Commit 0e51f6d5 authored by Rafael Monnerat's avatar Rafael Monnerat

Remove (comment) set methods on Introspection Tool

Those methods were introduced by upgrader in order to upgrade system, products
and python executable running the instance.

Currently the upgrade process will be handled by slapos, and those methods,
can completly break the instance. IntrospectionTool should be a place to
collect instance information only.
parent d03debfb
...@@ -351,39 +351,39 @@ class IntrospectionTool(LogMixin, BaseTool): ...@@ -351,39 +351,39 @@ class IntrospectionTool(LogMixin, BaseTool):
# Not possible get configuration from the zopecl # Not possible get configuration from the zopecl
return None return None
security.declareProtected(Permissions.ManagePortal, 'setPythonExecutable') #security.declareProtected(Permissions.ManagePortal, 'setPythonExecutable')
def setPythonExecutable(self, path): #def setPythonExecutable(self, path):
""" # """
Set the value of PYTHON for zopectl startup script # Set the value of PYTHON for zopectl startup script
or from zope.conf (whichever is most relevant) # or from zope.conf (whichever is most relevant)
Rationale: some day Zope will no longer use python2.4 # Rationale: some day Zope will no longer use python2.4
WARNING: the list of possible path should be protected # WARNING: the list of possible path should be protected
if possible (ex. /etc/erp5/python) # if possible (ex. /etc/erp5/python)
""" # """
config = self._loadExternalConfig() # config = self._loadExternalConfig()
allowed_path_list = config.get("main", "python").split("\n") # allowed_path_list = config.get("main", "python").split("\n")
if path not in allowed_path_list: # if path not in allowed_path_list:
raise Unauthorized("You are setting one Unauthorized path as Python.") # raise Unauthorized("You are setting one Unauthorized path as Python.")
config_file = self._getZopeConfigurationFile("bin/zopectl") # config_file = self._getZopeConfigurationFile("bin/zopectl")
new_file_list = [] # new_file_list = []
for line in config_file: # for line in config_file:
if line.startswith("PYTHON="): # if line.startswith("PYTHON="):
# Only comment the line, so it can easily reverted # # Only comment the line, so it can easily reverted
new_file_list.append("#%s" % (line)) # new_file_list.append("#%s" % (line))
new_file_list.append('PYTHON="%s"\n' % (path)) # new_file_list.append('PYTHON="%s"\n' % (path))
else: # else:
new_file_list.append(line) # new_file_list.append(line)
config_file.close() # config_file.close()
# reopen file for write # # reopen file for write
config_file = self._getZopeConfigurationFile("bin/zopectl", "w") # config_file = self._getZopeConfigurationFile("bin/zopectl", "w")
config_file.write("".join(new_file_list)) # config_file.write("".join(new_file_list))
config_file.close() # config_file.close()
return # return
security.declareProtected(Permissions.ManagePortal, 'getProductPathList') security.declareProtected(Permissions.ManagePortal, 'getProductPathList')
def getProductPathList(self): def getProductPathList(self):
...@@ -393,72 +393,56 @@ class IntrospectionTool(LogMixin, BaseTool): ...@@ -393,72 +393,56 @@ class IntrospectionTool(LogMixin, BaseTool):
""" """
return getConfiguration().products return getConfiguration().products
security.declareProtected(Permissions.ManagePortal, 'setProductPath') #security.declareProtected(Permissions.ManagePortal, 'setProductPath')
def setProductPath(self, relative_path): #def setProductPath(self, relative_path):
""" # """
Set the value of SOFTWARE_HOME for zopectl startup script # Set the value of SOFTWARE_HOME for zopectl startup script
or from zope.conf (whichever is most relevant) # or from zope.conf (whichever is most relevant)
Rationale: multiple versions of Products can be present # Rationale: multiple versions of Products can be present
on the same system # on the same system
relative_path is usually defined by a number of release # relative_path is usually defined by a number of release
(ex. 5.4.2) # (ex. 5.4.2)
WARNING: the list of possible path should be protected # WARNING: the list of possible path should be protected
if possible (ex. /etc/erp5/product) # if possible (ex. /etc/erp5/product)
""" # """
config = self._loadExternalConfig() # config = self._loadExternalConfig()
allowed_path_list = config.get("main", "products").split("\n") # allowed_path_list = config.get("main", "products").split("\n")
base_product_path_list = config.get("base", "base_product_path").split("\n") # base_product_path_list = config.get("base", "base_product_path").split("\n")
if len(base_product_path_list) == 0: # if len(base_product_path_list) == 0:
raise Unauthorized( # raise Unauthorized(
"base_product_path_list is not defined into configuration.") # "base_product_path_list is not defined into configuration.")
base_product_path = base_product_path_list[0] # base_product_path = base_product_path_list[0]
path = base_product_path + relative_path # path = base_product_path + relative_path
if path not in allowed_path_list: # if path not in allowed_path_list:
raise Unauthorized( # raise Unauthorized(
"You are setting one Unauthorized path as Product Path (%s)." \ # "You are setting one Unauthorized path as Product Path (%s)." \
% (path)) # % (path))
if path not in allowed_path_list: # if path not in allowed_path_list:
raise Unauthorized("You are setting one Unauthorized path as Product Path.") # raise Unauthorized("You are setting one Unauthorized path as Product Path.")
config_file = self._getZopeConfigurationFile("etc/zope.conf") # config_file = self._getZopeConfigurationFile("etc/zope.conf")
new_file_list = [] # new_file_list = []
for line in config_file: # for line in config_file:
new_line = line # new_line = line
if line.strip(" ").startswith("products %s" % (base_product_path)): # if line.strip(" ").startswith("products %s" % (base_product_path)):
# Only comment the line, so it can easily reverted # # Only comment the line, so it can easily reverted
new_line = "#%s" % (line) # new_line = "#%s" % (line)
new_file_list.append(new_line) # new_file_list.append(new_line)
# Append the new line. # # Append the new line.
new_file_list.append("products %s\n" % (path)) # new_file_list.append("products %s\n" % (path))
config_file.close() # config_file.close()
# reopen file for write # # reopen file for write
config_file = self._getZopeConfigurationFile("etc/zope.conf", "w") # config_file = self._getZopeConfigurationFile("etc/zope.conf", "w")
config_file.write("".join(new_file_list)) # config_file.write("".join(new_file_list))
config_file.close() # config_file.close()
return # return
security.declareProtected(Permissions.ManagePortal, 'updateSVNProductList')
def updateSVNProductList(self, path_list, revision=None):
"""
Allow developers to create local products from the SVN
in order to play with recent versions of the system
Rationale: we can not do more than that or we take too
much risks for security. Large projects should simply use
buildout installer (server level) and build a complex custom
software home or product home
"""
# XXX (rafael) it better use (and extend if needed) the portal_subversions.
if self.getSystemSignatureDict()["pysvn"] is None:
raise
raise NotImplementedError
# #
# Library signature # Library signature
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment