[Zope-Checkins] CVS: Zope2 - TreeTag.py:1.45.50.2

shane@digicool.com shane@digicool.com
Thu, 26 Apr 2001 18:25:12 -0400 (EDT)


Update of /cvs-repository/Zope2/lib/python/TreeDisplay
In directory korak:/tmp/cvs-serv10837/lib/python/TreeDisplay

Modified Files:
      Tag: RestrictedPythonBranch
	TreeTag.py 
Log Message:
Modified the way DTML namespaces implement security: now there is an
attribute of TemplateDicts called read_guard which implements the
"read guard" interface as defined by RestrictedPython.



--- Updated File TreeTag.py in package Zope2 --
--- TreeTag.py	2001/04/25 20:26:38	1.45.50.1
+++ TreeTag.py	2001/04/26 22:25:11	1.45.50.2
@@ -209,11 +209,11 @@
             have_arg=args.has_key
             if have_arg('branches'):
                 def get_items(node, branches=args['branches'], md=md):
-                    validate=md.validate
-                    if validate is None or not hasattr(node, 'aq_acquire'):
-                        items=getattr(node, branches)
+                    read_guard = md.read_guard
+                    if read_guard is None:
+                        items = getattr(node, branches)
                     else:
-                        items=node.aq_acquire(branches, validate, md)
+                        items = getattr(read_guard(node), branches)
                     return items()
             elif have_arg('branches_expr'):
                 def get_items(node, branches_expr=args['branches_expr'], md=md):
@@ -302,13 +302,14 @@
                 break
         if not exp: items=1
 
+    read_guard = md.read_guard
+
     if items is None:
-        validate=md.validate
         if have_arg('branches') and hasattr(self, args['branches']):
-            if validate is None or not hasattr(self, 'aq_acquire'):
-                items=getattr(self, args['branches'])
+            if read_guard is None:
+                items = getattr(self, args['branches'])
             else:
-                items=self.aq_acquire(args['branches'],validate,md)
+                items = getattr(read_guard(self), args['branches'])
             items=items()
         elif have_arg('branches_expr'):
             items=args['branches_expr'](md)
@@ -317,20 +318,19 @@
 
     if items and items != 1:
 
-        if validate is not None:
+        if read_guard is not None:
             unauth=[]
-            index=0
-            for i in items:
-                try: v=validate(items,items,None,i,md)
-                except: v=0
-                if not v: unauth.append(index)
-                index=index+1
-
+            guarded_items = read_guard(items)
+            for index in range(len(items)):
+                try:
+                    guarded_items[index]
+                except ValidationError:
+                    unauth.append(index)
             if unauth:
                 if have_arg('skip_unauthorized') and args['skip_unauthorized']:
                     items=list(items)
                     unauth.reverse()
-                    for i in unauth: del items[i]
+                    for index in unauth: del items[index]
                 else:
                     raise ValidationError, unauth