[CMF-checkins] SVN: CMF/branches/1.5/C - synced _checkPermission
with Zope 2.8.5 code
Yvo Schubbe
y.2006_ at wcm-solutions.de
Sun Jan 8 12:33:40 EST 2006
Log message for revision 41229:
- synced _checkPermission with Zope 2.8.5 code
Changed:
U CMF/branches/1.5/CHANGES.txt
U CMF/branches/1.5/CMFCore/utils.py
-=-
Modified: CMF/branches/1.5/CHANGES.txt
===================================================================
--- CMF/branches/1.5/CHANGES.txt 2006-01-08 16:06:01 UTC (rev 41228)
+++ CMF/branches/1.5/CHANGES.txt 2006-01-08 17:33:39 UTC (rev 41229)
@@ -1,5 +1,12 @@
After CMF 1.5.5
+ Bug Fixes
+
+ - CMFCore utils: Synced _checkPermission with Zope 2.8.5 code.
+ checkPermission of Zope 2.8.5 and later contains bug fixes and respects
+ proxy roles, but for backwards compatibility CMF 1.5 still needs its own
+ implementation.
+
Others
- Made cut / copy / paste tests more independent from implementation
Modified: CMF/branches/1.5/CMFCore/utils.py
===================================================================
--- CMF/branches/1.5/CMFCore/utils.py 2006-01-08 16:06:01 UTC (rev 41228)
+++ CMF/branches/1.5/CMFCore/utils.py 2006-01-08 17:33:39 UTC (rev 41229)
@@ -122,14 +122,13 @@
def _checkPermission(permission, obj):
""" Check if the current user has the permission on the given object.
"""
- # this code is ported from ZopeSecurityPolicy.checkPermission
+ # this code is ported from Zope 2.8's ZopeSecurityPolicy.checkPermission
roles = rolesForPermissionOn(permission, obj)
if isinstance(roles, basestring):
roles = [roles]
context = getSecurityManager()._context
# check executable owner and proxy roles
- # this code is ported from ZopeSecurityPolicy.validate
stack = context.stack
if stack:
eo = stack[-1]
@@ -139,12 +138,14 @@
return 0
proxy_roles = getattr(eo, '_proxy_roles', None)
if proxy_roles:
- if obj is not aq_base(obj):
- if not owner._check_context(obj):
- return 0
+ owner = eo.getWrappedOwner()
+ if owner is not None:
+ if obj is not aq_base(obj):
+ if not owner._check_context(obj):
+ return 0
for r in proxy_roles:
if r in roles:
- return 1
+ return 1
return 0
return context.user.allowed(obj, roles)
More information about the CMF-checkins
mailing list