature+Imported+Successfully"
% ret_url)
-
diff --git a/product/ERP5/Document/BaseCategory.py b/product/ERP5/Document/BaseCategory.py
index cb8df4db38e1c901df145ab192abef284ca22b66..3ed0c18c9d8229f8b60f541b81fead05946876f9 100644
--- a/product/ERP5/Document/BaseCategory.py
+++ b/product/ERP5/Document/BaseCategory.py
@@ -57,6 +57,8 @@ class BaseCategory(CMFBaseCategory, XMLObject):
, PropertySheet.Predicate)
# Experimental - WebDAV browsing support - ask JPS
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'experimental_listDAVObjects')
def experimental_listDAVObjects(self):
from zLOG import LOG
LOG("BaseCategory listDAVObjects" ,0, "listDAVObjects")
diff --git a/product/ERP5/Document/BudgetModel.py b/product/ERP5/Document/BudgetModel.py
index 6f59adafd0cd739323e3a1394b6db863d7adf302..7fd7392f8ec8607abefa0983835b0eb322c31e00 100644
--- a/product/ERP5/Document/BudgetModel.py
+++ b/product/ERP5/Document/BudgetModel.py
@@ -56,7 +56,9 @@ class BudgetModel(Predicate):
# Declarative security
security = ClassSecurityInfo()
security.declareObjectProtected(Permissions.AccessContentsInformation)
-
+
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getCellRangeForBudgetLine')
def getCellRangeForBudgetLine(self, budget_line, matrixbox=0):
"""Return the cell range to use for the budget.
"""
@@ -74,6 +76,8 @@ class BudgetModel(Predicate):
cell_range.extend(variation_cell_range)
return cell_range
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getConsumptionCellRangeForBudgetLine')
def getConsumptionCellRangeForBudgetLine(self, budget_line, matrixbox=0, engaged_budget=False):
"""Return the cell range to use for the budget consumption.
@@ -94,6 +98,8 @@ class BudgetModel(Predicate):
cell_range.extend(variation_cell_range)
return cell_range
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getInventoryQueryDict')
def getInventoryQueryDict(self, budget_cell):
"""Returns the query dict to pass to simulation query for a budget cell
"""
@@ -112,6 +118,8 @@ class BudgetModel(Predicate):
query_dict.setdefault('at_date', start_date_range_max.latestTime())
return query_dict
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getInventoryListQueryDict')
def getInventoryListQueryDict(self, budget_line):
"""Returns the query dict to pass to simulation query for a budget line
"""
@@ -154,7 +162,9 @@ class BudgetModel(Predicate):
if key:
cell_key += (key,)
return cell_key
-
+
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'asBudgetPredicate')
def asBudgetPredicate(self):
" "
# XXX predicate for line / cell ?
diff --git a/product/ERP5/Document/BusinessLink.py b/product/ERP5/Document/BusinessLink.py
index 6756173461f6ddab595fd2306a1050097b6942f4..ef745a302ae9027f8c53f22c31dd1b3e13a5dfbe 100644
--- a/product/ERP5/Document/BusinessLink.py
+++ b/product/ERP5/Document/BusinessLink.py
@@ -121,6 +121,8 @@ class BusinessLink(Path, Predicate):
method = getattr(movement, method_id) # We wish to raise if it does not exist
return method()
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getCompletionDate')
def getCompletionDate(self, explanation):
"""Returns the date of completion of business path in the
context of the explanation. The completion date of the Business
@@ -220,6 +222,7 @@ class BusinessLink(Path, Predicate):
return False
return True
+ security.declareProtected(Permissions.AccessContentsInformation, 'isDelivered')
def isDelivered(self, explanation):
"""Returns True is all simulation movements related to this
Business Link in the context of given explanation are built
diff --git a/product/ERP5/Document/BusinessTemplate.py b/product/ERP5/Document/BusinessTemplate.py
index 03222a6b70b409f71f34710ffa080582c9c08628..07f32a7734f0d481822715a5ec7d4a3d0067a36f 100644
--- a/product/ERP5/Document/BusinessTemplate.py
+++ b/product/ERP5/Document/BusinessTemplate.py
@@ -4804,6 +4804,8 @@ Business Template is a set of definitions, such as skins, portal types and categ
self.workflow_history[
'business_template_installation_workflow'] = None
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getShortRevision')
def getShortRevision(self):
"""Returned a shortened revision"""
r = self.getRevision()
@@ -4962,12 +4964,14 @@ Business Template is a set of definitions, such as skins, portal types and categ
return self.portal_templates.publish(self, url, username=username,
password=password)
+ security.declareProtected(Permissions.ManagePortal, 'update')
def update(self):
"""
Update template: download new template definition
"""
return self.portal_templates.update(self)
+ security.declareProtected(Permissions.ManagePortal, 'isCatalogUpdatable')
def isCatalogUpdatable(self):
"""
Return if catalog will be updated or not by business template installation
@@ -4985,6 +4989,7 @@ Business Template is a set of definitions, such as skins, portal types and categ
return True
return False
+ security.declareProtected(Permissions.ManagePortal, 'preinstall')
def preinstall(self, check_dependencies=1, **kw):
"""
Return the list of modified/new/removed object between a Business Template
@@ -5243,6 +5248,7 @@ Business Template is a set of definitions, such as skins, portal types and categ
result = tuple(result)
return result
+ security.declareProtected(Permissions.AccessContentsInformation, 'getTemplateCatalogMethodIdList')
def getTemplateCatalogMethodIdList(self):
"""
We have to set this method because we want an
@@ -5250,6 +5256,7 @@ Business Template is a set of definitions, such as skins, portal types and categ
"""
return self._getOrderedList('template_catalog_method_id')
+ security.declareProtected(Permissions.AccessContentsInformation, 'getTemplateBaseCategoryList')
def getTemplateBaseCategoryList(self):
"""
We have to set this method because we want an
@@ -5257,6 +5264,7 @@ Business Template is a set of definitions, such as skins, portal types and categ
"""
return self._getOrderedList('template_base_category')
+ security.declareProtected(Permissions.AccessContentsInformation, 'getTemplateWorkflowIdList')
def getTemplateWorkflowIdList(self):
"""
We have to set this method because we want an
@@ -5264,6 +5272,7 @@ Business Template is a set of definitions, such as skins, portal types and categ
"""
return self._getOrderedList('template_workflow_id')
+ security.declareProtected(Permissions.AccessContentsInformation, 'getTemplatePortalTypeIdList')
def getTemplatePortalTypeIdList(self):
"""
We have to set this method because we want an
@@ -5271,6 +5280,7 @@ Business Template is a set of definitions, such as skins, portal types and categ
"""
return self._getOrderedList('template_portal_type_id')
+ security.declareProtected(Permissions.AccessContentsInformation, 'getTemplatePortalTypeWorkflowChainList')
def getTemplatePortalTypeWorkflowChainList(self):
"""
We have to set this method because we want an
@@ -5278,6 +5288,7 @@ Business Template is a set of definitions, such as skins, portal types and categ
"""
return self._getOrderedList('template_portal_type_workflow_chain')
+ security.declareProtected(Permissions.AccessContentsInformation, 'getTemplatePathList')
def getTemplatePathList(self):
"""
We have to set this method because we want an
@@ -5285,6 +5296,7 @@ Business Template is a set of definitions, such as skins, portal types and categ
"""
return self._getOrderedList('template_path')
+ security.declareProtected(Permissions.AccessContentsInformation, 'getTemplatePreferenceList')
def getTemplatePreferenceList(self):
"""
We have to set this method because we want an
@@ -5292,6 +5304,7 @@ Business Template is a set of definitions, such as skins, portal types and categ
"""
return self._getOrderedList('template_preference')
+ security.declareProtected(Permissions.AccessContentsInformation, 'getTemplatePortalTypeAllowedContentTypeList')
def getTemplatePortalTypeAllowedContentTypeList(self):
"""
We have to set this method because we want an
@@ -5299,6 +5312,7 @@ Business Template is a set of definitions, such as skins, portal types and categ
"""
return self._getOrderedList('template_portal_type_allowed_content_type')
+ security.declareProtected(Permissions.AccessContentsInformation, 'getTemplatePortalTypeHiddenContentTypeList')
def getTemplatePortalTypeHiddenContentTypeList(self):
"""
We have to set this method because we want an
@@ -5306,6 +5320,7 @@ Business Template is a set of definitions, such as skins, portal types and categ
"""
return self._getOrderedList('template_portal_type_hidden_content_type')
+ security.declareProtected(Permissions.AccessContentsInformation, 'getTemplatePortalTypePropertySheetList')
def getTemplatePortalTypePropertySheetList(self):
"""
We have to set this method because we want an
@@ -5313,6 +5328,7 @@ Business Template is a set of definitions, such as skins, portal types and categ
"""
return self._getOrderedList('template_portal_type_property_sheet')
+ security.declareProtected(Permissions.AccessContentsInformation, 'getTemplatePortalTypeBaseCategoryList')
def getTemplatePortalTypeBaseCategoryList(self):
"""
We have to set this method because we want an
@@ -5320,6 +5336,7 @@ Business Template is a set of definitions, such as skins, portal types and categ
"""
return self._getOrderedList('template_portal_type_base_category')
+ security.declareProtected(Permissions.AccessContentsInformation, 'getTemplateActionPathList')
def getTemplateActionPathList(self):
"""
We have to set this method because we want an
@@ -5327,6 +5344,7 @@ Business Template is a set of definitions, such as skins, portal types and categ
"""
return self._getOrderedList('template_action_path')
+ security.declareProtected(Permissions.AccessContentsInformation, 'getTemplatePortalTypeRoleList')
def getTemplatePortalTypeRoleList(self):
"""
We have to set this method because we want an
@@ -5334,6 +5352,7 @@ Business Template is a set of definitions, such as skins, portal types and categ
"""
return self._getOrderedList('template_portal_type_role')
+ security.declareProtected(Permissions.AccessContentsInformation, 'getTemplateLocalRoleList')
def getTemplateLocalRoleList(self):
"""
We have to set this method because we want an
@@ -5341,6 +5360,7 @@ Business Template is a set of definitions, such as skins, portal types and categ
"""
return self._getOrderedList('template_local_role')
+ security.declareProtected(Permissions.AccessContentsInformation, 'getTemplateSkinIdList')
def getTemplateSkinIdList(self):
"""
We have to set this method because we want an
@@ -5348,6 +5368,7 @@ Business Template is a set of definitions, such as skins, portal types and categ
"""
return self._getOrderedList('template_skin_id')
+ security.declareProtected(Permissions.AccessContentsInformation, 'getTemplateRegisteredSkinSelectionList')
def getTemplateRegisteredSkinSelectionList(self):
"""
We have to set this method because we want an
@@ -5355,6 +5376,7 @@ Business Template is a set of definitions, such as skins, portal types and categ
"""
return self._getOrderedList('template_registered_skin_selection')
+ security.declareProtected(Permissions.AccessContentsInformation, 'getTemplateRegisteredVersionPrioritySelectionList')
def getTemplateRegisteredVersionPrioritySelectionList(self):
"""
We have to set this method because we want an
@@ -5367,6 +5389,7 @@ Business Template is a set of definitions, such as skins, portal types and categ
except AttributeError:
return ()
+ security.declareProtected(Permissions.AccessContentsInformation, 'getTemplateModuleIdList')
def getTemplateModuleIdList(self):
"""
We have to set this method because we want an
@@ -5374,6 +5397,7 @@ Business Template is a set of definitions, such as skins, portal types and categ
"""
return self._getOrderedList('template_module_id')
+ security.declareProtected(Permissions.AccessContentsInformation, 'getTemplateMessageTranslationList')
def getTemplateMessageTranslationList(self):
"""
We have to set this method because we want an
@@ -5381,6 +5405,7 @@ Business Template is a set of definitions, such as skins, portal types and categ
"""
return self._getOrderedList('template_message_translation')
+ security.declareProtected(Permissions.AccessContentsInformation, 'getTemplateToolIdList')
def getTemplateToolIdList(self):
"""
We have to set this method because we want an
@@ -5399,18 +5424,21 @@ Business Template is a set of definitions, such as skins, portal types and categ
return True
return False
+ security.declarePrivate('isKeepObject')
def isKeepObject(self, path):
"""
Return True if path is included in keep object list.
"""
return self._isInKeepList(self.getTemplateKeepPathList(), path)
+ security.declarePrivate('isKeepWorkflowObject')
def isKeepWorkflowObject(self, path):
"""
Return True if path is included in keep workflow object list.
"""
return self._isInKeepList(self.getTemplateKeepWorkflowPathList(), path)
+ security.declarePrivate('isKeepWorkflowObjectLastHistoryOnly')
def isKeepWorkflowObjectLastHistoryOnly(self, path):
"""
Return True if path is included in keep workflow last state only list
@@ -5418,6 +5446,7 @@ Business Template is a set of definitions, such as skins, portal types and categ
return self._isInKeepList(self.getTemplateKeepLastWorkflowHistoryOnlyPathList(),
path)
+ security.declarePrivate('getExportPath')
def getExportPath(self):
preferences = self.getPortalObject().portal_preferences
bt_name = self.getTitle()
@@ -5565,6 +5594,7 @@ Business Template is a set of definitions, such as skins, portal types and categ
self._setRevision(bta.getRevision())
+ security.declareProtected(Permissions.AccessContentsInformation, 'getItemsList')
def getItemsList(self):
"""Return list of items in business template
"""
@@ -5575,6 +5605,7 @@ Business Template is a set of definitions, such as skins, portal types and categ
items_list.extend(item.getKeys())
return items_list
+ security.declareProtected(Permissions.ManagePortal, 'checkDependencies')
def checkDependencies(self):
"""
Check if all the dependencies of the business template
@@ -5587,6 +5618,7 @@ Business Template is a set of definitions, such as skins, portal types and categ
'Impossible to install %s, please install the following dependencies before: %s' \
%(self.getTitle(), repr(missing_dep_list))
+ security.declareProtected(Permissions.ManagePortal, 'getMissingDependencyList')
def getMissingDependencyList(self):
"""
Retuns a list of missing dependencies.
@@ -5613,6 +5645,7 @@ Business Template is a set of definitions, such as skins, portal types and categ
missing_dep_list.append((dependency, version_restriction or ''))
return [' '.join([y for y in x if y]) for x in missing_dep_list]
+ security.declareProtected(Permissions.ManagePortal, 'diffObjectAsHTML')
def diffObjectAsHTML(self, REQUEST, **kw):
"""
Convert diff into a HTML format before reply
@@ -5621,6 +5654,7 @@ Business Template is a set of definitions, such as skins, portal types and categ
"""
return DiffFile(self.diffObject(REQUEST, **kw)).toHTML()
+ security.declareProtected(Permissions.ManagePortal, 'diffObject')
def diffObject(self, REQUEST, **kw):
"""
Make a diff between an object in the Business Template
@@ -5812,6 +5846,7 @@ Business Template is a set of definitions, such as skins, portal types and categ
return diff_msg
+ security.declareProtected(Permissions.AccessContentsInformation, 'getPortalTypesProperties')
def getPortalTypesProperties(self, **kw):
"""
Fill field about properties for each portal type
@@ -5902,6 +5937,8 @@ Business Template is a set of definitions, such as skins, portal types and categ
self.setTemplateActionPathList(bt_action_list)
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'guessPortalTypes')
def guessPortalTypes(self, **kw):
"""
This method guesses portal types based on modules define in the Business Template
@@ -5972,6 +6009,7 @@ Business Template is a set of definitions, such as skins, portal types and categ
setattr(self, 'template_portal_type_id', bt_portal_types_id_list)
return
+ security.declarePrivate('clearPortalTypes')
def clearPortalTypes(self, **kw):
"""
clear id list register for portal types
diff --git a/product/ERP5/Document/Category.py b/product/ERP5/Document/Category.py
index 736bb18e6c3d5f6b5086f8263e0b25f37c87b453..5d77ee7f6a415cd8327704b09309f7d49af444f8 100644
--- a/product/ERP5/Document/Category.py
+++ b/product/ERP5/Document/Category.py
@@ -145,6 +145,8 @@ class Category(CMFCategory, Predicate, MetaNode, MetaResource):
return None
# Experimental - WebDAV browsing support - ask JPS
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'experimental_listDAVObjects')
def experimental_listDAVObjects(self):
"""
"""
diff --git a/product/ERP5/Document/CategoryBudgetVariation.py b/product/ERP5/Document/CategoryBudgetVariation.py
index 25d806b495d58fa615f48304a1d8c638ec0e2de2..2721e9c43b03798ac2940060e7a6168d2e441404 100644
--- a/product/ERP5/Document/CategoryBudgetVariation.py
+++ b/product/ERP5/Document/CategoryBudgetVariation.py
@@ -56,10 +56,14 @@ class CategoryBudgetVariation(BudgetVariation):
# zope.interface.implements(BudgetVariation, )
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'asBudgetPredicate')
def asBudgetPredicate(self):
"""This budget variation in a predicate
"""
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getCellRangeForBudgetLine')
def getCellRangeForBudgetLine(self, budget_line, matrixbox=0):
"""The cell range added by this variation
"""
@@ -69,6 +73,8 @@ class CategoryBudgetVariation(BudgetVariation):
return [[(i[1], i[0]) for i in item_list if i[1] in variation_category_list]]
return [[i[1] for i in item_list if i[1] in variation_category_list]]
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getConsumptionCellRangeForBudgetLine')
def getConsumptionCellRangeForBudgetLine(self, budget_line, matrixbox=0, engaged_budget=False):
"""The cell range added by this variation for consumption
"""
@@ -101,6 +107,8 @@ class CategoryBudgetVariation(BudgetVariation):
return [[(i[1], i[0]) for i in item_list if i[0] in used_node_item_set]]
return [[i[1] for i in item_list if i[1] in used_node_item_set]]
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getInventoryQueryDict')
def getInventoryQueryDict(self, budget_cell):
""" Query dict to pass to simulation query
"""
@@ -144,6 +152,8 @@ class CategoryBudgetVariation(BudgetVariation):
return query_dict
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getInventoryListQueryDict')
def getInventoryListQueryDict(self, budget_line):
"""Returns the query dict to pass to simulation query for a budget line
"""
@@ -195,6 +205,8 @@ class CategoryBudgetVariation(BudgetVariation):
return query_dict
return {}
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getBudgetVariationRangeCategoryList')
def getBudgetVariationRangeCategoryList(self, context):
"""Returns the Variation Range Category List that can be applied to this
budget.
@@ -216,6 +228,8 @@ class CategoryBudgetVariation(BudgetVariation):
checked_permission='View')
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getBudgetLineVariationRangeCategoryList')
def getBudgetLineVariationRangeCategoryList(self, budget_line):
"""Returns the Variation Range Category List that can be applied to this
budget line.
@@ -246,6 +260,8 @@ class CategoryBudgetVariation(BudgetVariation):
return getattr(portal.portal_categories.unrestrictedTraverse(base_category),
item_list_method)(**item_list_method_parameter_dict)
+ security.declareProtected(Permissions.ModifyPortalContent,
+ 'initializeBudgetLine')
def initializeBudgetLine(self, budget_line):
"""Initialize a budget line
"""
@@ -263,6 +279,8 @@ class CategoryBudgetVariation(BudgetVariation):
budget_line.setMembershipCriterionBaseCategoryList(
budget_line_membership_criterion_base_category_list)
+ security.declareProtected(Permissions.ModifyPortalContent,
+ 'initializeBudget')
def initializeBudget(self, budget):
"""Initialize a budget.
"""
diff --git a/product/ERP5/Document/Container.py b/product/ERP5/Document/Container.py
index 5d11d3c18a7c7794185d6116d15b43126ddb2ca6..530b6f08f6350a31a3fa197db89b44d524ef61f5 100644
--- a/product/ERP5/Document/Container.py
+++ b/product/ERP5/Document/Container.py
@@ -108,6 +108,8 @@ class Container(Movement, XMLObject):
"""
return False
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getContainerText')
def getContainerText(self):
"""
Creates a unique string which allows to compare/hash two containers
diff --git a/product/ERP5/Document/Delivery.py b/product/ERP5/Document/Delivery.py
index c021de72d01bb0d63629ad65c0bc93b5fb2cca43..c7b8eb806102f3083c376dfa961d8feac2572e09 100644
--- a/product/ERP5/Document/Delivery.py
+++ b/product/ERP5/Document/Delivery.py
@@ -339,6 +339,7 @@ class Delivery(XMLObject, ImmobilisationDelivery, SimulableMixin,
divergence_list.extend(simulation_movement.getDivergenceList())
return divergence_list
+ security.declareProtected(Permissions.AccessContentsInformation, 'updateCausalityState')
@UnrestrictedMethod
def updateCausalityState(self, solve_automatically=True, **kw):
"""
@@ -369,6 +370,8 @@ class Delivery(XMLObject, ImmobilisationDelivery, SimulableMixin,
if kw:
super(Delivery, self).updateSimulation(**kw)
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'splitAndDeferMovementList')
def splitAndDeferMovementList(self, start_date=None, stop_date=None,
movement_uid_list=[], delivery_solver=None,
target_solver='CopyToTarget', delivery_builder=None):
@@ -757,6 +760,8 @@ class Delivery(XMLObject, ImmobilisationDelivery, SimulableMixin,
"""
pass
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getBuilderList')
def getBuilderList(self):
"""Returns appropriate builder list."""
return self._getTypeBasedMethod('getBuilderList')()
@@ -832,6 +837,8 @@ class Delivery(XMLObject, ImmobilisationDelivery, SimulableMixin,
result += movement.getDeliveryRelatedValueList()
return result
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getDivergentTesterAndSimulationMovementList')
def getDivergentTesterAndSimulationMovementList(self):
"""
This method returns a list of (tester, simulation_movement) for each divergence.
diff --git a/product/ERP5/Document/DeliveryLine.py b/product/ERP5/Document/DeliveryLine.py
index 172ca2a0a562fb2525354f6f7470ebf65f4f0593..83b09beec8da37ce662a220bda79597802a097b0 100644
--- a/product/ERP5/Document/DeliveryLine.py
+++ b/product/ERP5/Document/DeliveryLine.py
@@ -465,6 +465,7 @@ class DeliveryLine(Movement, XMLMatrix, ImmobilisationMovement):
delivery_ratio = 1.0 / len(s_m_list_per_movement)
s_m.edit(delivery_ratio=delivery_ratio)
+ security.declareProtected(Permissions.ModifyPortalContent, 'solve')
def solve(self, decision_list):
"""Solves line according to decision list
"""
diff --git a/product/ERP5/Document/Document.py b/product/ERP5/Document/Document.py
index 9c265fab5763a92f242db2cebc343c559a1627b4..a1dfc0a16660971569471f367908184c20685d08 100644
--- a/product/ERP5/Document/Document.py
+++ b/product/ERP5/Document/Document.py
@@ -313,7 +313,7 @@ class Document(DocumentExtensibleTraversableMixin, XMLObject, UrlMixin,
text = self.getSearchableText() # XXX getSearchableText or asText ?
return self._getSearchableReferenceList(text)
- security.declareProtected(Permissions.AccessContentsInformation, 'getSearchableReferenceList')
+ security.declareProtected(Permissions.AccessContentsInformation, 'isSearchableReference')
def isSearchableReference(self):
"""
Determine if current document's reference can be used for searching - i.e. follows
diff --git a/product/ERP5/Document/Domain.py b/product/ERP5/Document/Domain.py
index 1aba42d70504398ed9308ec3fc1f9b3d396dd9d8..59b78509c2daf2eec8e1270847617c28694a07f8 100644
--- a/product/ERP5/Document/Domain.py
+++ b/product/ERP5/Document/Domain.py
@@ -120,6 +120,8 @@ class Domain(Predicate, MetaNode, MetaResource):
domain = self.newContent(id=id, portal_type='Domain', temp_object=1)
return domain.__of__(self)
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getChildDomainValueList')
def getChildDomainValueList(self, parent = None, **kw):
"""
Return child domain objects already present or me may generate
@@ -130,6 +132,8 @@ class Domain(Predicate, MetaNode, MetaResource):
return self.portal_domains.getChildDomainValueList(parent, **kw)
# Experimental - WebDAV browsing support - ask JPS
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'experimental_listDAVObjects')
def experimental_listDAVObjects(self):
result = self.objectValues(portal_type = self.getPortalType())
result.extend(self.portal_catalog(selection_domain = self))
diff --git a/product/ERP5/Document/Event.py b/product/ERP5/Document/Event.py
index 70192b9cf3572b2472e116f5b9779ad9bf0b962f..08a37e4a56ffba349585ca43ffba014bfb432ecc 100644
--- a/product/ERP5/Document/Event.py
+++ b/product/ERP5/Document/Event.py
@@ -30,6 +30,7 @@ from AccessControl import ClassSecurityInfo
from Products.ERP5Type import Permissions, PropertySheet
from Products.ERP5Type.Accessor.Constant import PropertyGetter as ConstantGetter
+from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5.Document.Movement import Movement
from Products.ERP5.Document.EmailDocument import EmailDocument
@@ -60,6 +61,8 @@ class AcknowledgeableMixin:
return method(**kw)
return None
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'hasAcknowledgementActivity')
def hasAcknowledgementActivity(self, user_name=None):
"""
We will check if there is some current activities running or not
@@ -88,6 +91,8 @@ class AcknowledgeableMixin:
result = True
return result
+InitializeClass(AcknowledgeableMixin)
+
class Event(Movement, EmailDocument, AcknowledgeableMixin):
"""
Event is the base class for all events in ERP5.
diff --git a/product/ERP5/Document/FIFODeliverySolver.py b/product/ERP5/Document/FIFODeliverySolver.py
index b4d03f2ec4f2147b04c0ddfe1bdeb36ab5648fea..4db699d9142b6c9c3c869c1a85267dfc7086b9ca 100644
--- a/product/ERP5/Document/FIFODeliverySolver.py
+++ b/product/ERP5/Document/FIFODeliverySolver.py
@@ -57,6 +57,7 @@ class FIFODeliverySolver(XMLObject):
zope.interface.implements(interfaces.IDeliverySolver,)
# IDeliverySolver Implementation
+ security.declareProtected(Permissions.AccessContentsInformation, 'getTotalQuantity')
def getTotalQuantity(self):
"""
Move this to mixin
@@ -66,6 +67,7 @@ class FIFODeliverySolver(XMLObject):
total_quantity += movement.getQuantity()
return total_quantity
+ security.declareProtected(Permissions.ModifyPortalContent, 'setTotalQuantity')
def setTotalQuantity(self, new_quantity, activate_kw=None):
"""
"""
diff --git a/product/ERP5/Document/File.py b/product/ERP5/Document/File.py
index 9c7429807f8e3e05a4e1d9e426f8ab33e2d055f5..8643dbba4c275b80bae36d40f7c32bd4bba5b0a8 100644
--- a/product/ERP5/Document/File.py
+++ b/product/ERP5/Document/File.py
@@ -120,12 +120,14 @@ class File(Document, CMFFile):
security.declareProtected( Permissions.ModifyPortalContent, 'edit' )
edit = WorkflowMethod( _edit )
+ security.declareProtected(Permissions.View, 'get_size')
def get_size(self):
"""
has to be overwritten here, otherwise WebDAV fails
"""
return self.getSize()
+ security.declareProtected(Permissions.View, 'getcontentlength')
getcontentlength = get_size
def _get_content_type(*args, **kw):
diff --git a/product/ERP5/Document/Image.py b/product/ERP5/Document/Image.py
index 9c70cc6e370a036be168cecdcf42a8a717a72c71..ee217d9347bd229b4f21f121639c12dd29291dab 100644
--- a/product/ERP5/Document/Image.py
+++ b/product/ERP5/Document/Image.py
@@ -438,6 +438,7 @@ class Image(TextConvertableMixin, File, OFSImage):
File.PUT(self, REQUEST, RESPONSE)
self._update_image_info()
+ security.declareProtected(Permissions.AccessContentsInformation, 'getDefaultImageQuality')
def getDefaultImageQuality(self, format=None):
"""
Get default image quality for a format.
diff --git a/product/ERP5/Document/Item.py b/product/ERP5/Document/Item.py
index ed91bf6fabfdec1ee26b216cb85c7efda15b28a7..363a127d7daee6ae348848652d7c3de2bf9be111 100644
--- a/product/ERP5/Document/Item.py
+++ b/product/ERP5/Document/Item.py
@@ -70,6 +70,7 @@ class Item(XMLObject, Amount):
"""
return XMLObject.generateNewId(self, id_group=id_group, default=default, method=method)
+ security.declareProtected(Permissions.AccessContentsInformation, 'getPrice')
def getPrice(self,context=None,**kw):
"""
Get the Price in the context.
@@ -84,16 +85,15 @@ class Item(XMLObject, Amount):
if resource is not None:
local_price = resource.getPrice(self.asContext( context=context, **kw))
return local_price
-
- security.declareProtected(Permissions.ModifyPortalContent, 'getRemainingQuantity')
+
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getRemainingQuantity')
def getRemainingQuantity(self):
"""
Computes the quantity of an item minus quantity of all sub_items
"""
sub_quantity = 0
- sub_item_list = [document
- for document in self.objectValues()
- if document.isItem()]
- for sub_item in sub_item_list :
- sub_quantity += sub_item.getQuantity()
+ for sub_item in self.objectValues():
+ if sub_item.isItem():
+ sub_quantity += sub_item.getQuantity()
return self.getQuantity() - sub_quantity
diff --git a/product/ERP5/Document/MinimisePriceDeliverySolver.py b/product/ERP5/Document/MinimisePriceDeliverySolver.py
index a5db1c78ed0cadae1fa872696420d7ffc57ad6c5..f7dd6f1a96bd65e3e313812887e39a6503dafec4 100644
--- a/product/ERP5/Document/MinimisePriceDeliverySolver.py
+++ b/product/ERP5/Document/MinimisePriceDeliverySolver.py
@@ -57,6 +57,7 @@ class MinimisePriceDeliverySolver(FIFODeliverySolver):
zope.interface.implements(interfaces.IDeliverySolver,)
# IDeliverySolver Implementation
+ security.declareProtected(Permissions.ModifyPortalContent, 'setTotalQuantity')
def setTotalQuantity(self, new_quantity, activate_kw=None):
"""
"""
diff --git a/product/ERP5/Document/Movement.py b/product/ERP5/Document/Movement.py
index cea92871373a2f30507d8ac9d2dc4022eb3acb2b..330cad25e2bb977781f25810ba9a627020048b94 100644
--- a/product/ERP5/Document/Movement.py
+++ b/product/ERP5/Document/Movement.py
@@ -512,6 +512,8 @@ class Movement(XMLObject, Amount, CompositionMixin, AmountGeneratorMixin):
return True
return False
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getDivergenceList')
def getDivergenceList(self):
"""
Return a list of messages that contains the divergences
diff --git a/product/ERP5/Document/NetConvertedQuantityEquivalenceTester.py b/product/ERP5/Document/NetConvertedQuantityEquivalenceTester.py
index 684b382729eb6e177761d2b428954cf309b1bcf0..20e371f14b63dc63f08296bfaa1316ea4dc7ffe4 100644
--- a/product/ERP5/Document/NetConvertedQuantityEquivalenceTester.py
+++ b/product/ERP5/Document/NetConvertedQuantityEquivalenceTester.py
@@ -45,6 +45,8 @@ class NetConvertedQuantityEquivalenceTester(FloatEquivalenceTester):
security = ClassSecurityInfo()
security.declareObjectProtected(Permissions.AccessContentsInformation)
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getUpdatablePropertyDict')
def getUpdatablePropertyDict(self, prevision_movement, decision_movement):
"""
Returns a list of properties to update on decision_movement
diff --git a/product/ERP5/Document/NodeBudgetVariation.py b/product/ERP5/Document/NodeBudgetVariation.py
index 3217332682ee17df940efc9933a111dad65bbc05..f17626220c7911f770dcd762996afca9be00f6ca 100644
--- a/product/ERP5/Document/NodeBudgetVariation.py
+++ b/product/ERP5/Document/NodeBudgetVariation.py
@@ -61,6 +61,8 @@ class NodeBudgetVariation(BudgetVariation):
# zope.interface.implements(BudgetVariation, )
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'asBudgetPredicate')
def asBudgetPredicate(self):
"""This budget variation in a predicate
"""
@@ -87,6 +89,8 @@ class NodeBudgetVariation(BudgetVariation):
node_title_method_id = self.getProperty('node_title_method_id', 'getTitle')
return guarded_getattr(node, node_title_method_id)()
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getCellRangeForBudgetLine')
def getCellRangeForBudgetLine(self, budget_line, matrixbox=0):
"""The cell range added by this variation
"""
@@ -103,6 +107,8 @@ class NodeBudgetVariation(BudgetVariation):
return [[i for i in node_item_list if i[0] in variation_category_list]]
return [[i[0] for i in node_item_list if i[0] in variation_category_list]]
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getConsumptionCellRangeForBudgetLine')
def getConsumptionCellRangeForBudgetLine(self, budget_line, matrixbox=0, engaged_budget=False):
"""The cell range added by this variation for consumption
"""
@@ -136,6 +142,8 @@ class NodeBudgetVariation(BudgetVariation):
return [[i for i in node_item_list if i[0] in used_node_item_set]]
return [[i[0] for i in node_item_list if i[0] in used_node_item_set]]
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getInventoryQueryDict')
def getInventoryQueryDict(self, budget_cell):
""" Query dict to pass to simulation query
"""
@@ -218,6 +226,8 @@ class NodeBudgetVariation(BudgetVariation):
return query_dict
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getInventoryListQueryDict')
def getInventoryListQueryDict(self, budget_line):
"""Returns the query dict to pass to simulation query for a budget line
"""
@@ -309,6 +319,8 @@ class NodeBudgetVariation(BudgetVariation):
self.getProperty('variation_base_category'),)
return key
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getBudgetLineVariationRangeCategoryList')
def getBudgetLineVariationRangeCategoryList(self, budget_line):
"""Returns the Variation Range Category List that can be applied to this
budget line.
@@ -320,6 +332,8 @@ class NodeBudgetVariation(BudgetVariation):
return [(self._getNodeTitle(node), '%s%s' % (prefix, node.getRelativeUrl()))
for node in self._getNodeList(budget_line)]
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getBudgetVariationRangeCategoryList')
def getBudgetVariationRangeCategoryList(self, budget):
"""Returns the Variation Range Category List that can be applied to this
budget.
@@ -331,6 +345,8 @@ class NodeBudgetVariation(BudgetVariation):
return [(self._getNodeTitle(node), '%s%s' % (prefix, node.getRelativeUrl()))
for node in self._getNodeList(budget)]
+ security.declareProtected(Permissions.ModifyPortalContent,
+ 'initializeBudgetLine')
def initializeBudgetLine(self, budget_line):
"""Initialize a budget line
"""
@@ -348,6 +364,8 @@ class NodeBudgetVariation(BudgetVariation):
budget_line.setMembershipCriterionBaseCategoryList(
budget_line_membership_criterion_base_category_list)
+ security.declareProtected(Permissions.ModifyPortalContent,
+ 'initializeBudget')
def initializeBudget(self, budget):
"""Initialize a budget.
"""
diff --git a/product/ERP5/Document/QuantityUnitConversionDefinition.py b/product/ERP5/Document/QuantityUnitConversionDefinition.py
index 735d3e0302940d6f33da2e7bea8d5c076beaf6e3..f47734745e62abeaa191a9481fc4b8c879d3b427 100644
--- a/product/ERP5/Document/QuantityUnitConversionDefinition.py
+++ b/product/ERP5/Document/QuantityUnitConversionDefinition.py
@@ -67,6 +67,8 @@ class QuantityUnitConversionDefinition(XMLObject):
return default_title
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getConversionRatio')
def getConversionRatio(self):
"""
Compute conversion ratio associated with this definition
diff --git a/product/ERP5/Document/Resource.py b/product/ERP5/Document/Resource.py
index 9ca661b82a728442afdacc12852eb9c2fcab5b8b..3ba9d728a45edba1e259d105d4d1e1b20fbd5dd2 100644
--- a/product/ERP5/Document/Resource.py
+++ b/product/ERP5/Document/Resource.py
@@ -1007,6 +1007,8 @@ class Resource(XMLObject, XMLMatrix, VariatedMixin):
return insert_list
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getQuantityUnitDefinitionRatio')
def getQuantityUnitDefinitionRatio(self, quantity_unit_value):
"""
get the ratio used to define the quantity unit quantity_unit_value.
diff --git a/product/ERP5/Document/SimulatedDeliveryBuilder.py b/product/ERP5/Document/SimulatedDeliveryBuilder.py
index 5ab3579d8dedf703b1d9b14fdc164e97a4fc9d92..f85a6d29704d794dcbe71a7441f4c9fdf098fc17 100644
--- a/product/ERP5/Document/SimulatedDeliveryBuilder.py
+++ b/product/ERP5/Document/SimulatedDeliveryBuilder.py
@@ -93,6 +93,7 @@ class SimulatedDeliveryBuilder(BuilderMixin):
, PropertySheet.DeliveryBuilder
)
+ security.declarePrivate('callBeforeBuildingScript')
def callBeforeBuildingScript(self): # XXX-JPS
"""
Redefine this method, because it seems nothing interesting can be
@@ -100,6 +101,7 @@ class SimulatedDeliveryBuilder(BuilderMixin):
"""
pass
+ security.declarePrivate('searchMovementList')
@UnrestrictedMethod
def searchMovementList(self, applied_rule_uid=None, **kw):
"""
@@ -189,6 +191,8 @@ class SimulatedDeliveryBuilder(BuilderMixin):
delivery_relative_url,
divergence_to_adopt_list=divergence_to_adopt_list)
+ security.declareProtected(Permissions.ModifyPortalContent,
+ 'solveDeliveryGroupDivergence')
@UnrestrictedMethod
def solveDeliveryGroupDivergence(self, delivery_relative_url,
property_dict=None):
@@ -333,6 +337,8 @@ class SimulatedDeliveryBuilder(BuilderMixin):
return delivery_list
+ security.declareProtected(Permissions.ModifyPortalContent,
+ 'solveDivergence')
solveDivergence = UnrestrictedMethod(_solveDivergence)
def _createDelivery(self, delivery_module, movement_list, activate_kw):
diff --git a/product/ERP5/Document/SimulationMovement.py b/product/ERP5/Document/SimulationMovement.py
index 979de522f725f13adc77f3e542802875b64ef9d9..a89e0f70533632b334178bd05fda9381a0d2f6a4 100644
--- a/product/ERP5/Document/SimulationMovement.py
+++ b/product/ERP5/Document/SimulationMovement.py
@@ -722,6 +722,8 @@ class SimulationMovement(PropertyRecordableMixin, Movement, ExplainableMixin):
return True
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getSolverProcessValueList')
def getSolverProcessValueList(self, movement=None, validation_state=None):
"""
Returns the list of solver processes which are
@@ -736,6 +738,8 @@ class SimulationMovement(PropertyRecordableMixin, Movement, ExplainableMixin):
"""
raise NotImplementedError
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getSolverDecisionValueList')
def getSolverDecisionValueList(self, movement=None, validation_state=None):
"""
Returns the list of solver decisions which apply
@@ -748,6 +752,8 @@ class SimulationMovement(PropertyRecordableMixin, Movement, ExplainableMixin):
"""
raise NotImplementedError
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getSolvedPropertyApplicationValueList')
def getSolvedPropertyApplicationValueList(self, movement=None, divergence_tester=None):
"""
Returns the list of documents at which a given divergence resolution
diff --git a/product/ERP5/Document/SolverDecision.py b/product/ERP5/Document/SolverDecision.py
index 4d9ebbe3b42a5b8fba464db3e4419364bf47718d..9e0152c6d51850bfd088916a5efa89dadb3457dd 100644
--- a/product/ERP5/Document/SolverDecision.py
+++ b/product/ERP5/Document/SolverDecision.py
@@ -80,6 +80,8 @@ class SolverDecision(ConfigurableMixin, XMLObject):
zope.interface.implements(interfaces.IConfigurable,
)
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getDefaultConfigurationPropertyDict')
def getDefaultConfigurationPropertyDict(self):
"""
Returns a dictionary of default properties for specified
@@ -92,6 +94,8 @@ class SolverDecision(ConfigurableMixin, XMLObject):
else:
return solver_type.getDefaultConfigurationPropertyDict(self)
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getConfigurationPropertyListDict')
def getConfigurationPropertyListDict(self):
"""
Returns a dictionary of possible values for specified
@@ -104,6 +108,8 @@ class SolverDecision(ConfigurableMixin, XMLObject):
else:
return solver_type.getConfigurationPropertyListDict(self)
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'searchDeliverySolverList')
def searchDeliverySolverList(self, **kw):
"""
this method returns a list of delivery solvers, as predicates against
@@ -115,6 +121,8 @@ class SolverDecision(ConfigurableMixin, XMLObject):
solver_list = target_solver_type.getDeliverySolverValueList()
return filter(lambda x:x.test(self), solver_list)
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getExplanationMessage')
def getExplanationMessage(self, all=False):
"""
Returns the HTML message that describes the detail of divergences to
diff --git a/product/ERP5/Document/SolverProcess.py b/product/ERP5/Document/SolverProcess.py
index be29b3e7a08681d9f9f635cd28966c314db8c928..05fbf0ca1138367410a42974231df07f16d3e38c 100644
--- a/product/ERP5/Document/SolverProcess.py
+++ b/product/ERP5/Document/SolverProcess.py
@@ -78,6 +78,7 @@ class SolverProcess(XMLObject, ActiveProcess):
)
# Implementation
+ security.declareProtected(Permissions.ModifyPortalContent, 'buildTargetSolverList')
@UnrestrictedMethod
def buildTargetSolverList(self):
"""
@@ -176,6 +177,7 @@ class SolverProcess(XMLObject, ActiveProcess):
# ISolver implementation
# Solver Process Workflow Interface
# NOTE: how can we consider that a workflow defines or provides an interface ?
+ security.declareProtected(Permissions.ModifyPortalContent, 'solve')
def solve(self, activate_kw=None):
"""
Start solving
@@ -200,6 +202,8 @@ class SolverProcess(XMLObject, ActiveProcess):
activate_kw=activate_kw)
# API
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'isSolverDecisionListConsistent')
def isSolverDecisionListConsistent(self):
"""
Returns True is the Solver Process decisions do not
@@ -208,6 +212,8 @@ class SolverProcess(XMLObject, ActiveProcess):
this helps reducing CPU time.
"""
+ security.declareProtected(Permissions.ModifyPortalContent,
+ 'buildSolverDecisionList')
def buildSolverDecisionList(self, delivery_or_movement=None):
"""
Build (or rebuild) the solver decisions in the solver process
diff --git a/product/ERP5/Document/SolverTypeInformation.py b/product/ERP5/Document/SolverTypeInformation.py
index 99835e3ec03cd43a6bbd5c702249a00c1c9f32af..ac5bfffcba760bd9a0146d8625c889f6d8da9dde 100644
--- a/product/ERP5/Document/SolverTypeInformation.py
+++ b/product/ERP5/Document/SolverTypeInformation.py
@@ -51,6 +51,8 @@ class SolverTypeInformation(Predicate, ERP5TypeInformation):
, PropertySheet.Configurable
)
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getSolverConflictMessageList')
def getSolverConflictMessageList(self, movement, configuration_mapping, solver_dict, movement_dict):
"""
Returns the list of conflictings messgaes if the solver and configuration_mapping
@@ -89,6 +91,8 @@ class SolverTypeInformation(Predicate, ERP5TypeInformation):
# Return emtpty message list
return ()
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getSolverProcessGroupingKey')
def getSolverProcessGroupingKey(self, movement, configuration_mapping, solver_dict, movement_dict):
"""
Returns a key which can be used to group solvers during the
@@ -140,6 +144,8 @@ class SolverTypeInformation(Predicate, ERP5TypeInformation):
return movement.getRelativeUrl()
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getDefaultConfigurationPropertyDict')
def getDefaultConfigurationPropertyDict(self, configurable):
"""
Returns a dictionary of default properties for specified
@@ -155,6 +161,8 @@ class SolverTypeInformation(Predicate, ERP5TypeInformation):
else:
return {}
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getDefaultConfigurationProperty')
def getDefaultConfigurationProperty(self, property, configurable):
"""
Returns the default value for a given property
@@ -167,6 +175,8 @@ class SolverTypeInformation(Predicate, ERP5TypeInformation):
"""
return self.getDefaultConfigurationPropertyDict().get(property, None)
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getConfigurationPropertyListDict')
def getConfigurationPropertyListDict(self, configurable):
"""
Returns a dictionary of possible values for specified
@@ -182,6 +192,8 @@ class SolverTypeInformation(Predicate, ERP5TypeInformation):
else:
return {}
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getConfigurationPropertyList')
def getConfigurationPropertyList(self, property, configurable):
"""
Returns a list of possible values for a given property
diff --git a/product/ERP5/Document/TradeCondition.py b/product/ERP5/Document/TradeCondition.py
index 67e6cccb97e5c3ee8cbe387d9a26bbd306cc3446..e04bae592e3d3310efd4913be9ed049f80a3b363 100644
--- a/product/ERP5/Document/TradeCondition.py
+++ b/product/ERP5/Document/TradeCondition.py
@@ -104,6 +104,8 @@ class TradeCondition(MappedValue, AmountGeneratorMixin, VariatedMixin):
return [x for x in context._findEffectiveSpecialiseValueList()
if x.getPortalType() in portal_type_set]
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getAggregatedAmountList')
def getAggregatedAmountList(self, *args, **kw):
"""
"""
diff --git a/product/ERP5/Document/TradeModelCell.py b/product/ERP5/Document/TradeModelCell.py
index 8becb978fc027df86a8891b4472734e01e64a3df..12516c4e24c819fc23c5c76cc3a0228c2e0bd331 100644
--- a/product/ERP5/Document/TradeModelCell.py
+++ b/product/ERP5/Document/TradeModelCell.py
@@ -68,6 +68,8 @@ class TradeModelCell(TradeModelLine):
"""
return 0
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getQuantity')
def getQuantity(self):
"""Overridden getter to return None instead 0 if undefined"""
return self._baseGetQuantity(None)
diff --git a/product/ERP5/Document/TransformedResource.py b/product/ERP5/Document/TransformedResource.py
index a47ce757c549ae82749836d1f8ac7a4a4f471946..927bc21f7683a5497a6b75fbfeb8e265c9eed95a 100644
--- a/product/ERP5/Document/TransformedResource.py
+++ b/product/ERP5/Document/TransformedResource.py
@@ -101,11 +101,15 @@ class TransformedResource(AmountGeneratorLine):
value += delivery_amount.getConvertedQuantity()
return value
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getBaseApplication')
def getBaseApplication(self):
"""
"""
return self.getBaseApplicationList()[0]
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getBaseApplicationList')
def getBaseApplicationList(self):
"""
"""
diff --git a/product/ERP5/Document/Url.py b/product/ERP5/Document/Url.py
index 31df51ba72bec15d4d4b413d747fbc07d5b18ac5..62101e5798c68d081774a7e9ef13289f5ff9375d 100644
--- a/product/ERP5/Document/Url.py
+++ b/product/ERP5/Document/Url.py
@@ -90,6 +90,8 @@ class Url(Coordinate, UrlMixin):
return ("http://www.erp5.org", "mailto:info@erp5.org")
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getUrlString')
def getUrlString(self, default=_marker):
"""Fallback on coordinate_text
"""
diff --git a/product/ERP5/Document/VariationEquivalenceTester.py b/product/ERP5/Document/VariationEquivalenceTester.py
index 11e70a89ec33cbd4d014e18797f5bf652ab2c646..1538191ae3efaf9e561ad784df031ee524f6788d 100644
--- a/product/ERP5/Document/VariationEquivalenceTester.py
+++ b/product/ERP5/Document/VariationEquivalenceTester.py
@@ -85,6 +85,8 @@ class VariationEquivalenceTester(Predicate, EquivalenceTesterMixin):
dict(property_name=tested_property))
return None
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'generateHashKey')
def generateHashKey(self, movement):
"""
Returns a hash key which can be used to optimise the
@@ -106,6 +108,8 @@ class VariationEquivalenceTester(Predicate, EquivalenceTesterMixin):
tested_property))
return 'variation/%r' % (value_list)
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getUpdatablePropertyDict')
def getUpdatablePropertyDict(self, prevision_movement, decision_movement):
"""
Returns a list of properties to update on decision_movement
diff --git a/product/ERP5/Tool/CategoryTool.py b/product/ERP5/Tool/CategoryTool.py
index 341a411a30275b091b8d037378e7ad4fb6572470..2b79f168ffce302e319f0130dc50cd9252431167 100644
--- a/product/ERP5/Tool/CategoryTool.py
+++ b/product/ERP5/Tool/CategoryTool.py
@@ -85,6 +85,7 @@ class CategoryTool(CopyContainer, CMFCategoryTool, BaseTool):
def hasContent(self,id):
return id in self.objectIds()
+ security.declareProtected(Permissions.AccessContentsInformation, 'getBaseCategoryDict')
@caching_instance_method(
id='portal_categories.getBaseCategoryDict',
cache_factory='erp5_content_long',
diff --git a/product/ERP5/Tool/DomainTool.py b/product/ERP5/Tool/DomainTool.py
index f024f34663ecbaaf986de30bacf6fdd615f0ae31..7190a798fcd8990f44e37c654c2d153e354e7a40 100644
--- a/product/ERP5/Tool/DomainTool.py
+++ b/product/ERP5/Tool/DomainTool.py
@@ -359,6 +359,8 @@ class DomainTool(BaseTool):
return mapped_value
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getChildDomainValueList')
def getChildDomainValueList(self, parent, **kw):
"""
Return child domain objects already present adn thois generetaded dynamically
@@ -370,6 +372,8 @@ class DomainTool(BaseTool):
return object_list
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getDomainByPath')
def getDomainByPath(self, path, default=_MARKER):
"""
Return the domain object for a given path
diff --git a/product/ERP5/Tool/IdTool.py b/product/ERP5/Tool/IdTool.py
index af2499a4dd7fc68b76a97f9fe2e2f03ef01221d9..53e6368e300e4a2beab54a0c862b637caadedfa1 100644
--- a/product/ERP5/Tool/IdTool.py
+++ b/product/ERP5/Tool/IdTool.py
@@ -279,6 +279,8 @@ class IdTool(BaseTool):
## XXX Old API deprecated
#backward compatibility
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'generateNewLengthIdList')
generateNewLengthIdList = generateNewIdList
security.declareProtected(Permissions.AccessContentsInformation,
diff --git a/product/ERP5/Tool/LogMixin.py b/product/ERP5/Tool/LogMixin.py
index 36b8cb589df8f894e0416be5fb27df320bff8715..c627c1b317c29e4a1182d5596f99eae0c8b5b2ed 100644
--- a/product/ERP5/Tool/LogMixin.py
+++ b/product/ERP5/Tool/LogMixin.py
@@ -28,6 +28,7 @@
##############################################################################
from AccessControl import ClassSecurityInfo
+from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type import Permissions
# XXX This Mixin is not finished yet. Added as a reference for the
@@ -86,3 +87,5 @@ class LogMixin:
"""
method = self.getTypeBasedMethod('parseLogLine')
return method(log_name, log_line)
+
+InitializeClass(LogMixin)
diff --git a/product/ERP5/Tool/PasswordTool.py b/product/ERP5/Tool/PasswordTool.py
index fd7fd4194d214312d8cb4a0ee97362aa97a406db..4c0d8066cd83af22b37983240a837c988344d5d9 100644
--- a/product/ERP5/Tool/PasswordTool.py
+++ b/product/ERP5/Tool/PasswordTool.py
@@ -110,7 +110,7 @@ class PasswordTool(BaseTool):
def getExpirationDateForKey(self, key=None):
return self._password_request_dict[key][1]
-
+ security.declarePublic('mailPasswordResetRequest')
def mailPasswordResetRequest(self, user_login=None, REQUEST=None,
notification_message=None, sender=None,
store_as_event=False,
@@ -227,33 +227,7 @@ class PasswordTool(BaseTool):
data = ' '.join((str(t), str(r), str(a), str(args)))
return md5(data).hexdigest()
- def resetPassword(self, reset_key=None, REQUEST=None):
- """
- """
- # XXX-Aurel : is it used ?
- if REQUEST is None:
- REQUEST = get_request()
- user_login, expiration_date = self._password_request_dict.get(reset_key, (None, None))
- site_url = self.getPortalObject().absolute_url()
- if REQUEST and 'came_from' in REQUEST:
- site_url = REQUEST.came_from
- if reset_key is None or user_login is None:
- ret_url = '%s/login_form' % site_url
- return REQUEST.RESPONSE.redirect( ret_url )
-
- # check date
- current_date = DateTime()
- if current_date > expiration_date:
- msg = translateString("Date has expire.")
- parameter = urlencode(dict(portal_status_message=msg))
- ret_url = '%s/login_form?%s' % (site_url, parameter)
- return REQUEST.RESPONSE.redirect( ret_url )
-
- # redirect to form as all is ok
- REQUEST.set("password_key", reset_key)
- return self.reset_password_form(REQUEST=REQUEST)
-
-
+ security.declareProtected(Permissions.ModifyPortalContent, 'removeExpiredRequests')
def removeExpiredRequests(self):
"""
Browse dict and remove expired request
@@ -264,6 +238,7 @@ class PasswordTool(BaseTool):
if date < current_date:
del password_request_dict[key]
+ security.declarePublic('changeUserPassword')
def changeUserPassword(self, password, password_key, password_confirm=None,
user_login=None, REQUEST=None, **kw):
"""
diff --git a/product/ERP5/Tool/SimulationTool.py b/product/ERP5/Tool/SimulationTool.py
index ea88cd62f242df368368996963b64709b908f055..b80e591642c6185bceb6c5a8e72d0993acfe3656 100644
--- a/product/ERP5/Tool/SimulationTool.py
+++ b/product/ERP5/Tool/SimulationTool.py
@@ -126,18 +126,26 @@ class SimulationTool(BaseTool):
['Manager',])
BaseTool.inheritedAttribute('manage_afterAdd')(self, item, container)
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'solveDelivery')
def solveDelivery(self, delivery, delivery_solver_name, target_solver_name,
additional_parameters=None, **kw):
"""
+ XXX obsoleted API
+
Solves a delivery by calling first DeliverySolver, then TargetSolver
"""
return self._solveMovementOrDelivery(delivery, delivery_solver_name,
target_solver_name, delivery=1,
additional_parameters=additional_parameters, **kw)
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'solveMovement')
def solveMovement(self, movement, delivery_solver_name, target_solver_name,
additional_parameters=None, **kw):
"""
+ XXX obsoleted API
+
Solves a movement by calling first DeliverySolver, then TargetSolver
"""
return self._solveMovementOrDelivery(movement, delivery_solver_name,
@@ -1396,6 +1404,8 @@ class SimulationTool(BaseTool):
result = delta_result
return result
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getInventoryCacheLag')
def getInventoryCacheLag(self):
"""
Returns a duration, in days, for stock cache management.
diff --git a/product/ERP5/Tool/SolverProcessTool.py b/product/ERP5/Tool/SolverProcessTool.py
index d9b4f865c32309f10663ebe2d2d43c0cb5705877..dfdfc688338fc4e723ff0ea0c4a8a7e591ba2bd4 100644
--- a/product/ERP5/Tool/SolverProcessTool.py
+++ b/product/ERP5/Tool/SolverProcessTool.py
@@ -30,6 +30,7 @@
import zope.interface
from AccessControl import ClassSecurityInfo
+from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type import Permissions, interfaces
from Products.ERP5Type.Globals import DTMLFile
from Products.ERP5Type.Tool.BaseTool import BaseTool
@@ -58,6 +59,8 @@ class SolverProcessTool(BaseTool):
manage_overview = DTMLFile( 'explainSolverTool', _dtmldir )
# IDivergenceController implementation
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'isDivergent')
def isDivergent(self, delivery_or_movement=None):
"""
Returns True if any of the movements provided
@@ -73,6 +76,8 @@ class SolverProcessTool(BaseTool):
return True
return False
+ security.declareProtected(Permissions.AddPortalContent,
+ 'newSolverProcess')
@UnrestrictedMethod
def newSolverProcess(self, delivery_or_movement=None, temp_object=False):
"""
@@ -107,3 +112,5 @@ class SolverProcessTool(BaseTool):
delivery.setSolverValueList(solver_list)
return new_solver
+
+InitializeClass(SolverProcessTool)
diff --git a/product/ERP5/Tool/SolverTool.py b/product/ERP5/Tool/SolverTool.py
index 707fd4d54b8e830aecba0d895c2e37be7e30c353..73c3ded845d34a791b80ffd7e2283e8c1b05ecd4 100644
--- a/product/ERP5/Tool/SolverTool.py
+++ b/product/ERP5/Tool/SolverTool.py
@@ -31,6 +31,7 @@ import zope.interface
import re
from AccessControl import ClassSecurityInfo
+from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type import Permissions, interfaces
from Products.ERP5Type.Tool.TypesTool import TypeProvider
from Products.ERP5 import DeliverySolver
@@ -55,6 +56,8 @@ class SolverTool(TypeProvider):
zope.interface.implements(interfaces.IDeliverySolverFactory,)
# IDeliverySolverFactory implementation
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'newDeliverySolver')
def newDeliverySolver(self, portal_type, movement_list):
"""
Return a new instance of delivery solver of the given
@@ -73,6 +76,8 @@ class SolverTool(TypeProvider):
tmp_solver.setDeliveryValueList(movement_list)
return tmp_solver
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getDeliverySolverTranslatedItemList')
def getDeliverySolverTranslatedItemList(self, portal_type_list=None):
"""
"""
@@ -81,6 +86,8 @@ class SolverTool(TypeProvider):
if portal_type_list is None or x in portal_type_list],
key=lambda x:str(x[0]))
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getSolverProcessValueList')
def getSolverProcessValueList(self, delivery_or_movement=None, validation_state=None):
"""
Returns the list of solver processes which are
@@ -95,6 +102,8 @@ class SolverTool(TypeProvider):
to filter the result
"""
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getSolverDecisionValueList')
def getSolverDecisionValueList(self, delivery_or_movement=None, validation_state=None):
"""
Returns the list of solver decisions which apply
@@ -107,6 +116,8 @@ class SolverTool(TypeProvider):
to filter the result
"""
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getSolverDecisionApplicationValueList')
def getSolverDecisionApplicationValueList(self, movement, divergence_tester=None):
"""
Returns the list of documents at which a given divergence resolution
@@ -190,6 +201,8 @@ class SolverTool(TypeProvider):
application_value_level[property_group.getCollectGroupOrder()] = None
# etc. same
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'searchTargetSolverList')
def searchTargetSolverList(self, divergence_tester,
simulation_movement,
automatic_solver_only=False, **kw):
@@ -203,3 +216,5 @@ class SolverTool(TypeProvider):
x.test(simulation_movement, **kw)]
else:
return [x for x in solver_list if x.test(simulation_movement, **kw)]
+
+InitializeClass(SolverTool)
diff --git a/product/ERP5/Tool/TemplateTool.py b/product/ERP5/Tool/TemplateTool.py
index 8c638e07e8b71eb8138119b2f361dfa20ab2cfa3..0b552d92e9d42cdb55b623a21989fa47db23858b 100644
--- a/product/ERP5/Tool/TemplateTool.py
+++ b/product/ERP5/Tool/TemplateTool.py
@@ -113,6 +113,8 @@ class TemplateTool (BaseTool):
security.declareProtected(Permissions.ManagePortal, 'manage_overview')
manage_overview = DTMLFile('explainTemplateTool', _dtmldir)
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getInstalledBusinessTemplate')
def getInstalledBusinessTemplate(self, title, strict=False, **kw):
"""Returns an installed version of business template of a given title.
@@ -148,6 +150,8 @@ class TemplateTool (BaseTool):
last_time = t
return last_bt
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getInstalledBusinessTemplatesList')
def getInstalledBusinessTemplatesList(self):
"""Deprecated.
"""
@@ -166,16 +170,22 @@ class TemplateTool (BaseTool):
installed_bts.append(bt5)
return installed_bts
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getInstalledBusinessTemplateList')
def getInstalledBusinessTemplateList(self):
"""Get the list of installed business templates.
"""
return self._getInstalledBusinessTemplateList(only_title=0)
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getInstalledBusinessTemplateTitleList')
def getInstalledBusinessTemplateTitleList(self):
"""Get the list of installed business templates.
"""
return self._getInstalledBusinessTemplateList(only_title=1)
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getInstalledBusinessTemplateRevision')
def getInstalledBusinessTemplateRevision(self, title, **kw):
"""
Return the revision of business template installed with the title
@@ -186,6 +196,8 @@ class TemplateTool (BaseTool):
return bt.getRevision()
return None
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getBuiltBusinessTemplateList')
def getBuiltBusinessTemplateList(self):
"""Get the list of built and not installed business templates.
"""
@@ -283,6 +295,7 @@ class TemplateTool (BaseTool):
content_type='application/x-erp5-business-template')
business_template.setPublicationUrl(url)
+ security.declareProtected(Permissions.ManagePortal, 'update')
def update(self, business_template):
"""
Update an existing template from its publication URL.
@@ -371,6 +384,7 @@ class TemplateTool (BaseTool):
bt.build(no_action=True)
return bt
+ security.declareProtected('Import/Export objects', 'importBase64EncodedText')
def importBase64EncodedText(self, file_data=None, id=None, REQUEST=None,
batch_mode=False, **kw):
"""
@@ -380,6 +394,7 @@ class TemplateTool (BaseTool):
return self.importFile(import_file = import_file, id = id, REQUEST = REQUEST,
batch_mode = batch_mode, **kw)
+ security.declareProtected('Import/Export objects', 'importFile')
def importFile(self, import_file=None, id=None, REQUEST=None,
batch_mode=False, **kw):
"""
@@ -421,6 +436,7 @@ class TemplateTool (BaseTool):
elif batch_mode:
return bt
+ security.declareProtected(Permissions.ManagePortal, 'getDiffFilterScriptList')
def getDiffFilterScriptList(self):
"""
Return list of scripts usable to filter diff
@@ -438,12 +454,14 @@ class TemplateTool (BaseTool):
LOG("TemplateTool", WARNING, "Unable to find %r script" % script_id)
return script_list
+ security.declareProtected(Permissions.ManagePortal, 'getFilteredDiffAsHTML')
def getFilteredDiffAsHTML(self, diff):
"""
Return the diff filtered by python scripts into html format
"""
return self.getFilteredDiff(diff).toHTML()
+ security.declareProtected(Permissions.ManagePortal, 'getFilteredDiff')
def getFilteredDiff(self, diff):
"""
Filter the diff using python scripts
@@ -461,6 +479,7 @@ class TemplateTool (BaseTool):
# DiffFile does not provide yet such feature
return diff_file_object
+ security.declareProtected(Permissions.ManagePortal, 'diffObjectAsHTML')
def diffObjectAsHTML(self, REQUEST, **kw):
"""
Convert diff into a HTML format before reply
@@ -469,6 +488,7 @@ class TemplateTool (BaseTool):
"""
return DiffFile(self.diffObject(REQUEST, **kw)).toHTML()
+ security.declareProtected(Permissions.ManagePortal, 'diffObject')
def diffObject(self, REQUEST, **kw):
"""
Make diff between two objects, whose paths are stored in values bt1
@@ -612,6 +632,7 @@ class TemplateTool (BaseTool):
"""
return b64encode(cPickle.dumps((repository, id)))
+ security.declarePublic('compareVersionStrings')
def compareVersionStrings(self, version, comparing_string):
"""
comparing_string is like "<= 0.2" | "operator version"
@@ -755,6 +776,8 @@ class TemplateTool (BaseTool):
raise BusinessTemplateUnknownError, 'The Business Template %s could not be found on repository %s'%(bt[1], bt[0])
return []
+ security.declareProtected(Permissions.ManagePortal,
+ 'findProviderInBTList')
def findProviderInBTList(self, provider_list, bt_list):
"""
Find one provider in provider_list which is present in
@@ -968,6 +991,7 @@ class TemplateTool (BaseTool):
#LOG('getUpdatedRepositoryBusinessTemplateList', 0, 'kw = %r' % (kw,))
return self.getRepositoryBusinessTemplateList(update_only=True, **kw)
+ security.declarePublic('compareVersions')
def compareVersions(self, version1, version2):
"""
Return negative if version1 < version2, 0 if version1 == version2,
diff --git a/product/ERP5/Tool/TestTool.py b/product/ERP5/Tool/TestTool.py
index 50fb24038557108133148d3f0b9669b7986c250a..8bad486cba2aa178a4079535dfe2cbbe6560b679 100644
--- a/product/ERP5/Tool/TestTool.py
+++ b/product/ERP5/Tool/TestTool.py
@@ -58,6 +58,7 @@ try:
security.declareProtected( Permissions.ManagePortal, 'manage_overview' )
manage_overview = DTMLFile( 'explainTestTool', _dtmldir )
+ security.declarePublic('getZeleniumVersion')
def getZeleniumVersion(self):
"""Returns the version of the zelenium product
"""
diff --git a/product/ERP5/Tool/TrashTool.py b/product/ERP5/Tool/TrashTool.py
index a15a408819aa1743f87574f757a949f94d92cf65..bfdd3cf764e591a3264fe5ccd32e9c7694fe28c9 100644
--- a/product/ERP5/Tool/TrashTool.py
+++ b/product/ERP5/Tool/TrashTool.py
@@ -55,6 +55,7 @@ class TrashTool(BaseTool):
security.declareProtected(Permissions.ManagePortal, 'manage_overview' )
manage_overview = DTMLFile( 'explainTrashTool', _dtmldir )
+ security.declarePrivate('backupObject')
def backupObject(self, trashbin, container_path, object_id, save, **kw):
"""
Backup an object in a trash bin
@@ -159,6 +160,7 @@ class TrashTool(BaseTool):
obj._cleanup()
return subobjects_dict
+ security.declarePrivate('newTrashBin')
def newTrashBin(self, bt_title='trash', bt=None):
"""
Create a new trash bin at upgrade of bt
@@ -191,6 +193,7 @@ class TrashTool(BaseTool):
)
return trashbin
+ security.declareProtected(Permissions.ManagePortal, 'getTrashBinObjectsList')
def getTrashBinObjectsList(self, trashbin):
"""
Return a list of trash objects for a given trash bin
diff --git a/product/ERP5/Tool/UrlRegistryTool.py b/product/ERP5/Tool/UrlRegistryTool.py
index 9b83582a1cede9e72854735842eea9c6859b99cc..5e1aad01823eb65af1fb8d71cf410f91c64ac28a 100644
--- a/product/ERP5/Tool/UrlRegistryTool.py
+++ b/product/ERP5/Tool/UrlRegistryTool.py
@@ -154,6 +154,8 @@ class UrlRegistryTool(BaseTool):
url_list.append(url)
return url_list
+ security.declareProtected(Permissions.ModifyPortalContent,
+ 'updateUrlRegistryTool')
def updateUrlRegistryTool(self):
"""
Fetch all document path, then call in activities
diff --git a/product/ERP5/mixin/amount_generator.py b/product/ERP5/mixin/amount_generator.py
index ce546177246499ca0fe3c9dbea72793cb785b2d8..e96ba948388cd52bc61bba3f92c1200f7dc9b870 100644
--- a/product/ERP5/mixin/amount_generator.py
+++ b/product/ERP5/mixin/amount_generator.py
@@ -30,7 +30,7 @@ from collections import defaultdict, deque
import random
import zope.interface
from AccessControl import ClassSecurityInfo
-from AccessControl.class_init import InitializeClass
+from Products.ERP5Type.Globals import InitializeClass
from Acquisition import aq_base, Implicit
from Products.ERP5.AggregatedAmountList import AggregatedAmountList
from Products.ERP5Type import Permissions, interfaces
diff --git a/product/ERP5/mixin/base_convertable.py b/product/ERP5/mixin/base_convertable.py
index 264905cc419a31d6e14f4c5ea1fd6496be151651..bdfedf92b8bd596ce842835afb1d37480e9ad696 100644
--- a/product/ERP5/mixin/base_convertable.py
+++ b/product/ERP5/mixin/base_convertable.py
@@ -28,7 +28,7 @@
##############################################################################
from Products.CMFCore.utils import getToolByName
from AccessControl import ClassSecurityInfo
-from AccessControl.class_init import InitializeClass
+from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type import Permissions
from OFS.Image import Pdata
from cStringIO import StringIO
diff --git a/product/ERP5/mixin/builder.py b/product/ERP5/mixin/builder.py
index e166b5546780901ec5024055212d8e488725750a..c70b26a052d829b6dd4195d2ccfaed09b85fa18f 100644
--- a/product/ERP5/mixin/builder.py
+++ b/product/ERP5/mixin/builder.py
@@ -28,7 +28,7 @@
##############################################################################
from AccessControl import ClassSecurityInfo
-from AccessControl.class_init import InitializeClass
+from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type import Permissions, PropertySheet
from Products.ERP5Type.XMLObject import XMLObject
from Products.ERP5Type.Core.Predicate import Predicate
@@ -150,6 +150,7 @@ class BuilderMixin(XMLObject, Amount, Predicate):
def getRelatedBusinessLinkValueList(self):
return self.getDeliveryBuilderRelatedValueList(portal_type='Business Link')
+ security.declarePrivate('callBeforeBuildingScript')
def callBeforeBuildingScript(self):
"""
Call a script on the module, for example, to remove some
@@ -284,8 +285,10 @@ class BuilderMixin(XMLObject, Amount, Predicate):
return movement_list
+ security.declarePrivate('searchMovementList')
searchMovementList = UnrestrictedMethod(_searchMovementList)
+ security.declarePrivate('collectMovement')
def collectMovement(self, movement_list):
"""
group movements in the way we want. Thanks to this method, we are able
@@ -366,6 +369,7 @@ class BuilderMixin(XMLObject, Amount, Predicate):
for movement_group_node in movement_group_node_list]
return instance, self._getSortedPropertyDict(property_dict_list)
+ security.declarePrivate('buildDeliveryList')
@UnrestrictedMethod
def buildDeliveryList(self, movement_group_node,
delivery_relative_url_list=None,
@@ -717,6 +721,7 @@ class BuilderMixin(XMLObject, Amount, Predicate):
# Update properties on object (quantity, price...)
delivery_movement._edit(force_update=1, **property_dict)
+ security.declarePrivate('callAfterBuildingScript')
@UnrestrictedMethod
def callAfterBuildingScript(self, delivery_list, movement_list=(), **kw):
"""
diff --git a/product/ERP5/mixin/cached_convertable.py b/product/ERP5/mixin/cached_convertable.py
index efb5ea7a115f9bc5725b18d570d4280efb509c22..db41511b380fff96a38e8a72e86519a9eb05850b 100644
--- a/product/ERP5/mixin/cached_convertable.py
+++ b/product/ERP5/mixin/cached_convertable.py
@@ -33,7 +33,7 @@ import string
from Acquisition import aq_base
from AccessControl import ClassSecurityInfo
-from AccessControl.class_init import InitializeClass
+from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type import Permissions
from Products.ERP5Type.TransactionalVariable import getTransactionalVariable
from OFS.Image import Pdata, Image as OFSImage
diff --git a/product/ERP5/mixin/composition.py b/product/ERP5/mixin/composition.py
index 517fc51a56841a1c1617030bf63ea4a4dae410eb..91e58be12f85b6bc38e18a75221a01a6108c719c 100644
--- a/product/ERP5/mixin/composition.py
+++ b/product/ERP5/mixin/composition.py
@@ -28,7 +28,7 @@
##############################################################################
from AccessControl import ClassSecurityInfo
-from AccessControl.class_init import InitializeClass
+from Products.ERP5Type.Globals import InitializeClass
from Acquisition import aq_base
from Products.ERP5Type import Permissions
from Products.ERP5Type.Cache import transactional_cached
diff --git a/product/ERP5/mixin/configurable.py b/product/ERP5/mixin/configurable.py
index c5f609546acba0019c57de79f0a81638e616c9fb..9c031eff58258b66d3274b70738d6cba5c0938a6 100644
--- a/product/ERP5/mixin/configurable.py
+++ b/product/ERP5/mixin/configurable.py
@@ -28,7 +28,7 @@
import zope.interface
from AccessControl import ClassSecurityInfo
-from AccessControl.class_init import InitializeClass
+from Products.ERP5Type.Globals import InitializeClass
from Acquisition import aq_base
from Products.ERP5Type import Permissions, interfaces
from Products.ERP5Type.Globals import PersistentMapping
diff --git a/product/ERP5/mixin/crawlable.py b/product/ERP5/mixin/crawlable.py
index b7d0d02a9fc4c99289a9a93da03545b9636f8d37..9ef7d501b12b36308d71063e37aa8fd89afb8487 100644
--- a/product/ERP5/mixin/crawlable.py
+++ b/product/ERP5/mixin/crawlable.py
@@ -28,7 +28,7 @@
##############################################################################
from AccessControl import ClassSecurityInfo
-from AccessControl.class_init import InitializeClass
+from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type import Permissions
from Products.ERP5Type.Utils import normaliseUrl
from Products.ERP5Type.DateUtils import convertDateToHour,\
diff --git a/product/ERP5/mixin/discoverable.py b/product/ERP5/mixin/discoverable.py
index 0f7e4f082f21ac33ba932b828d606b14ddad1aa3..a25c760e340055c458a9508e252c174a08be2b59 100644
--- a/product/ERP5/mixin/discoverable.py
+++ b/product/ERP5/mixin/discoverable.py
@@ -28,7 +28,7 @@
##############################################################################
from AccessControl import ClassSecurityInfo, getSecurityManager
-from AccessControl.class_init import InitializeClass
+from Products.ERP5Type.Globals import InitializeClass
from ZODB.POSException import ConflictError
from Products.ERP5Type import Permissions
from Products.ERP5Type.Utils import convertToUpperCase
diff --git a/product/ERP5/mixin/document.py b/product/ERP5/mixin/document.py
index 297bd05ddebbe0635fc522c1bba953aa9c14e0ee..10089bb237d8eefd41671f8a96f0339333b410ee 100644
--- a/product/ERP5/mixin/document.py
+++ b/product/ERP5/mixin/document.py
@@ -28,7 +28,7 @@
##############################################################################
from Products.CMFCore.utils import getToolByName
from AccessControl import ClassSecurityInfo, Unauthorized
-from AccessControl.class_init import InitializeClass
+from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type import Permissions
from OFS.Image import Pdata
from cStringIO import StringIO
@@ -85,7 +85,8 @@ class DocumentMixin:
if LOCK_PERMISSION_KEY in transaction_variable:
del transaction_variable[LOCK_PERMISSION_KEY]
return result
-
+
+ security.declareProtected(Permissions.AccessContentsInformation, 'getFailsafeConversion')
def getFailsafeConversion(self, **kw):
"""
Return a failure resistent conversion of a document
diff --git a/product/ERP5/mixin/document_proxy.py b/product/ERP5/mixin/document_proxy.py
index e529a4d7ff1b5655058c1d2a08912ab6afa0a452..2ec1eb45172869df7b80cef193c6c403e112ae7f 100644
--- a/product/ERP5/mixin/document_proxy.py
+++ b/product/ERP5/mixin/document_proxy.py
@@ -28,7 +28,7 @@
##############################################################################
from AccessControl import ClassSecurityInfo
-from AccessControl.class_init import InitializeClass
+from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type import Permissions
from warnings import warn
@@ -59,7 +59,7 @@ class DocumentProxyMixin:
return self.getProxiedDocumentValue()
security.declareProtected(Permissions.AccessContentsInformation,
- 'getProxiedDocument' )
+ 'getProxiedDocumentValue')
def getProxiedDocumentValue(self):
"""
Try to retrieve the original document
diff --git a/product/ERP5/mixin/downloadable.py b/product/ERP5/mixin/downloadable.py
index a4d6038ed9a9ae49be4e2ac6d7e1d8568a26b357..0a8b0e184ebadb88d8ff731f82d459ff413c58fb 100644
--- a/product/ERP5/mixin/downloadable.py
+++ b/product/ERP5/mixin/downloadable.py
@@ -27,7 +27,7 @@
#
##############################################################################
from AccessControl import ClassSecurityInfo, Unauthorized
-from AccessControl.class_init import InitializeClass
+from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type import Permissions
from Products.ERP5Type.Utils import fill_args_from_request
from Products.CMFCore.utils import getToolByName, _checkConditionalGET, _setCacheHeaders,\
diff --git a/product/ERP5/mixin/encrypted_password.py b/product/ERP5/mixin/encrypted_password.py
index 9a8754c6a4d4cfeb42905d584e454da857045fd5..dd4821f80bc6fbefd59f629bbb59e35a422123f9 100644
--- a/product/ERP5/mixin/encrypted_password.py
+++ b/product/ERP5/mixin/encrypted_password.py
@@ -31,7 +31,7 @@
import zope.interface
from AccessControl import ClassSecurityInfo
from AccessControl.AuthEncoding import pw_encrypt, pw_validate
-from AccessControl.class_init import InitializeClass
+from Products.ERP5Type.Globals import InitializeClass
from Acquisition import aq_base
from Products.ERP5Type import Permissions, interfaces
from Products.ERP5Type.Globals import PersistentMapping
@@ -55,6 +55,7 @@ class EncryptedPasswordMixin:
return pw_validate(self.getPassword(), value)
return False
+ security.declareProtected(Permissions.SetOwnPassword, 'checkPasswordValueAcceptable')
def checkPasswordValueAcceptable(self, value):
"""
Check the password. This method is defined explicitly, because:
diff --git a/product/ERP5/mixin/equivalence_tester.py b/product/ERP5/mixin/equivalence_tester.py
index 911e0ec0d0eeaad7d66272987c8f4aaafc21a6c7..e8c81049af1337d149fc419a14de9ea0654382f1 100644
--- a/product/ERP5/mixin/equivalence_tester.py
+++ b/product/ERP5/mixin/equivalence_tester.py
@@ -28,7 +28,7 @@
import zope.interface
from AccessControl import ClassSecurityInfo
-from AccessControl.class_init import InitializeClass
+from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type import Permissions, interfaces
from Products.ERP5Type.DivergenceMessage import DivergenceMessage
from Products.ERP5Type.Message import Message
@@ -47,6 +47,7 @@ class EquivalenceTesterMixin:
zope.interface.implements(interfaces.IEquivalenceTester,)
# Implementation of IEquivalenceTester
+ security.declarePrivate('testEquivalence')
def testEquivalence(self, simulation_movement):
"""
Tests if simulation_movement is divergent. Returns False (0)
@@ -59,6 +60,7 @@ class EquivalenceTesterMixin:
"""
return self.explain(simulation_movement) is not None
+ security.declarePrivate('explain')
def explain(self, simulation_movement):
"""
Returns a single message which explain the nature of
@@ -99,6 +101,7 @@ class EquivalenceTesterMixin:
"""
return movement.getProperty(property)
+ security.declarePrivate('generateHashKey')
def generateHashKey(self, movement):
"""
Returns a hash key which can be used to optimise the
@@ -117,6 +120,7 @@ class EquivalenceTesterMixin:
value = self._getTestedPropertyValue(movement, tested_property)
return '%s/%r' % (tested_property, value)
+ security.declarePrivate('compare')
def compare(self, prevision_movement, decision_movement):
"""
Returns True if prevision_movement and delivery_movement
@@ -136,6 +140,7 @@ class EquivalenceTesterMixin:
"""
return (self._compare(prevision_movement, decision_movement) is None)
+ security.declarePrivate('update')
def update(self, prevision_movement, decision_movement):
"""
Updates decision_movement with properties from
@@ -164,6 +169,8 @@ class EquivalenceTesterMixin:
decision_movement.edit(
**self.getUpdatablePropertyDict(prevision_movement, decision_movement))
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getExplanationMessage')
def getExplanationMessage(self, simulation_movement):
"""
Returns the HTML message that describes the detail of the
@@ -201,6 +208,8 @@ class EquivalenceTesterMixin:
"""
raise NotImplementedError
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getUpdatablePropertyDict')
def getUpdatablePropertyDict(self, prevision_movement, decision_movement):
"""
Returns a mapping of properties to update on decision_movement so that next
diff --git a/product/ERP5/mixin/explainable.py b/product/ERP5/mixin/explainable.py
index ecf5abf4f049ea5ea9b7c717f76838d23df7fbd4..3c26761a62ba2597b8a624f6d79429170ec52eb1 100644
--- a/product/ERP5/mixin/explainable.py
+++ b/product/ERP5/mixin/explainable.py
@@ -28,7 +28,7 @@
import zope.interface
from AccessControl import ClassSecurityInfo
-from AccessControl.class_init import InitializeClass
+from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type import Permissions, interfaces
class ExplainableMixin:
diff --git a/product/ERP5/mixin/extensible_traversable.py b/product/ERP5/mixin/extensible_traversable.py
index 4886ba831d14f22192f529900aae34fa270c24ad..0504330b6dfbd7898e8bfb28287461cdf2e8d5b6 100644
--- a/product/ERP5/mixin/extensible_traversable.py
+++ b/product/ERP5/mixin/extensible_traversable.py
@@ -35,7 +35,7 @@ from Products.ERP5Type.ExtensibleTraversable import ExtensibleTraversableMixIn
from Products.ERP5Type.Cache import getReadOnlyTransactionCache
from AccessControl import ClassSecurityInfo, getSecurityManager
from AccessControl.SecurityManagement import newSecurityManager, setSecurityManager
-from AccessControl.class_init import InitializeClass
+from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type import Permissions
from Products.CMFCore.utils import getToolByName, _checkConditionalGET, _setCacheHeaders, _ViewEmulator
from OFS.Image import File as OFSFile
diff --git a/product/ERP5/mixin/login_account_provider.py b/product/ERP5/mixin/login_account_provider.py
index a52fb574d3160b8ca7cae91aba43fdf07b17afec..709b71019e2a0493d0e8badba8fb1c93b1bbbded 100644
--- a/product/ERP5/mixin/login_account_provider.py
+++ b/product/ERP5/mixin/login_account_provider.py
@@ -30,7 +30,7 @@
from Products.ERP5Type import Permissions
from AccessControl.AuthEncoding import pw_validate
from AccessControl import ClassSecurityInfo
-from AccessControl.class_init import InitializeClass
+from Products.ERP5Type.Globals import InitializeClass
class LoginAccountProviderMixin:
"""
@@ -87,7 +87,8 @@ class LoginAccountProviderMixin:
if not len(result_code_list):
return True
return False
-
+
+ security.declareProtected(Permissions.SetOwnPassword, 'analyzePassword')
def analyzePassword(self, password, **kw):
"""
Analyze password validity.
diff --git a/product/ERP5/mixin/movement_collection_updater.py b/product/ERP5/mixin/movement_collection_updater.py
index d9b3ed36fa9e3e2a20e6ad4d9e082d8c698dac56..47283b080489a15aa5d92e0557ce6af180c72d9a 100644
--- a/product/ERP5/mixin/movement_collection_updater.py
+++ b/product/ERP5/mixin/movement_collection_updater.py
@@ -28,7 +28,7 @@
import zope.interface
from AccessControl import ClassSecurityInfo
-from AccessControl.class_init import InitializeClass
+from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type import Permissions, interfaces
from Products.ERP5.MovementCollectionDiff import (
MovementCollectionDiff, _getPropertyAndCategoryList)
@@ -52,6 +52,8 @@ class MovementCollectionUpdaterMixin:
zope.interface.implements(interfaces.IMovementCollectionUpdater,)
# Implementation of IMovementCollectionUpdater
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getMovementCollectionDiff')
def getMovementCollectionDiff(self, context, rounding=False,
movement_generator=None):
"""
@@ -147,6 +149,8 @@ class MovementCollectionUpdaterMixin:
return movement_collection_diff
+ security.declareProtected(Permissions.ModifyPortalContent,
+ 'updateMovementCollection')
def updateMovementCollection(self, context, rounding=False,
movement_generator=None):
"""
diff --git a/product/ERP5/mixin/periodicity.py b/product/ERP5/mixin/periodicity.py
index 7a08fcf1f34fe1d26b0ac3d9b157bd6e1376570b..c89b72bc40eaf88df2d095342093dd4ba8bff4bd 100644
--- a/product/ERP5/mixin/periodicity.py
+++ b/product/ERP5/mixin/periodicity.py
@@ -29,7 +29,7 @@
from DateTime import DateTime
from AccessControl import ClassSecurityInfo
-from AccessControl.class_init import InitializeClass
+from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type import Permissions
from Products.ERP5Type.Message import Message
@@ -237,7 +237,7 @@ class PeriodicityMixin:
return [(Message(domain='erp5_ui', message=x), x) \
for x in self.getWeekDayList()]
- security.declareProtected(Permissions.AccessContentsInformation, 'getWeekDayItemList')
+ security.declareProtected(Permissions.AccessContentsInformation, 'getMonthItemList')
def getMonthItemList(self):
"""
returns something like [('January', 1), ('February', 2),...]
diff --git a/product/ERP5/mixin/property_recordable.py b/product/ERP5/mixin/property_recordable.py
index 6694d246d54829e35849f5a575849d7abb9e69b5..5cfae5e80947807de05761c917fb128ffab81859 100644
--- a/product/ERP5/mixin/property_recordable.py
+++ b/product/ERP5/mixin/property_recordable.py
@@ -28,7 +28,7 @@
import zope.interface
from AccessControl import ClassSecurityInfo
-from AccessControl.class_init import InitializeClass
+from Products.ERP5Type.Globals import InitializeClass
from Acquisition import aq_base
from Products.ERP5Type import Permissions, interfaces
from Products.ERP5Type.Globals import PersistentMapping
diff --git a/product/ERP5/mixin/rule.py b/product/ERP5/mixin/rule.py
index b8c4e6be1a344c34258f54eb65bd5facc2ca680d..d3d61bf9d5f1ae4754908efa7d3dd2f5515761a4 100644
--- a/product/ERP5/mixin/rule.py
+++ b/product/ERP5/mixin/rule.py
@@ -29,7 +29,7 @@
import transaction
import zope.interface
from AccessControl import ClassSecurityInfo
-from AccessControl.class_init import InitializeClass
+from Products.ERP5Type.Globals import InitializeClass
from Acquisition import aq_base
from Products.ERP5Type import Permissions, interfaces
from Products.ERP5Type.Base import Base
@@ -158,6 +158,8 @@ class RuleMixin(Predicate):
movement_type = 'Simulation Movement'
# Implementation of IRule
+ security.declareProtected(Permissions.ModifyPortalContent,
+ 'constructNewAppliedRule')
def constructNewAppliedRule(self, context, **kw):
"""
Create a new applied rule in the context.
@@ -190,6 +192,8 @@ class RuleMixin(Predicate):
return False
return super(RuleMixin, self).test(*args, **kw)
+ security.declareProtected(Permissions.ModifyPortalContent,
+ 'expand')
def expand(self, applied_rule, expand_policy=None, **kw):
"""
Expand this applied rule to create new documents inside the
@@ -473,6 +477,7 @@ class RuleMixin(Predicate):
new_movement = self._newProfitAndLossMovement(prevision_movement)
movement_collection_diff.addNewMovement(new_movement)
+InitializeClass(RuleMixin)
class SimulableMixin(Base):
security = ClassSecurityInfo()
@@ -553,6 +558,8 @@ class SimulableMixin(Base):
if not movement.aq_inContextOf(applied_rule):
movement.recursiveReindexObject(activate_kw=activate_kw)
+ security.declareProtected( Permissions.AccessContentsInformation,
+ 'getRuleReference')
def getRuleReference(self):
"""Returns an appropriate rule reference
@@ -609,4 +616,4 @@ class SimulableMixin(Base):
o.getParentValue().deleteContent(o.getId())
super(SimulableMixin, self).manage_beforeDelete(item, container)
-InitializeClass(RuleMixin)
+InitializeClass(SimulableMixin)
diff --git a/product/ERP5/mixin/solver.py b/product/ERP5/mixin/solver.py
index 6476d0e24e5e9899457cdc3293097d7902661d46..a9152dcc867617b60530385717384cc6acbb1a8a 100644
--- a/product/ERP5/mixin/solver.py
+++ b/product/ERP5/mixin/solver.py
@@ -29,7 +29,7 @@
import zope.interface
from AccessControl import ClassSecurityInfo
-from AccessControl.class_init import InitializeClass
+from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type import Permissions, PropertySheet, interfaces
from Products.ERP5Type.UnrestrictedMethod import super_user
from Products.ERP5Type.XMLObject import XMLObject
@@ -58,6 +58,8 @@ class SolverMixin(object):
def getPortalTypeValue(self):
return self.getPortalObject().portal_solvers._getOb(self.getPortalType())
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'searchDeliverySolverList')
def searchDeliverySolverList(self, **kw):
"""
this method returns a list of delivery solvers
@@ -70,6 +72,8 @@ class SolverMixin(object):
solver_list = target_solver_type.getDeliverySolverValueList()
return solver_list
+InitializeClass(SolverMixin)
+
class ConfigurablePropertySolverMixin(SolverMixin,
ConfigurableMixin,
XMLObject):
@@ -118,4 +122,4 @@ class ConfigurablePropertySolverMixin(SolverMixin,
tested_property_list = portal_type.getTestedPropertyList()
return tested_property_list
-InitializeClass(SolverMixin)
+InitializeClass(ConfigurablePropertySolverMixin)
diff --git a/product/ERP5/mixin/text_convertable.py b/product/ERP5/mixin/text_convertable.py
index c106f7dc7f23ee81e7828252a3381c73a532a0e7..9205fdb4851350856373a2da3edc0c8c91f9ec63 100644
--- a/product/ERP5/mixin/text_convertable.py
+++ b/product/ERP5/mixin/text_convertable.py
@@ -28,7 +28,7 @@
##############################################################################
from AccessControl import ClassSecurityInfo
-from AccessControl.class_init import InitializeClass
+from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type import Permissions
from warnings import warn
diff --git a/product/ERP5/mixin/timer_service.py b/product/ERP5/mixin/timer_service.py
index 81e19da09ec583dfe28a8cfb40ba99a1dc52717c..b3b8ddc3638fe62785923374397802d6e62223c8 100644
--- a/product/ERP5/mixin/timer_service.py
+++ b/product/ERP5/mixin/timer_service.py
@@ -28,7 +28,7 @@
import warnings
from AccessControl import ClassSecurityInfo
-from AccessControl.class_init import InitializeClass
+from Products.ERP5Type.Globals import InitializeClass
from Products.CMFActivity.ActivityTool import ActivityTool
from Products.ERP5Type import Permissions
try:
diff --git a/product/ERP5/mixin/url.py b/product/ERP5/mixin/url.py
index 6ab2995797c9492573de45bba5a19f6127b2b767..733a909b1f1b8d0be67f80652e1abed903a9401e 100644
--- a/product/ERP5/mixin/url.py
+++ b/product/ERP5/mixin/url.py
@@ -28,7 +28,7 @@
##############################################################################
from AccessControl import ClassSecurityInfo
-from AccessControl.class_init import InitializeClass
+from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type import Permissions
from Products.ERP5Type.Utils import normaliseUrl
@@ -133,6 +133,8 @@ class UrlMixin:
url_string = self.getUrlString()
return '/'.join(url_string.split('/')[1:])
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'asNormalisedURL')
def asNormalisedURL(self, base_url=None):
"""
call normaliseUrl with raw url
diff --git a/product/ERP5/mixin/variated.py b/product/ERP5/mixin/variated.py
index 51361f707c724b5cc372d417f2e921712178ee81..1f5409287ee96bbf04d3b521fcd490a75b10bd6c 100644
--- a/product/ERP5/mixin/variated.py
+++ b/product/ERP5/mixin/variated.py
@@ -29,7 +29,7 @@
from warnings import warn
from AccessControl import ClassSecurityInfo
-from AccessControl.class_init import InitializeClass
+from Products.ERP5Type.Globals import InitializeClass
from Products.CMFCategory.Renderer import Renderer
from Products.ERP5Type import interfaces, Permissions, PropertySheet
import zope.interface
diff --git a/product/ERP5/mixin/virtual_folder.py b/product/ERP5/mixin/virtual_folder.py
index 535237ff23ac8cc76079eb6285d0a390a5115f84..c173f0ba0d0412ba119470b36fa817b893f00506 100644
--- a/product/ERP5/mixin/virtual_folder.py
+++ b/product/ERP5/mixin/virtual_folder.py
@@ -31,7 +31,7 @@
_marker=[]
from AccessControl import ClassSecurityInfo
-from AccessControl.class_init import InitializeClass
+from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type.Core.Folder import Folder
from Products.ERP5Type.TransactionalVariable import getTransactionalVariable
diff --git a/product/ERP5Catalog/CatalogTool.py b/product/ERP5Catalog/CatalogTool.py
index 4c21886a132942c54935a45e9cd775049cf43699..9f8e7f3eea90c5d5b3891b26698839a4a3616a2c 100644
--- a/product/ERP5Catalog/CatalogTool.py
+++ b/product/ERP5Catalog/CatalogTool.py
@@ -314,6 +314,7 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
, 'manage_schema')
manage_schema = DTMLFile('dtml/manageSchema', globals())
+ security.declarePublic('getPreferredSQLCatalogId')
def getPreferredSQLCatalogId(self, id=None):
"""
Get the SQL Catalog from preference.
@@ -366,6 +367,7 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
return result
# Schema Management
+ security.declareProtected(Permissions.ManagePortal, 'editColumn')
def editColumn(self, column_id, sql_definition, method_id, default_value, REQUEST=None, RESPONSE=None):
"""
Modifies a schema column of the catalog
@@ -379,17 +381,20 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
new_schema.append(new_c)
self.setColumnList(new_schema)
+ security.declareProtected(Permissions.ManagePortal, 'setColumnList')
def setColumnList(self, column_list):
"""
"""
self._sql_schema = column_list
+ security.declarePublic('getColumnList')
def getColumnList(self):
"""
"""
if not hasattr(self, '_sql_schema'): self._sql_schema = []
return self._sql_schema
+ security.declarePublic('getColumn')
def getColumn(self, column_id):
"""
"""
@@ -398,6 +403,7 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
return c
return None
+ security.declareProtected(Permissions.ManagePortal, 'editIndex')
def editIndex(self, index_id, sql_definition, REQUEST=None, RESPONSE=None):
"""
Modifies the schema of the catalog
@@ -411,17 +417,20 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
new_index.append(new_c)
self.setIndexList(new_index)
+ security.declareProtected(Permissions.ManagePortal, 'setIndexList')
def setIndexList(self, index_list):
"""
"""
self._sql_index = index_list
+ security.declarePublic('getIndexList')
def getIndexList(self):
"""
"""
if not hasattr(self, '_sql_index'): self._sql_index = []
return self._sql_index
+ security.declarePublic('getIndex')
def getIndex(self, index_id):
"""
"""
@@ -512,6 +521,7 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
return allowedRolesAndUsers, role_column_dict, local_role_column_dict
+ security.declarePublic('getSecurityUidDictAndRoleColumnDict')
def getSecurityUidDictAndRoleColumnDict(self, sql_catalog_id=None, local_roles=None):
"""
Return a dict of local_roles_group_id -> security Uids and a
diff --git a/product/ERP5Form/Document/Preference.py b/product/ERP5Form/Document/Preference.py
index d9c54ba23fba5bf614cd43bc4b869d8ff123b8ff..41008736cec43afa680f212a07118de598dc9902 100644
--- a/product/ERP5Form/Document/Preference.py
+++ b/product/ERP5Form/Document/Preference.py
@@ -86,10 +86,12 @@ class Preference( Folder ):
self._clearCache()
Folder._edit(self, **kw)
+ security.declareProtected(Permissions.ModifyPortalContent, 'enable')
def enable(self, **kw):
"""Workflow method"""
self._clearCache()
+ security.declareProtected(Permissions.ModifyPortalContent, 'disable')
def disable(self, **kw):
"""Workflow method"""
self._clearCache()
diff --git a/product/ERP5Form/Form.py b/product/ERP5Form/Form.py
index 0c43c6345c4da9530411aa324d32751ad10601fa..0315788086b860bd6a406c54d09127cee79f53d1 100644
--- a/product/ERP5Form/Form.py
+++ b/product/ERP5Form/Form.py
@@ -710,6 +710,7 @@ class ERP5Form(Base, ZMIForm, ZopePageTemplate):
return ret
# Utilities
+ security.declareProtected('View', 'ErrorFields')
def ErrorFields(self, validation_errors):
"""
Create a dictionnary of validation_errors
@@ -788,6 +789,7 @@ class ERP5Form(Base, ZMIForm, ZopePageTemplate):
manage_FTPput = PUT
+ security.declarePrivate('getSimilarSkinFolderIdList')
def getSimilarSkinFolderIdList(self):
"""
Find other skins id installed in the same time
diff --git a/product/ERP5Form/ProxyField.py b/product/ERP5Form/ProxyField.py
index 970ebb25acbe14e7f87e99673be4137cd2d57357..811a01fe9c89f74ae53c09bdccf123eca2e0886e 100644
--- a/product/ERP5Form/ProxyField.py
+++ b/product/ERP5Form/ProxyField.py
@@ -412,6 +412,7 @@ class ProxyField(ZMIField):
"""
return self.getTemplateField().get_error_names()
+ security.declareProtected('Access contents information', 'getTemplateField')
def getTemplateField(self, cache=True):
"""
Return template field of the proxy field.
@@ -478,6 +479,7 @@ class ProxyField(ZMIField):
self._setTemplateFieldCache(proxy_field)
return proxy_field
+ security.declareProtected('Access contents information', 'getRecursiveTemplateField')
def getRecursiveTemplateField(self):
"""
Return template field of the proxy field.
@@ -639,6 +641,7 @@ class ProxyField(ZMIField):
else:
return None
+ security.declareProtected('Access contents information', 'getFieldValue')
def getFieldValue(self, field, id, **kw):
"""
Return a callable expression and cacheable boolean flag
diff --git a/product/ERP5Form/Tool/SelectionTool.py b/product/ERP5Form/Tool/SelectionTool.py
index 14795fb8c7059143a3bc78516604c821678f8e09..30895ce8fb04fa6ca17c6a166f6b21b0c2ce6d34 100644
--- a/product/ERP5Form/Tool/SelectionTool.py
+++ b/product/ERP5Form/Tool/SelectionTool.py
@@ -1197,6 +1197,7 @@ class SelectionTool( BaseTool, SimpleItem ):
return md5(str(sorted(map(str, uid_list)))).hexdigest()
# Related document searching
+ security.declarePublic('viewSearchRelatedDocumentDialog')
def viewSearchRelatedDocumentDialog(self, index, form_id,
REQUEST=None, sub_index=None, **kw):
"""
@@ -1433,6 +1434,7 @@ class SelectionTool( BaseTool, SimpleItem ):
tv['_user_id'] = user_id
return user_id
+ security.declarePrivate('getTemporarySelectionDict')
def getTemporarySelectionDict(self):
""" Temporary selections are used in push/pop nested scope,
to prevent from editting for stored selection in the scope.
@@ -1794,7 +1796,7 @@ for x in SelectionTool.__dict__:
if x in method_id_filter_list:
continue
roles = getattr(SelectionTool, '%s__roles__' % x, None)
- if roles is None:
+ if roles is None or roles == ():
continue
if roles.__name__ == ERP5Permissions.ManagePortal:
continue
diff --git a/product/ERP5OOo/tests/testDms.py b/product/ERP5OOo/tests/testDms.py
index 1c99b49ef6797fe21e02d0051f18b97180dfc515..9b5909b760d52f7c5a55d4e9d60ca533c208bd25 100644
--- a/product/ERP5OOo/tests/testDms.py
+++ b/product/ERP5OOo/tests/testDms.py
@@ -2495,6 +2495,7 @@ return 1
kw['portal_type'] = "Spreadsheet"
new_document = self.portal.Base_contribute(**kw)
self.assertEqual(new_document.getValidationState(), 'draft')
+ self.tic()
# make it read only
document.manage_permission(Permissions.ModifyPortalContent, [])
diff --git a/product/ERP5Security/ERP5GroupManager.py b/product/ERP5Security/ERP5GroupManager.py
index 5ceee8c620e42c51198c56ceac38a368e03d6d11..a36fe39ae44ac2d84d1517a16e014fc4a164f791 100644
--- a/product/ERP5Security/ERP5GroupManager.py
+++ b/product/ERP5Security/ERP5GroupManager.py
@@ -78,6 +78,7 @@ class ERP5GroupManager(BasePlugin):
#
# IGroupsPlugin implementation
#
+ security.declarePrivate('getGroupsForPrincipal')
def getGroupsForPrincipal(self, principal, request=None):
""" See IGroupsPlugin.
"""
diff --git a/product/ERP5Security/ERP5UserFactory.py b/product/ERP5Security/ERP5UserFactory.py
index 54ea427434c2f8372b19f6b90997f5b8dec5a186..93fddaf6bce2a50cc28f7dcf947a23a4449a1aa4 100644
--- a/product/ERP5Security/ERP5UserFactory.py
+++ b/product/ERP5Security/ERP5UserFactory.py
@@ -209,6 +209,7 @@ class ERP5UserFactory(BasePlugin):
self._id = self.id = id
self.title = title
+ security.declarePrivate('createUser')
def createUser( self, user_id, name ):
""" See IUserFactoryPlugin
"""
diff --git a/product/ERP5Type/Base.py b/product/ERP5Type/Base.py
index badeda80d4919fe5f2367b84ebc6366098a61a67..898ddd1bac91971348e57ae496dce3b6021b88c9 100644
--- a/product/ERP5Type/Base.py
+++ b/product/ERP5Type/Base.py
@@ -809,12 +809,16 @@ class Base( CopyContainer,
getId = BaseAccessor.Getter('getId', 'id', 'string')
# Debug
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getOid')
def getOid(self):
"""
Return ODB oid
"""
return self._p_oid
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getOidRepr')
def getOidRepr(self):
"""
Return ODB oid, in an 'human' readable form.
@@ -822,10 +826,14 @@ class Base( CopyContainer,
from ZODB.utils import oid_repr
return oid_repr(self._p_oid)
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getSerial')
def getSerial(self):
"""Return ODB Serial."""
return self._p_serial
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getHistorySerial')
def getHistorySerial(self):
"""Return ODB Serial, in the same format used for history keys"""
return '.'.join([str(x) for x in unpack('>HHHH', self._p_serial)])
@@ -1378,6 +1386,8 @@ class Base( CopyContainer,
# Accessors are not workflow methods by default
# Ping provides a dummy method to trigger automatic methods
# XXX : maybe an empty edit is enough (self.edit())
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'ping')
def ping(self):
pass
@@ -1565,6 +1575,8 @@ class Base( CopyContainer,
"""
return self
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getDocumentInstance')
def getDocumentInstance(self):
"""
Returns self
@@ -1584,6 +1596,8 @@ class Base( CopyContainer,
assert mount_point._getMountedConnection(connection) is connection
return mount_point._traverseToMountedRoot(connection.root(), None)
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'asSQLExpression')
def asSQLExpression(self, strict_membership=0, table='category', base_category = None):
"""
Any document can be used as a Category. It can therefore
@@ -3266,6 +3280,8 @@ class Base( CopyContainer,
self._p_changed = 1
# Helpers
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getQuantityPrecisionFromResource')
def getQuantityPrecisionFromResource(self, resource, d=2):
"""
Provides a quick access to precision without accessing the resource
diff --git a/product/ERP5Type/CopySupport.py b/product/ERP5Type/CopySupport.py
index 36c682aa3bc69e603f8cf5673f5cd66024b7d52a..7d0101fc3b4301d1f837e397d2e93fce2695a112 100644
--- a/product/ERP5Type/CopySupport.py
+++ b/product/ERP5Type/CopySupport.py
@@ -383,28 +383,6 @@ class CopyContainer:
group_method_id='portal_catalog/uncatalogObjectList',
serialization_tag=self.getRootDocumentPath()).unindexObject(uid=uid)
- security.declareProtected(Permissions.ModifyPortalContent, 'moveObject')
- def moveObject(self, idxs=None):
- """
- Reindex the object in the portal catalog.
- If idxs is present, only those indexes are reindexed.
- The metadata is always updated.
-
- Also update the modification date of the object,
- unless specific indexes were requested.
-
- Passes is_object_moved to catalog to force
- reindexing without creating new uid
- """
- if idxs is None: idxs = []
- if idxs == []:
- # Update the modification date.
- if getattr(aq_base(self), 'notifyModified', _marker) is not _marker:
- self.notifyModified()
- catalog = getattr(self.getPortalObject(), 'portal_catalog', None)
- if catalog is not None:
- catalog.moveObject(self, idxs=idxs)
-
def _notifyOfCopyTo(self, container, op=0):
"""Overiden to track object cut and pastes, and update related
content accordingly.
diff --git a/product/ERP5Type/Core/ActionInformation.py b/product/ERP5Type/Core/ActionInformation.py
index 8be6e388d395aae5a299705a8ebedc17cde66253..1db697464a613570a9bf8d5acd867ef44ffa5dff 100644
--- a/product/ERP5Type/Core/ActionInformation.py
+++ b/product/ERP5Type/Core/ActionInformation.py
@@ -86,18 +86,21 @@ class ActionInformation(XMLObject):
# XXX Following getAction/getCondition/getIcon are problably not useful
# because properties should already be cleaned up during migration
# or installation from BT.
+ security.declareProtected(AccessContentsInformation, 'getAction')
def getAction(self):
"""Overridden getter for 'action' to clean null values"""
if getattr(aq_base(self), 'action', None) == '':
del self.action
return self._baseGetAction()
+ security.declareProtected(AccessContentsInformation, 'getCondition')
def getCondition(self):
"""Overridden getter for 'condition' to clean null values"""
if getattr(aq_base(self), 'condition', None) == '':
del self.condition
return self._baseGetCondition()
+ security.declareProtected(AccessContentsInformation, 'getIcon')
def getIcon(self):
"""Overridden getter for 'icon' to clean null values"""
if getattr(aq_base(self), 'icon', None) == '':
diff --git a/product/ERP5Type/Core/CacheFactory.py b/product/ERP5Type/Core/CacheFactory.py
index 9f5d540110aa396e578b4e9c39d2320ebff4afd3..d05994cf1927a266707336a00cd6863b5aabc130 100644
--- a/product/ERP5Type/Core/CacheFactory.py
+++ b/product/ERP5Type/Core/CacheFactory.py
@@ -61,6 +61,7 @@ class CacheFactory(XMLObject):
, PropertySheet.SortIndex
)
+ security.declareProtected(Permissions.AccessContentsInformation, 'getCacheId')
def getCacheId(self):
"""
Get a common Cache Factory / Cache Bag ID in this
@@ -94,6 +95,7 @@ class CacheFactory(XMLObject):
for cache_plugin in cache_plugin_list:
cache_plugin.set(cache_id, value)
+ security.declareProtected(Permissions.AccessContentsInformation, 'getCachePluginList')
def getCachePluginList(self, allowed_type_list=None):
""" get ordered list of installed cache plugins in ZODB """
if allowed_type_list is None:
diff --git a/product/ERP5Type/Core/Folder.py b/product/ERP5Type/Core/Folder.py
index 8419376141cb81a8dd3c2475c88d6e4d527bcf7f..8dfbaa77e2d51adf5bb1f0439c713da97dc38b4c 100644
--- a/product/ERP5Type/Core/Folder.py
+++ b/product/ERP5Type/Core/Folder.py
@@ -587,13 +587,15 @@ class Folder(CopyContainer, CMFBTreeFolder, CMFHBTreeFolder, Base, FolderMixIn):
""" Create a new content """
# Create data structure if none present
return FolderMixIn.newContent(self, *args, **kw)
-
+
+ security.declareProtected(Permissions.AccessContentsInformation, 'isBTree')
def isBTree(self):
"""
Tell if we are a BTree
"""
return self._folder_handler == BTREE_HANDLER
-
+
+ security.declareProtected(Permissions.AccessContentsInformation, 'isHBTree')
def isHBTree(self):
"""
Tell if we are a HBTree
@@ -1386,6 +1388,28 @@ class Folder(CopyContainer, CMFBTreeFolder, CMFHBTreeFolder, Base, FolderMixIn):
'recursiveImmediateReindexObject', None) is not None:
c.recursiveImmediateReindexObject(**kw)
+ security.declareProtected(Permissions.ModifyPortalContent, 'moveObject')
+ def moveObject(self, idxs=None):
+ """
+ Reindex the object in the portal catalog.
+ If idxs is present, only those indexes are reindexed.
+ The metadata is always updated.
+
+ Also update the modification date of the object,
+ unless specific indexes were requested.
+
+ Passes is_object_moved to catalog to force
+ reindexing without creating new uid
+ """
+ if idxs is None: idxs = []
+ if idxs == []:
+ # Update the modification date.
+ if getattr(aq_base(self), 'notifyModified', _marker) is not _marker:
+ self.notifyModified()
+ catalog = getattr(self.getPortalObject(), 'portal_catalog', None)
+ if catalog is not None:
+ catalog.moveObject(self, idxs=idxs)
+
security.declareProtected( Permissions.ModifyPortalContent,
'recursiveMoveObject' )
def recursiveMoveObject(self):
@@ -1513,46 +1537,6 @@ class Folder(CopyContainer, CMFBTreeFolder, CMFHBTreeFolder, Base, FolderMixIn):
strict_membership=strict_membership))
return "( %s )" % result
-
- def mergeContent(self,from_object=None,to_object=None, delete=1,**kw):
- """
- This method will merge two objects.
-
- When we have to different objects wich represent the same content, we
- may want to merge them. In this case, we want to be sure to report
-
- """
- if from_object is None or to_object is None:
- return
-
- from_object_related_object_list = self.portal_categories\
- .getRelatedValueList(from_object)
- to_object_url = to_object.getRelativeUrl()
- from_object_url = from_object.getRelativeUrl()
- corrected_list = []
- for object in from_object_related_object_list:
- #LOG('Folder.mergeContent, working on object:',0,object)
- new_category_list = []
- found = 0
- for category in object.getCategoryList(): # so ('destination/person/1',...)
- #LOG('Folder.mergeContent, working on category:',0,category)
- linked_object_url = '/'.join(category.split('/')[1:])
- if linked_object_url == from_object_url:
- base_category = category.split('/')[0]
- found = 1
- new_category_list.append(base_category + '/' + to_object_url)
- else:
- new_category_list.append(category)
- if found:
- corrected_list.append(object)
- object.setCategoryList(new_category_list)
- object.immediateReindexObject()
- if delete:
- if len(from_object.portal_categories.getRelatedValueList(from_object))==0:
- parent = from_object.getParentValue()
- parent.manage_delObjects(from_object.getId())
- return corrected_list
-
security.declareProtected( Permissions.AccessContentsInformation,
'objectValues' )
def objectValues(self, spec=None, meta_type=None, portal_type=None,
diff --git a/product/ERP5Type/Core/Predicate.py b/product/ERP5Type/Core/Predicate.py
index d0b508cdbbe8f154770a0f65e2e0e0494f695579..fbb96bc44bfa3a59aa836dfe9ea6b42626d2f81d 100644
--- a/product/ERP5Type/Core/Predicate.py
+++ b/product/ERP5Type/Core/Predicate.py
@@ -355,12 +355,14 @@ class Predicate(XMLObject):
security.declareProtected( Permissions.AccessContentsInformation, 'asSqlJoinExpression' )
asSqlJoinExpression = asSQLJoinExpression
+ security.declareProtected(Permissions.AccessContentsInformation, 'searchResults')
def searchResults(self, **kw):
"""
"""
portal_catalog = getToolByName(self, 'portal_catalog')
return portal_catalog.searchResults(build_sql_query_method=self.buildSQLQuery,**kw)
+ security.declareProtected(Permissions.AccessContentsInformation, 'countResults')
def countResults(self, REQUEST=None, used=None, **kw):
"""
"""
@@ -600,6 +602,7 @@ class Predicate(XMLObject):
def _asPredicate(self):
return self
+ security.declareProtected(Permissions.AccessContentsInformation, 'searchPredicate')
def searchPredicate(self, **kw):
"""
Returns a list of documents matching the predicate
diff --git a/product/ERP5Type/Core/RoleInformation.py b/product/ERP5Type/Core/RoleInformation.py
index 32566c06e84a00a80376059b10b0dbd493f26f52..7198c20367a0e9eb3d6e331fcf1ea872ed0848f0 100644
--- a/product/ERP5Type/Core/RoleInformation.py
+++ b/product/ERP5Type/Core/RoleInformation.py
@@ -76,6 +76,7 @@ class RoleInformation(XMLObject):
value = value and Expression(value) or None
self._baseSetCondition(value)
+ security.declareProtected(AccessContentsInformation, 'getCondition')
def getCondition(self):
"""Overridden getter for 'condition' to clean null values"""
if getattr(aq_base(self), 'condition', None) == '':
diff --git a/product/ERP5Type/Core/StandardProperty.py b/product/ERP5Type/Core/StandardProperty.py
index e39485589317ba00b9ed915b9d22a761734f2281..ab544e54076873bb1234ffa152d15fa4a252b9b7 100644
--- a/product/ERP5Type/Core/StandardProperty.py
+++ b/product/ERP5Type/Core/StandardProperty.py
@@ -86,6 +86,8 @@ class StandardProperty(IdAsReferenceMixin('_property'), XMLObject):
getDescription = Base.Getter('getDescription', 'description', 'string',
default='')
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getElementaryType')
def getElementaryType(self):
"""
Define this getter manually as it is not possible to rely on
diff --git a/product/ERP5Type/ERP5Type.py b/product/ERP5Type/ERP5Type.py
index 765d8a8dd2fd33a31e5bf55385dd2d73ed9e1796..ed001faa19d9a0d5860757aaa7bb8b2ea781123c 100644
--- a/product/ERP5Type/ERP5Type.py
+++ b/product/ERP5Type/ERP5Type.py
@@ -75,7 +75,7 @@ class LocalRoleAssignorMixIn(object):
zope.interface.implements(interfaces.ILocalRoleAssignor)
- security.declarePrivate('updateLocalRolesOnObject')
+ security.declarePrivate('updateLocalRolesOnDocument')
@UnrestrictedMethod
def updateLocalRolesOnDocument(self, ob, user_name=None, reindex=True, activate_kw=()):
"""
@@ -209,6 +209,8 @@ class LocalRoleAssignorMixIn(object):
role.uid = None
return self[self._setObject(role.id, role, set_owner=0)]
+InitializeClass(LocalRoleAssignorMixIn)
+
class ERP5TypeInformation(XMLObject,
FactoryTypeInformation,
LocalRoleAssignorMixIn,
diff --git a/product/ERP5Type/Tool/CacheTool.py b/product/ERP5Type/Tool/CacheTool.py
index 78f1ff08fc60ff16d00a132c9ab3a29948d8f619..74ea0af91295529e5ad14815ba45f329b2ec2441 100644
--- a/product/ERP5Type/Tool/CacheTool.py
+++ b/product/ERP5Type/Tool/CacheTool.py
@@ -199,6 +199,7 @@ class CacheTool(BaseTool):
if REQUEST is not None:
self.REQUEST.RESPONSE.redirect('cache_tool_configure?manage_tabs_message=Cache factory scope %s cleared.' %cache_factory_id)
+ security.declareProtected(Permissions.AccessContentsInformation, 'getCacheTotalMemorySize')
def getCacheTotalMemorySize(self, REQUEST=None):
""" Calculate total size of memory used for cache.
diff --git a/product/ERP5Type/Tool/SessionTool.py b/product/ERP5Type/Tool/SessionTool.py
index 11e00fafaeabcad03e766c32a0bfabaa0ceb2f95..7eca6065a9244bae6cccb84641027dc4f179fc15 100644
--- a/product/ERP5Type/Tool/SessionTool.py
+++ b/product/ERP5Type/Tool/SessionTool.py
@@ -191,6 +191,7 @@ class SessionTool(BaseTool):
session._updatecontext(self)
return session
+ security.declarePrivate('getSession')
def getSession(self, session_id, session_duration=None):
""" Return session object. """
storage_plugin = self._getStoragePlugin()
@@ -216,6 +217,7 @@ class SessionTool(BaseTool):
session = session.getValue()
return session
+ security.declarePublic('newContent')
def newContent(self, id, **kw):
""" Create new session object. """
session = self.getSession(id)
diff --git a/product/ERP5Type/Tool/WebServiceTool.py b/product/ERP5Type/Tool/WebServiceTool.py
index 8b39de9874080b602dc907ef0ccdfb47aaf79b3b..9b00ae97118a8d9f3a1e48fef0901b862ad0388d 100644
--- a/product/ERP5Type/Tool/WebServiceTool.py
+++ b/product/ERP5Type/Tool/WebServiceTool.py
@@ -89,6 +89,8 @@ class WebServiceTool(BaseTool):
security.declareProtected(Permissions.ManagePortal, 'manage_overview')
manage_overview = DTMLFile('explainWebServiceTool', _dtmldir )
+ security.declareProtected(Permissions.AccessContentsInformation,
+ 'getConnectionPluginList')
def getConnectionPluginList(self):
"""
Return list of available connection plugins
@@ -97,6 +99,7 @@ class WebServiceTool(BaseTool):
plugin_list.sort()
return plugin_list
+ security.declareProtected(Permissions.ManagePortal, 'connect')
def connect(self, url, user_name=None, password=None, transport=None, transport_kw=None):
"""
Connect to remote instances
diff --git a/product/ERP5Type/WebDAVSupport.py b/product/ERP5Type/WebDAVSupport.py
index 533627c8774e6981d6f1e90cb6251380346b67c0..5a6b493a1ac73de9d52b727e5275f74204ce8ebe 100644
--- a/product/ERP5Type/WebDAVSupport.py
+++ b/product/ERP5Type/WebDAVSupport.py
@@ -17,6 +17,7 @@ import re
import transaction
from Acquisition import aq_parent, aq_inner, aq_base
from AccessControl import ClassSecurityInfo, ModuleSecurityInfo
+from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5Type import Permissions, PropertySheet, Constraint
from Products.CMFCore.PortalContent import ResourceLockedError
from Products.CMFCore.utils import getToolByName
@@ -193,6 +194,8 @@ class TextContent:
""" Used for FTP and apparently the ZMI now too """
return len(self.manage_FTPget())
+InitializeClass(TextContent)
+
from webdav.common import Locked, PreconditionFailed
from webdav.interfaces import IWriteLock
from webdav.NullResource import NullResource
diff --git a/product/ERP5Type/mixin/component.py b/product/ERP5Type/mixin/component.py
index b9ffa5c69e0c714974d1f144dbc7f62e7a31b14c..6b21d1cdb97229a71ebd022a8b63a94204bd7f4d 100644
--- a/product/ERP5Type/mixin/component.py
+++ b/product/ERP5Type/mixin/component.py
@@ -32,6 +32,7 @@
from __future__ import absolute_import
from AccessControl import ClassSecurityInfo
+from Products.ERP5Type.Globals import InitializeClass
from Products.ERP5.mixin.property_recordable import PropertyRecordableMixin
from Products.ERP5Type import Permissions
from Products.ERP5Type.Base import Base
@@ -399,3 +400,5 @@ class ComponentMixin(PropertyRecordableMixin, Base):
rev = historicalRevision(self, serial)
return rev.getTextContent()
+
+InitializeClass(ComponentMixin)
diff --git a/product/ERP5Type/patches/ActionsTool.py b/product/ERP5Type/patches/ActionsTool.py
index 17627dea43743db658751d91d16df28f01930bde..d8ac5f446d1956c9ea58978dffae663c5660b260 100644
--- a/product/ERP5Type/patches/ActionsTool.py
+++ b/product/ERP5Type/patches/ActionsTool.py
@@ -16,8 +16,13 @@ import logging
logger = logging.getLogger(__name__)
+from Products.ERP5Type.Globals import InitializeClass
+from AccessControl import ClassSecurityInfo
from Products.CMFCore.ActionsTool import ActionsTool
from Products.CMFCore.interfaces import IActionProvider
+from Products.CMFCore.permissions import ManagePortal
+
+security = ClassSecurityInfo()
def migrateNonProviders(portal_actions):
portal_actions_path = '/'.join(portal_actions.getPhysicalPath())
@@ -100,4 +105,8 @@ def reorderActions(self, REQUEST=None):
return self.manage_editActionsForm(REQUEST,
manage_tabs_message='Actions reordered.')
+security.declareProtected(ManagePortal, 'reorderActions')
ActionsTool.reorderActions = reorderActions
+
+ActionsTool.security = security
+InitializeClass(ActionsTool)
diff --git a/product/ERP5Type/patches/CookieCrumbler.py b/product/ERP5Type/patches/CookieCrumbler.py
index ab478f4e74a7e5c3dda499510017d5cede6982ac..eef569e760411efc51db8464b489a17666fc3934 100644
--- a/product/ERP5Type/patches/CookieCrumbler.py
+++ b/product/ERP5Type/patches/CookieCrumbler.py
@@ -25,6 +25,8 @@ Patch CookieCrumbler to prevent came_from to appear in the URL
when ERP5 runs in "require_referer" mode.
"""
+from AccessControl.SecurityInfo import ClassSecurityInfo
+from App.class_init import InitializeClass
from Products.CMFCore.CookieCrumbler import CookieCrumbler
from Products.CMFCore.CookieCrumbler import CookieCrumblerDisabled
from urllib import quote, unquote
@@ -43,6 +45,8 @@ class PatchedCookieCrumbler(CookieCrumbler):
"""
pass
+security = ClassSecurityInfo()
+
def getLoginURL(self):
'''
Redirects to the login page.
@@ -68,6 +72,7 @@ def getLoginURL(self):
return url
return None
+security.declarePublic('getLoginURL')
CookieCrumbler.getLoginURL = getLoginURL
def balancer_cookie_hook(ob, req, resp):
@@ -177,3 +182,6 @@ def credentialsChanged(self, user, name, pw):
method( resp, self.auth_cookie, quote( ac ) )
CookieCrumbler.credentialsChanged = credentialsChanged
+
+CookieCrumbler.security = security
+InitializeClass(CookieCrumbler)
diff --git a/product/ERP5Type/patches/DA.py b/product/ERP5Type/patches/DA.py
index 8c01aed301ee728b518531129e6f405449ac5c88..75d13e4fb75386e4a39e3df0e3561b2bbc424971 100644
--- a/product/ERP5Type/patches/DA.py
+++ b/product/ERP5Type/patches/DA.py
@@ -21,13 +21,18 @@ from Shared.DC.ZRDB.DA import DA, DatabaseError, SQLMethodTracebackSupplement
from Shared.DC.ZRDB import RDB
from Shared.DC.ZRDB.Results import Results
from App.Extensions import getBrain
-from AccessControl import getSecurityManager
+from AccessControl import ClassSecurityInfo, getSecurityManager
+from Products.ERP5Type.Globals import InitializeClass
from Acquisition import aq_base, aq_parent
from zLOG import LOG, INFO, ERROR
from string import find
from cStringIO import StringIO
+from Products.ERP5Type import Permissions
import sys
+security = ClassSecurityInfo()
+DA.security = security
+
def DA_fromFile(self, filename):
"""
Read the file and update self
@@ -261,7 +266,9 @@ def DA_upgradeSchema(self, connection_id=None, create_if_not_exists=False,
initialize, src__)
DA.__call__ = DA__call__
+security.declarePrivate('fromFile')
DA.fromFile = DA_fromFile
+security.declarePrivate('fromText')
DA.fromText = DA_fromText
DA.manage_FTPget = DA_manage_FTPget
DA.PUT = DA_PUT
@@ -297,3 +304,4 @@ if hasattr(Shared.DC.ZRDB.DA, 'getObject'):
import App.Extensions
App.Extensions.getObject = getObjectMeta(App.Extensions.getObject)
+InitializeClass(DA)
diff --git a/product/ERP5Type/patches/DCWorkflow.py b/product/ERP5Type/patches/DCWorkflow.py
index e12b805230fae587d12d0f6d9b82593b19b52d26..e049b5a86c920f86b125dedd01bb11361273d1a7 100644
--- a/product/ERP5Type/patches/DCWorkflow.py
+++ b/product/ERP5Type/patches/DCWorkflow.py
@@ -16,7 +16,7 @@
# Optimized rendering of global actions (cache)
from Products.ERP5Type.Globals import DTMLFile
-from Products.ERP5Type import _dtmldir
+from Products.ERP5Type import Permissions, _dtmldir
from Products.DCWorkflow.DCWorkflow import DCWorkflowDefinition, StateChangeInfo, createExprContext
from Products.DCWorkflow.DCWorkflow import ObjectDeleted, ObjectMoved, aq_parent, aq_inner
from Products.DCWorkflow import DCWorkflow
@@ -110,6 +110,7 @@ def Guard_checkWithoutRoles(self, sm, wf_def, ob, **kw):
return 0
return 1
+DCWorkflowDefinition.security = ClassSecurityInfo()
def DCWorkflowDefinition_listGlobalActions(self, info):
'''
@@ -336,6 +337,7 @@ def DCWorkflowDefinition_getWorklistVariableMatchDict(self, info,
return None
return variable_match_dict
+DCWorkflowDefinition.security.declarePrivate('getWorklistVariableMatchDict')
DCWorkflowDefinition.getWorklistVariableMatchDict = DCWorkflowDefinition_getWorklistVariableMatchDict
class ValidationFailed(Exception):
@@ -699,6 +701,8 @@ def getPortalTypeListForWorkflow(self):
result.append(portal_type)
return result
+DCWorkflowDefinition.security.declareProtected(Permissions.AccessContentsInformation,
+ 'getPortalTypeListForWorkflow')
DCWorkflowDefinition.getPortalTypeListForWorkflow = getPortalTypeListForWorkflow
def DCWorkflowDefinition_getFutureStateSet(self, state, ignore=(),
@@ -719,8 +723,10 @@ def DCWorkflowDefinition_getFutureStateSet(self, state, ignore=(),
self.getFutureStateSet(state, ignore, _future_state_set)
return _future_state_set
+DCWorkflowDefinition.security.declarePrivate('getFutureStateSet')
DCWorkflowDefinition.getFutureStateSet = DCWorkflowDefinition_getFutureStateSet
+InitializeClass(DCWorkflowDefinition)
# This patch allows to use workflowmethod as an after_script
# However, the right way of doing would be to have a combined state of TRIGGER_USER_ACTION and TRIGGER_WORKFLOW_METHOD
diff --git a/product/ERP5Type/patches/DCWorkflowGraph.py b/product/ERP5Type/patches/DCWorkflowGraph.py
index 5d7f3289cd1d54ba010d942433863b23fc52b137..0fca639d8cd73fdc630f9e27a7f83b06788b031a 100644
--- a/product/ERP5Type/patches/DCWorkflowGraph.py
+++ b/product/ERP5Type/patches/DCWorkflowGraph.py
@@ -28,6 +28,10 @@
#
##############################################################################
+from AccessControl import ClassSecurityInfo
+from Products.ERP5Type.Globals import InitializeClass
+from Products.ERP5Type import Permissions
+
# Products.DCWorkflowGraph.config does not check the return value of
# getenv('PATH'). This fails if PATH is not defined which is the case when
# running ZEO with SlapOS for example. But, Products.DCWorkflowGraph.__init__
@@ -182,3 +186,9 @@ DCWorkflowGraph.getGraph = getGraph
from Products.DCWorkflow.DCWorkflow import DCWorkflowDefinition
DCWorkflowDefinition.getGraph = getGraph
DCWorkflowDefinition.getPOT = DCWorkflowGraph.getPOT
+
+security = ClassSecurityInfo()
+security.declareProtected(Permissions.ManagePortal, 'getPOT')
+security.declareProtected(Permissions.ManagePortal, 'getGraph')
+DCWorkflowDefinition.security = security
+InitializeClass(DCWorkflowDefinition)
diff --git a/product/ERP5Type/patches/ExternalMethod.py b/product/ERP5Type/patches/ExternalMethod.py
index bf18a9773659c08c3601d4a963dd6810a687f924..4c2b9d282f8858ea42b8c1f2d10ff422e5d3094b 100644
--- a/product/ERP5Type/patches/ExternalMethod.py
+++ b/product/ERP5Type/patches/ExternalMethod.py
@@ -14,7 +14,7 @@
from inspect import getargs
from Products.ExternalMethod.ExternalMethod import *
from AccessControl import ModuleSecurityInfo
-from AccessControl.class_init import InitializeClass
+from Products.ERP5Type.Globals import InitializeClass
from Acquisition import aq_parent
from Products.ERP5Type.patches.PythonScript import _guard_form, \
_guard_manage_options, checkGuard, getGuard, manage_guardForm, \
diff --git a/product/ERP5Type/patches/OFSFolder.py b/product/ERP5Type/patches/OFSFolder.py
index fd0293908f93032cbc6b084f60476b7036214959..e5c8d3cf0a602b21b25e12e4cfcd40c5d58ea793 100644
--- a/product/ERP5Type/patches/OFSFolder.py
+++ b/product/ERP5Type/patches/OFSFolder.py
@@ -12,7 +12,10 @@
#
##############################################################################
+from AccessControl import ClassSecurityInfo
+from Products.ERP5Type.Globals import InitializeClass
from OFS.Folder import Folder
+from Products.ERP5Type import Permissions
"""
This patch modifies OFS.Folder._setOb to update portal_skins cache when
@@ -55,3 +58,8 @@ def Folder_isERP5SitePresent(self):
return len(self.objectIds("ERP5 Site")) > 0
Folder.isERP5SitePresent = Folder_isERP5SitePresent
+
+security = ClassSecurityInfo()
+security.declareProtected(Permissions.ManagePortal, 'isERP5SitePresent')
+Folder.security = security
+InitializeClass(Folder)
diff --git a/product/ERP5Type/patches/PythonScript.py b/product/ERP5Type/patches/PythonScript.py
index a93ea8e5062fe36abd7268e5c59563ec5803aba2..71a6eb56c5c8d372e10451e6aa59adbcf85f3501 100644
--- a/product/ERP5Type/patches/PythonScript.py
+++ b/product/ERP5Type/patches/PythonScript.py
@@ -15,13 +15,16 @@ from Products.DCWorkflow.Guard import Guard
from Products.PythonScripts.PythonScript import PythonScript
from App.special_dtml import DTMLFile
from Products.ERP5Type import _dtmldir
-from AccessControl import ModuleSecurityInfo, getSecurityManager
+from AccessControl import ClassSecurityInfo, getSecurityManager
from AccessControl.class_init import InitializeClass
from OFS.misc_ import p_
from App.ImageFile import ImageFile
from Acquisition import aq_base, aq_parent
from zExceptions import Forbidden
+security = ClassSecurityInfo()
+PythonScript.security = security
+
def haveProxyRole(self):
"""if a script has proxy role, return True"""
return bool(self._proxy_roles)
@@ -41,7 +44,9 @@ pyscript_proxyrole = ImageFile('pyscript_proxyrole.gif', globals())
#
# Add proxy role icon in ZMI
#
+security.declarePrivate('haveProxyRole')
PythonScript.haveProxyRole = haveProxyRole
+
PythonScript.om_icons = om_icons
p_.PythonScript_ProxyRole_icon = pyscript_proxyrole
@@ -57,8 +62,6 @@ PythonScript.manage_main = manage_editForm
PythonScript.manage_editDocument = manage_editForm
PythonScript.manage_editForm = manage_editForm
-security = ModuleSecurityInfo('Products.PythonScripts.PythonScript.PythonScript')
-
_guard_manage_options = (
{
'label':'Guard',
diff --git a/product/ERP5Type/patches/WorkflowTool.py b/product/ERP5Type/patches/WorkflowTool.py
index e6cc116928bee7d93bfeeb3deb4f2d8bfcaf59c4..050e67d5fded03df5111ff35effc3cbbe6b68aa2 100644
--- a/product/ERP5Type/patches/WorkflowTool.py
+++ b/product/ERP5Type/patches/WorkflowTool.py
@@ -19,7 +19,8 @@ from types import StringTypes
# Make sure Interaction Workflows are called even if method not wrapped
-from AccessControl import Unauthorized
+from AccessControl import ClassSecurityInfo, Unauthorized
+from Products.ERP5Type.Globals import InitializeClass
from Products.CMFCore.WorkflowTool import WorkflowTool
from Products.CMFCore.WorkflowCore import ObjectMoved, ObjectDeleted
from Products.CMFCore.WorkflowCore import WorkflowException
@@ -29,6 +30,7 @@ from Products.DCWorkflow.Transitions import TRIGGER_WORKFLOW_METHOD
from Products.CMFCore.utils import getToolByName
from Products.ZSQLCatalog.SQLCatalog import SimpleQuery, AutoQuery, ComplexQuery, NegatedQuery
from Products.CMFCore.utils import _getAuthenticatedUser
+from Products.ERP5Type import Permissions
from Products.ERP5Type.Cache import CachingMethod
from sets import ImmutableSet
from Acquisition import aq_base
@@ -38,6 +40,9 @@ from itertools import izip
from MySQLdb import ProgrammingError, OperationalError
from DateTime import DateTime
+security = ClassSecurityInfo()
+WorkflowTool.security = security
+
def DCWorkflowDefinition_notifyWorkflowMethod(self, ob, transition_list, args=None, kw=None):
'''
Allows the system to request a workflow action. This method
@@ -84,6 +89,7 @@ def DCWorkflowDefinition_notifySuccess(self, ob, transition_list, result, args=N
'''
pass
+security.declarePrivate('notifyWorkflowMethod')
DCWorkflowDefinition.notifyWorkflowMethod = DCWorkflowDefinition_notifyWorkflowMethod
DCWorkflowDefinition.notifyBefore = DCWorkflowDefinition_notifyBefore
DCWorkflowDefinition.notifySuccess = DCWorkflowDefinition_notifySuccess
@@ -709,6 +715,7 @@ def WorkflowTool_refreshWorklistCache(self):
self.Base_zCreateWorklistTable()
Base_zInsertIntoWorklistTable(**value_column_dict)
+security.declareProtected(Permissions.ManagePortal, 'refreshWorklistCache')
WorkflowTool.refreshWorklistCache = WorkflowTool_refreshWorklistCache
class WorkflowHistoryList(Persistent):
@@ -831,6 +838,7 @@ def WorkflowTool_isTransitionPossible(self, ob, transition_id, wf_id=None):
return 1
return 0
+security.declarePublic('isTransitionPossible')
WorkflowTool.isTransitionPossible = WorkflowTool_isTransitionPossible
def WorkflowTool_getWorkflowChainDict(self, sorted=True):
@@ -844,6 +852,7 @@ def WorkflowTool_getWorkflowChainDict(self, sorted=True):
return_dict['chain_%s' % portal_type] = ', '.join(workflow_id_list)
return return_dict
+security.declareProtected(Permissions.ManagePortal, 'getWorkflowChainDict')
WorkflowTool.getWorkflowChainDict = WorkflowTool_getWorkflowChainDict
WorkflowTool._reindexWorkflowVariables = lambda self, ob: \
@@ -858,6 +867,7 @@ def WorkflowTool_getChainDict(self):
chain_dict.setdefault(wf_id, []).append(portal_type)
return chain_dict
+security.declareProtected(Permissions.ManagePortal, 'getChainDict')
WorkflowTool.getChainDict = WorkflowTool_getChainDict
# Backward compatibility, as WorkflowMethod has been removed in CMFCore 2.2
@@ -936,3 +946,5 @@ def _isJumpToStatePossibleFor(self, ob, state_id, wf_id=None):
WorkflowTool._jumpToStateFor = _jumpToStateFor
WorkflowTool._isJumpToStatePossibleFor = _isJumpToStatePossibleFor
+
+InitializeClass(WorkflowTool)
diff --git a/product/ERP5Type/tests/utils.py b/product/ERP5Type/tests/utils.py
index 21291d56a9a84b3eafb05365cc75b9ae39e13b46..8513b81d41e381b3b26cdeb0c769a89609b0d813 100644
--- a/product/ERP5Type/tests/utils.py
+++ b/product/ERP5Type/tests/utils.py
@@ -37,6 +37,8 @@ import sys
import unittest
import ZODB
import zLOG
+from AccessControl import ClassSecurityInfo
+from Products.ERP5Type.Globals import InitializeClass
from App.config import getConfiguration
from ZConfig.matcher import SectionValue
from Zope2.Startup.datatypes import ZopeDatabase
@@ -67,6 +69,8 @@ class DummyMailHostMixin(object):
_previous_message = ()
_message_list = []
+ security = ClassSecurityInfo()
+
@classmethod
def _send(cls, mfrom, mto, messageText, immediate=False):
"""Record message in _last_message."""
@@ -84,6 +88,7 @@ class DummyMailHostMixin(object):
message_text = part.get_payload(decode=1)
return message_text
+ security.declarePrivate('getMessageList')
@classmethod
def getMessageList(cls, decode=True):
""" Return message list"""
@@ -91,6 +96,7 @@ class DummyMailHostMixin(object):
return [(m[0], m[1], cls._decodeMessage(m[2])) for m in cls._message_list]
return cls._message_list
+ security.declarePrivate('getLastLog')
@classmethod
def getLastLog(cls):
""" Return last message """
@@ -102,6 +108,8 @@ class DummyMailHostMixin(object):
cls._previous_message = ()
cls._message_list = []
+InitializeClass(DummyMailHostMixin)
+
class DummyMailHost(DummyMailHostMixin, MailHost):
pass
diff --git a/product/Formulator/Field.py b/product/Formulator/Field.py
index 1a55dcb0fff7390061f55e207d76d7c5dac403c6..c279750b86efba4f9e176dab930f01650ca5e15d 100644
--- a/product/Formulator/Field.py
+++ b/product/Formulator/Field.py
@@ -172,6 +172,8 @@ class Field:
else:
return '%s.%s:record' % (self.field_record, self.id)
+ security.declareProtected('Access contents information',
+ 'generate_subfield_key')
def generate_subfield_key(self, id, validation=0, key=None):
"""Generate the key Silva uses to render a sub field.
Added key parameter for ERP5 in order to be compatible with listbox/matrixbox
@@ -387,6 +389,7 @@ class Field:
"""
return self.widget.render_dict(self, value)
+ security.declareProtected('View', 'render_from_request')
def render_from_request(self, REQUEST, key_prefix=None):
"""Convenience method; render the field widget from REQUEST
(unvalidated data), or default if no raw data is found.
diff --git a/product/Formulator/Form.py b/product/Formulator/Form.py
index 8f0b28422a776054f7afaed891e98875bae74cac..36bee8d1cd25876a9ab07c66f042092d6ef2ba74 100644
--- a/product/Formulator/Form.py
+++ b/product/Formulator/Form.py
@@ -669,6 +669,7 @@ class ZMIForm(ObjectManager, PropertyManager, RoleManager, Item, Form):
self.title = title
self.row_length = 4
+ security.declarePublic('all_meta_types')
def all_meta_types(self):
"""Get all meta types addable to this field. The ZMI uses
this method (original defined in ObjectManager).
diff --git a/product/Formulator/StandardFields.py b/product/Formulator/StandardFields.py
index 775fca626e3e0d92af5095d75353a893b186ff2e..ebfb65b2387035e41a1f804e7a9e1296844f0e9e 100644
--- a/product/Formulator/StandardFields.py
+++ b/product/Formulator/StandardFields.py
@@ -146,7 +146,7 @@ class DateTimeField(ZMIField):
self.sub_form = create_datetime_list_sub_form()
year_field = self.sub_form.get_field('year', include_disabled=1)
year_field.overrides['items'] = BoundMethod(self,
- 'override_year_items')
+ '_override_year_items')
else:
assert 0, "Unknown input_style."
self.on_value_css_class_changed(self.values['css_class'])
@@ -161,7 +161,7 @@ class DateTimeField(ZMIField):
field.values['css_class'] = value
field._p_changed = 1
- def override_year_items(self):
+ def _override_year_items(self):
"""The method gets called to get the right amount of years.
"""
start_datetime = self.get_value('start_datetime')
diff --git a/product/Localizer/Localizer.py b/product/Localizer/Localizer.py
index b0330d8b2a10f45190b40ebdf59b944850ef3dca..8549acc45604e9d3a19b1b8252968eec984f142a 100644
--- a/product/Localizer/Localizer.py
+++ b/product/Localizer/Localizer.py
@@ -146,6 +146,7 @@ class Localizer(LanguageManager, Folder):
# New code to control the language policy
+ security.declarePrivate('accept_cookie')
def accept_cookie(self, accept_language):
"""Add the language from a cookie."""
lang = self.REQUEST.cookies.get('LOCALIZER_LANGUAGE', None)
@@ -153,6 +154,7 @@ class Localizer(LanguageManager, Folder):
accept_language.set(lang, 2.0)
+ security.declarePrivate('accept_path')
def accept_path(self, accept_language):
"""Add the language from the path."""
stack = self.REQUEST['TraversalRequestNameStack']
@@ -161,6 +163,7 @@ class Localizer(LanguageManager, Folder):
accept_language.set(lang, 3.0)
+ security.declarePrivate('accept_url')
def accept_url(self, accept_language):
"""Add the language from the URL."""
lang = self.REQUEST.form.get('LOCALIZER_LANGUAGE')
diff --git a/product/Localizer/MessageCatalog.py b/product/Localizer/MessageCatalog.py
index ec1fd48e7a51ba8e6e5bfda88c2b9fdcf124c11e..585224e29fefa465ae77b8150fed1a7e6b22b574 100644
--- a/product/Localizer/MessageCatalog.py
+++ b/product/Localizer/MessageCatalog.py
@@ -713,7 +713,9 @@ class MessageCatalog(LanguageManager, ObjectManager, SimpleItem):
# Backwards compatibility (XXX)
#######################################################################
+ security.declarePublic('hasmsg')
hasmsg = message_exists
+ security.declarePublic('hasLS')
hasLS = message_exists # CMFLocalizer uses it
class POFile(SimpleItem):
diff --git a/product/PortalTransforms/Transform.py b/product/PortalTransforms/Transform.py
index 5c69ace1ebf4a428c93538fc76337d2cd3b63f5e..0552dd32a2411275b6c2abd3c5ae70f6ca527170 100644
--- a/product/PortalTransforms/Transform.py
+++ b/product/PortalTransforms/Transform.py
@@ -268,6 +268,7 @@ class Transform(SimpleItem):
reload(m)
self._tr_init()
+ security.declarePrivate('preprocess_param')
def preprocess_param(self, kwargs):
""" preprocess param fetched from an http post to handle optional dictionary
"""
diff --git a/product/PortalTransforms/TransformEngine.py b/product/PortalTransforms/TransformEngine.py
index f7b3b8effe1009d80645469f73ac93dbd3790fd9..990832ec7072bd23ac85f1aed641333283703d81 100644
--- a/product/PortalTransforms/TransformEngine.py
+++ b/product/PortalTransforms/TransformEngine.py
@@ -184,6 +184,7 @@ class TransformTool(UniqueObject, ActionProviderBase, Folder):
# return IDataStream object
return result
+ security.declarePrivate('getRequirementListByMimetype')
def getRequirementListByMimetype(self, origin_mimetype, target_mimetype):
"""Return requirements only if origin_mimetype
and target_mimetype are matching transform policy
@@ -573,6 +574,7 @@ class TransformTool(UniqueObject, ActionProviderBase, Folder):
REQUEST['RESPONSE'].redirect(self.absolute_url() +
'/manage_editTransformationPolicyForm')
+ security.declarePrivate('listPolicies')
def listPolicies(self):
""" return the list of defined policies
@@ -625,6 +627,7 @@ class TransformTool(UniqueObject, ActionProviderBase, Folder):
return []
# available mimetypes ####################################################
+ security.declarePrivate('listAvailableTextInputs')
def listAvailableTextInputs(self):
"""Returns a list of mimetypes that can be used as input for textfields
by building a list of the inputs beginning with "text/" of all
diff --git a/product/ZSQLCatalog/SQLCatalog.py b/product/ZSQLCatalog/SQLCatalog.py
index f21df3fcbbd0526e54f4e805a5439b5c553d9d71..e319a399559c5172c7394e2c6b9ff55af756acc5 100644
--- a/product/ZSQLCatalog/SQLCatalog.py
+++ b/product/ZSQLCatalog/SQLCatalog.py
@@ -2015,6 +2015,7 @@ class Catalog(Folder,
) + list(self.sql_catalog_related_keys)
# Compatibililty SQL Sql
+ security.declarePrivate('getSqlCatalogRelatedKeyList')
getSqlCatalogRelatedKeyList = getSQLCatalogRelatedKeyList
security.declarePrivate('getSQLCatalogScriptableKeyList')