[CMF-checkins] CVS: CMF/CMFDefault - Image.py:1.21 File.py:1.23
Tres Seaver
tseaver@zope.com
07 Aug 2002 09:29:46 -0400
On Tue, 2002-08-06 at 20:53, Sidnei da Silva wrote:
> Update of /cvs-repository/CMF/CMFDefault
> In directory cvs.zope.org:/tmp/cvs-serv13739
>
> Modified Files:
> Image.py File.py
> Log Message:
> Someone forgot to fix some security declarations. Fixed.
My bad. I made and tested the patch on the 1.3 branch, where the
permissions are still used in "qualified" form; I neglected to re-run
the tests on the head after applying the patch. Thanks for the catch.
>
> === CMF/CMFDefault/Image.py 1.20 => 1.21 ===
> # return self.view(self, REQUEST)
> return OFS.Image.Image.index_html(self, REQUEST, RESPONSE)
>
> - security.declareProtected(CMFCorePermissions.ModifyPortalContent, 'PUT')
> + security.declareProtected(ModifyPortalContent, 'PUT')
> def PUT(self, REQUEST, RESPONSE):
> """ Handle HTTP (and presumably FTP?) PUT requests """
> OFS.Image.Image.PUT( self, REQUEST, RESPONSE )
>
>
> === CMF/CMFDefault/File.py 1.22 => 1.23 ===
> 'attachment; filename=%s' % self.getId())
> return OFS.Image.File.index_html(self, REQUEST, RESPONSE)
>
> - security.declareProtected(CMFCorePermissions.ModifyPortalContent, 'PUT')
> + security.declareProtected(ModifyPortalContent, 'PUT')
> def PUT(self, REQUEST, RESPONSE):
> """ Handle HTTP (and presumably FTP?) PUT requests """
> OFS.Image.File.PUT( self, REQUEST, RESPONSE )
>
Tres.
--
===============================================================
Tres Seaver tseaver@zope.com
Zope Corporation "Zope Dealers" http://www.zope.com