[Zope-Checkins] CVS: Packages/OFS - Traversable.py:1.9
Evan Simpson
evan@zope.com
Wed, 29 Aug 2001 17:02:57 -0400
Update of /cvs-repository/Packages/OFS
In directory cvs.zope.org:/tmp/cvs-serv9607
Modified Files:
Traversable.py
Log Message:
Merge bug fix from Zope-2_4-branch
=== Packages/OFS/Traversable.py 1.8 => 1.9 ===
-import Acquisition
+from Acquisition import Acquired, aq_inner, aq_parent, aq_base
from AccessControl import getSecurityManager
from string import split, join
from urllib import quote
@@ -118,8 +118,8 @@
return join(path, '/')
return join([req['SERVER_URL']] + req._script + path, '/')
- getPhysicalRoot=Acquisition.Acquired
getPhysicalRoot__roles__=() # Private
+ getPhysicalRoot=Acquired
getPhysicalPath__roles__=None # Public
def getPhysicalPath(self):
@@ -130,9 +130,9 @@
'''
path = (self.getId(),)
- p = getattr(self,'aq_inner', None)
+ p = aq_parent(aq_inner(self)
if p is not None:
- path = p.aq_parent.getPhysicalPath() + path
+ path = p.getPhysicalPath() + path
return path
@@ -157,7 +157,7 @@
path.pop(0)
if restricted: securityManager=getSecurityManager()
- else: securityManager=None
+ else: securityManager=N
if not path[-1]:
# If the path starts with an empty string, go to the root first.
@@ -187,32 +187,37 @@
t=get(object, '__bobo_traverse__', N)
if t is not N:
o=t(REQUEST, name)
-
- # Note we pass no container, because we have no
- # way of knowing what it is
- if (restricted and not securityManager.validate(
- object, None, name, o)):
- raise 'Unauthorized', name
+
+ if restricted:
+ container = N
+ if has(o, 'im_self'):
+ container = o.im_self
+ elif (has(get(object, 'aq_base', object), name)
+ and get(object, name) == o):
+ container = object
+ if (not securityManager.validate(object,
+ container, name, o)):
+ raise 'Unauthorized', name
else:
o=get(object, name, M)
if o is not M:
if restricted:
# waaaa
- if hasattr(get(object,'aq_base',object), name):
+ if hasattr(aq_base(object), name):
# value wasn't acquired
if not securityManager.validate(
object, object, name, o):
raise 'Unauthorized', name
else:
if not securityManager.validate(
- object, None, name, o):
+ object, N, name, o):
raise 'Unauthorized', name
else:
o=object[name]
if (restricted and not securityManager.validate(
- object, object, None, o)):
+ object, object, N, o)):
raise 'Unauthorized', name
object=o