[CMF-checkins] SVN: CMF/trunk/ forward ported r74276 and r77182
from 2.1 branch
Yvo Schubbe
y.2007- at wcm-solutions.de
Thu Jun 28 13:31:47 EDT 2007
Log message for revision 77183:
forward ported r74276 and r77182 from 2.1 branch
- postonly fixes
- fix for skin lookup
Changed:
U CMF/trunk/CMFCore/MembershipTool.py
U CMF/trunk/CMFCore/RegistrationTool.py
U CMF/trunk/CMFCore/SkinsTool.py
U CMF/trunk/CMFCore/WorkflowTool.py
U CMF/trunk/CMFCore/dtml/selectWorkflows.dtml
U CMF/trunk/CMFDefault/RegistrationTool.py
U CMF/trunk/CMFDefault/skins/zpt_control/change_password.py
U CMF/trunk/CMFDefault/skins/zpt_control/folder_localrole_edit.py
U CMF/trunk/CMFDefault/skins/zpt_control/members_add_control.py
U CMF/trunk/CMFDefault/skins/zpt_control/members_delete_control.py
U CMF/trunk/DCWorkflow/States.py
U CMF/trunk/DCWorkflow/WorkflowUIMixin.py
-=-
Modified: CMF/trunk/CMFCore/MembershipTool.py
===================================================================
--- CMF/trunk/CMFCore/MembershipTool.py 2007-06-28 17:25:27 UTC (rev 77182)
+++ CMF/trunk/CMFCore/MembershipTool.py 2007-06-28 17:31:46 UTC (rev 77183)
@@ -18,6 +18,7 @@
from warnings import warn
from AccessControl import ClassSecurityInfo
+from AccessControl.requestmethod import postonly
from AccessControl.User import nobody
from Acquisition import aq_base
from Acquisition import aq_inner
@@ -90,7 +91,8 @@
manage_mapRoles = DTMLFile('membershipRolemapping', _dtmldir )
security.declareProtected(SetOwnPassword, 'setPassword')
- def setPassword(self, password, domains=None):
+ @postonly
+ def setPassword(self, password, domains=None, REQUEST=None):
'''Allows the authenticated member to set his/her own password.
'''
registration = queryUtility(IRegistrationTool)
@@ -167,7 +169,8 @@
return roles
security.declareProtected(ManagePortal, 'setRoleMapping')
- def setRoleMapping(self, portal_role, userfolder_role):
+ @postonly
+ def setRoleMapping(self, portal_role, userfolder_role, REQUEST=None):
"""
set the mapping of roles between roles understood by
the portal and roles coming from outside user sources
@@ -283,7 +286,8 @@
createMemberarea = createMemberArea
security.declareProtected(ManageUsers, 'deleteMemberArea')
- def deleteMemberArea(self, member_id):
+ @postonly
+ def deleteMemberArea(self, member_id, REQUEST=None):
""" Delete member area of member specified by member_id.
"""
members = self.getMembersFolder()
@@ -417,7 +421,9 @@
return tuple(local_roles)
security.declareProtected(View, 'setLocalRoles')
- def setLocalRoles(self, obj, member_ids, member_role, reindex=1):
+ @postonly
+ def setLocalRoles(self, obj, member_ids, member_role, reindex=1,
+ REQUEST=None):
""" Add local roles on an item.
"""
if ( _checkPermission(ChangeLocalRoles, obj)
@@ -436,7 +442,9 @@
obj.reindexObjectSecurity()
security.declareProtected(View, 'deleteLocalRoles')
- def deleteLocalRoles(self, obj, member_ids, reindex=1, recursive=0):
+ @postonly
+ def deleteLocalRoles(self, obj, member_ids, reindex=1, recursive=0,
+ REQUEST=None):
""" Delete local roles of specified members.
"""
if _checkPermission(ChangeLocalRoles, obj):
@@ -465,8 +473,9 @@
member.setMemberProperties(properties)
security.declareProtected(ManageUsers, 'deleteMembers')
+ @postonly
def deleteMembers(self, member_ids, delete_memberareas=1,
- delete_localroles=1):
+ delete_localroles=1, REQUEST=None):
""" Delete members specified by member_ids.
"""
Modified: CMF/trunk/CMFCore/RegistrationTool.py
===================================================================
--- CMF/trunk/CMFCore/RegistrationTool.py 2007-06-28 17:25:27 UTC (rev 77182)
+++ CMF/trunk/CMFCore/RegistrationTool.py 2007-06-28 17:31:46 UTC (rev 77183)
@@ -19,6 +19,7 @@
from random import choice
from AccessControl import ClassSecurityInfo
+from AccessControl.requestmethod import postonly
from Globals import DTMLFile
from Globals import InitializeClass
from OFS.SimpleItem import SimpleItem
@@ -129,8 +130,9 @@
return ''.join( [ choice(chars) for i in range(6) ] )
security.declareProtected(AddPortalMember, 'addMember')
+ @postonly
def addMember(self, id, password, roles=('Member',), domains='',
- properties=None):
+ properties=None, REQUEST=None):
'''Creates a PortalMember and returns it. The properties argument
can be a mapping with additional member properties. Raises an
exception if the given id already exists, the password does not
Modified: CMF/trunk/CMFCore/SkinsTool.py
===================================================================
--- CMF/trunk/CMFCore/SkinsTool.py 2007-06-28 17:25:27 UTC (rev 77182)
+++ CMF/trunk/CMFCore/SkinsTool.py 2007-06-28 17:31:46 UTC (rev 77183)
@@ -308,8 +308,8 @@
mtool = getUtility(IMembershipTool)
utool = getToolByName(self, 'portal_url')
member = mtool.getAuthenticatedMember()
- if hasattr(aq_base(member), 'portal_skin'):
- mskin = member.portal_skin
+ if hasattr(aq_base(member), 'getProperty'):
+ mskin = member.getProperty('portal_skin', None)
if mskin:
req = self.REQUEST
cookie = req.cookies.get(self.request_varname, None)
Modified: CMF/trunk/CMFCore/WorkflowTool.py
===================================================================
--- CMF/trunk/CMFCore/WorkflowTool.py 2007-06-28 17:25:27 UTC (rev 77182)
+++ CMF/trunk/CMFCore/WorkflowTool.py 2007-06-28 17:31:46 UTC (rev 77183)
@@ -19,6 +19,7 @@
from warnings import warn
from AccessControl import ClassSecurityInfo
+from AccessControl.requestmethod import postonly
from Acquisition import aq_base, aq_inner, aq_parent
from Globals import DTMLFile
from Globals import InitializeClass
@@ -107,8 +108,8 @@
manage_tabs_message=manage_tabs_message)
security.declareProtected( ManagePortal, 'manage_changeWorkflows')
+ @postonly
def manage_changeWorkflows(self, default_chain, props=None, REQUEST=None):
-
""" Changes which workflows apply to objects of which type.
"""
if props is None:
@@ -357,7 +358,8 @@
# 'IConfigurableWorkflowTool' interface methods
#
security.declareProtected(ManagePortal, 'setDefaultChain')
- def setDefaultChain(self, default_chain):
+ @postonly
+ def setDefaultChain(self, default_chain, REQUEST=None):
""" Set the default chain for this tool.
"""
default_chain = default_chain.replace(',', ' ')
@@ -371,7 +373,9 @@
self._default_chain = tuple(ids)
security.declareProtected(ManagePortal, 'setChainForPortalTypes')
- def setChainForPortalTypes(self, pt_names, chain, verify=True):
+ @postonly
+ def setChainForPortalTypes(self, pt_names, chain, verify=True,
+ REQUEST=None):
""" Set a chain for specific portal types.
"""
cbt = self._chains_by_type
@@ -438,6 +442,7 @@
# Other methods
#
security.declareProtected(ManagePortal, 'updateRoleMappings')
+ @postonly
def updateRoleMappings(self, REQUEST=None):
""" Allow workflows to update the role-permission mappings.
"""
Modified: CMF/trunk/CMFCore/dtml/selectWorkflows.dtml
===================================================================
--- CMF/trunk/CMFCore/dtml/selectWorkflows.dtml 2007-06-28 17:25:27 UTC (rev 77182)
+++ CMF/trunk/CMFCore/dtml/selectWorkflows.dtml 2007-06-28 17:31:46 UTC (rev 77183)
@@ -50,7 +50,7 @@
Click the button below to update the security settings of all
workflow-aware objects in this portal.
-<form action="updateRoleMappings" method="GET">
+<form action="updateRoleMappings" method="POST">
<input type="submit" name="submit" value="Update security settings" />
</form>
</p>
Modified: CMF/trunk/CMFDefault/RegistrationTool.py
===================================================================
--- CMF/trunk/CMFDefault/RegistrationTool.py 2007-06-28 17:25:27 UTC (rev 77182)
+++ CMF/trunk/CMFDefault/RegistrationTool.py 2007-06-28 17:31:46 UTC (rev 77183)
@@ -16,6 +16,7 @@
"""
from AccessControl import ClassSecurityInfo
+from AccessControl.requestmethod import postonly
from Acquisition import aq_base
from Globals import InitializeClass
from Products.MailHost.interfaces import IMailHost
@@ -183,13 +184,9 @@
host.send( mail_text )
security.declareProtected(ManagePortal, 'editMember')
- def editMember( self
- , member_id
- , properties=None
- , password=None
- , roles=None
- , domains=None
- ):
+ @postonly
+ def editMember(self, member_id, properties=None, password=None,
+ roles=None, domains=None, REQUEST=None):
""" Edit a user's properties and security settings
o Checks should be done before this method is called using
Modified: CMF/trunk/CMFDefault/skins/zpt_control/change_password.py
===================================================================
--- CMF/trunk/CMFDefault/skins/zpt_control/change_password.py 2007-06-28 17:25:27 UTC (rev 77182)
+++ CMF/trunk/CMFDefault/skins/zpt_control/change_password.py 2007-06-28 17:31:46 UTC (rev 77183)
@@ -12,7 +12,7 @@
return context.setStatus(False, result)
member = mtool.getAuthenticatedMember()
-mtool.setPassword(password, domains)
+mtool.setPassword(password, domains, REQUEST=context.REQUEST)
if member.getProperty('last_login_time') == DateTime('1999/01/01'):
member.setProperties(last_login_time='2000/01/01')
Modified: CMF/trunk/CMFDefault/skins/zpt_control/folder_localrole_edit.py
===================================================================
--- CMF/trunk/CMFDefault/skins/zpt_control/folder_localrole_edit.py 2007-06-28 17:25:27 UTC (rev 77182)
+++ CMF/trunk/CMFDefault/skins/zpt_control/folder_localrole_edit.py 2007-06-28 17:31:46 UTC (rev 77183)
@@ -9,10 +9,12 @@
if change_type == 'add':
mtool.setLocalRoles(obj=context,
member_ids=context.REQUEST.get('member_ids', ()),
- member_role=context.REQUEST.get('member_role', ''))
+ member_role=context.REQUEST.get('member_role', ''),
+ REQUEST=context.REQUEST)
else:
mtool.deleteLocalRoles(obj=context,
- member_ids=context.REQUEST.get('member_ids', ()))
+ member_ids=context.REQUEST.get('member_ids', ()),
+ REQUEST=context.REQUEST)
context.setStatus(True, _(u'Local Roles changed.'))
context.setRedirect(context, 'object/localroles')
Modified: CMF/trunk/CMFDefault/skins/zpt_control/members_add_control.py
===================================================================
--- CMF/trunk/CMFDefault/skins/zpt_control/members_add_control.py 2007-06-28 17:25:27 UTC (rev 77182)
+++ CMF/trunk/CMFDefault/skins/zpt_control/members_add_control.py 2007-06-28 17:31:46 UTC (rev 77183)
@@ -12,7 +12,8 @@
try:
rtool.addMember( id=member_id, password=password,
properties={'username': member_id,
- 'email': member_email} )
+ 'email': member_email},
+ REQUEST=context.REQUEST)
except ValueError, errmsg:
return context.setStatus(False, errmsg)
else:
Modified: CMF/trunk/CMFDefault/skins/zpt_control/members_delete_control.py
===================================================================
--- CMF/trunk/CMFDefault/skins/zpt_control/members_delete_control.py 2007-06-28 17:25:27 UTC (rev 77182)
+++ CMF/trunk/CMFDefault/skins/zpt_control/members_delete_control.py 2007-06-28 17:31:46 UTC (rev 77183)
@@ -6,7 +6,7 @@
mtool = getToolByInterfaceName('Products.CMFCore.interfaces.IMembershipTool')
-mtool.deleteMembers(ids)
+mtool.deleteMembers(ids, REQUEST=context.REQUEST)
if len(ids) == 1:
return context.setStatus(True, _(u'Selected member deleted.'))
Modified: CMF/trunk/DCWorkflow/States.py
===================================================================
--- CMF/trunk/DCWorkflow/States.py 2007-06-28 17:25:27 UTC (rev 77182)
+++ CMF/trunk/DCWorkflow/States.py 2007-06-28 17:31:46 UTC (rev 77183)
@@ -16,6 +16,7 @@
"""
from AccessControl import ClassSecurityInfo
+from AccessControl.requestmethod import postonly
from Acquisition import aq_inner
from Acquisition import aq_parent
from Globals import DTMLFile
@@ -196,6 +197,7 @@
manage_tabs_message=manage_tabs_message,
)
+ @postonly
def setPermissions(self, REQUEST):
"""Set the permissions in REQUEST for this State."""
pr = self.permission_roles
@@ -214,7 +216,8 @@
pr[p] = roles
return self.manage_permissions(REQUEST, 'Permissions changed.')
- def setPermission(self, permission, acquired, roles):
+ @postonly
+ def setPermission(self, permission, acquired, roles, REQUEST=None):
"""Set a permission for this State."""
pr = self.permission_roles
if pr is None:
@@ -227,6 +230,7 @@
manage_groups = PageTemplateFile('state_groups.pt', _dtmldir)
+ @postonly
def setGroups(self, REQUEST, RESPONSE=None):
"""Set the group to role mappings in REQUEST for this State.
"""
Modified: CMF/trunk/DCWorkflow/WorkflowUIMixin.py
===================================================================
--- CMF/trunk/DCWorkflow/WorkflowUIMixin.py 2007-06-28 17:25:27 UTC (rev 77182)
+++ CMF/trunk/DCWorkflow/WorkflowUIMixin.py 2007-06-28 17:31:46 UTC (rev 77183)
@@ -20,6 +20,7 @@
from Globals import DTMLFile
from Globals import InitializeClass
from AccessControl import ClassSecurityInfo
+from AccessControl.requestmethod import postonly
from Acquisition import aq_get
from Products.PageTemplates.PageTemplateFile import PageTemplateFile
@@ -53,6 +54,7 @@
manage_groups = PageTemplateFile('workflow_groups.pt', _dtmldir)
security.declareProtected(ManagePortal, 'setProperties')
+ @postonly
def setProperties(self, title, manager_bypass=0, props=None,
REQUEST=None, description=''):
"""Sets basic properties.
@@ -81,6 +83,7 @@
)
security.declareProtected(ManagePortal, 'addManagedPermission')
+ @postonly
def addManagedPermission(self, p, REQUEST=None):
"""Adds to the list of permissions to manage.
"""
@@ -94,6 +97,7 @@
REQUEST, manage_tabs_message='Permission added.')
security.declareProtected(ManagePortal, 'delManagedPermissions')
+ @postonly
def delManagedPermissions(self, ps, REQUEST=None):
"""Removes from the list of permissions to manage.
"""
@@ -134,7 +138,8 @@
return [g['id'] for g in groups]
security.declareProtected(ManagePortal, 'addGroup')
- def addGroup(self, group, RESPONSE=None):
+ @postonly
+ def addGroup(self, group, RESPONSE=None, REQUEST=None):
"""Adds a group by name.
"""
if group not in self.getAvailableGroups():
@@ -146,7 +151,8 @@
% self.absolute_url())
security.declareProtected(ManagePortal, 'delGroups')
- def delGroups(self, groups, RESPONSE=None):
+ @postonly
+ def delGroups(self, groups, RESPONSE=None, REQUEST=None):
"""Removes groups by name.
"""
self.groups = tuple([g for g in self.groups if g not in groups])
@@ -181,7 +187,8 @@
return self.valid_roles()
security.declareProtected(ManagePortal, 'setRoles')
- def setRoles(self, roles, RESPONSE=None):
+ @postonly
+ def setRoles(self, roles, RESPONSE=None, REQUEST=None):
"""Changes the list of roles mapped to groups by this workflow.
"""
avail = self.getAvailableRoles()
More information about the CMF-checkins
mailing list