Commit 8af77e32 authored by Ivan Tyagov's avatar Ivan Tyagov

Extend resolveCategory to return default value (if provided) if a category can...

Extend resolveCategory to return default value (if provided) if a category can not be accessed due to security restrictions.


git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@23063 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent 2ae823de
No related merge requests found
...@@ -1609,7 +1609,7 @@ class CategoryTool( UniqueObject, Folder, Base ): ...@@ -1609,7 +1609,7 @@ class CategoryTool( UniqueObject, Folder, Base ):
display_id = 'getTitle') display_id = 'getTitle')
security.declarePublic('resolveCategory') security.declarePublic('resolveCategory')
def resolveCategory(self, relative_url): def resolveCategory(self, relative_url, default=_marker):
""" """
Finds an object from a relative_url Finds an object from a relative_url
Method is public since we use restrictedTraverse Method is public since we use restrictedTraverse
...@@ -1690,11 +1690,18 @@ class CategoryTool( UniqueObject, Folder, Base ): ...@@ -1690,11 +1690,18 @@ class CategoryTool( UniqueObject, Folder, Base ):
stack.reverse() stack.reverse()
validate = getSecurityManager().validate validate = getSecurityManager().validate
def restrictedGetOb(container, key): def restrictedGetOb(container, key, default):
obj = container._getOb(key, None) obj = container._getOb(key, None)
if obj is not None: if obj is not None:
if not validate(container, container, key, obj): try:
raise Unauthorized('unauthorized access to element %s' % key) if not validate(container, container, key, obj):
raise Unauthorized('unauthorized access to element %s' % key)
except Unauthorized:
# if user can't access object try to return default passed
if default is not _marker:
return default
else:
raise Unauthorized('unauthorized access to element %s' % key)
return obj return obj
# XXX Currently, resolveCategory accepts that a category might # XXX Currently, resolveCategory accepts that a category might
...@@ -1706,28 +1713,28 @@ class CategoryTool( UniqueObject, Folder, Base ): ...@@ -1706,28 +1713,28 @@ class CategoryTool( UniqueObject, Folder, Base ):
if stack: if stack:
portal = aq_inner(self.getPortalObject()) portal = aq_inner(self.getPortalObject())
key = stack.pop() key = stack.pop()
obj = restrictedGetOb(self, key) obj = restrictedGetOb(self, key, default)
if obj is None: if obj is None:
obj = restrictedGetOb(portal, key) obj = restrictedGetOb(portal, key, default)
if obj is not None: if obj is not None:
obj = obj.__of__(self) obj = obj.__of__(self)
else: else:
while stack: while stack:
container = obj container = obj
key = stack.pop() key = stack.pop()
obj = restrictedGetOb(container, key) obj = restrictedGetOb(container, key, default)
if obj is not None: if obj is not None:
break break
obj = restrictedGetOb(self, key) obj = restrictedGetOb(self, key, default)
if obj is None: if obj is None:
obj = restrictedGetOb(portal, key) obj = restrictedGetOb(portal, key, default)
if obj is not None: if obj is not None:
obj = obj.__of__(container) obj = obj.__of__(container)
break break
while obj is not None and stack: while obj is not None and stack:
key = stack.pop() key = stack.pop()
obj = restrictedGetOb(obj, key) obj = restrictedGetOb(obj, key, default)
if obj is None: if obj is None:
LOG('CMFCategory', WARNING, LOG('CMFCategory', WARNING,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment