[Zope-Checkins] CVS: Zope/lib/python/OFS - CopySupport.py:1.79
Chris McDonough
chrism@zope.com
Tue, 11 Jun 2002 14:34:22 -0400
Update of /cvs-repository/Zope/lib/python/OFS
In directory cvs.zope.org:/tmp/cvs-serv25035
Modified Files:
CopySupport.py
Log Message:
Added Copy or Move permission in the course of attempting to resolve
Collector #376.
As a result of this checkin:
- a new permission 'Copy or Move' will be registered for all classes
that inherit from OFS.CopySupport.CopySource. This includes
almost all Zope objects, as SimpleItem inherits from CopySource.
- the new permission will be granted to the Anonymous and Manager
roles by default.
- Site managers may choose to disallow copying of objects by
revoking the Copy or Move permission respective to a role in
a place or globally.
Notes:
The methods cb_isCopyable and cb_isMoveable are coopted for this
duty, although access control was never in their job description
prior to this patch.
=== Zope/lib/python/OFS/CopySupport.py 1.78 => 1.79 ===
from Acquisition import aq_base, aq_inner, aq_parent
from zExceptions import Unauthorized
+from AccessControl import getSecurityManager
CopyError='Copy Error'
@@ -309,8 +310,8 @@
if not hasattr(object, 'meta_type'):
raise CopyError, MessageDialog(
title='Not Supported',
- message='The object <EM>%s</EM> does not support this ' \
- 'operation' % absattr(object.id),
+ message='The object <EM>%s</EM> does not support this' \
+ ' operation' % absattr(object.id),
action='manage_main')
mt=object.meta_type
if not hasattr(self, 'all_meta_types'):
@@ -369,15 +370,21 @@
raise CopyError, MessageDialog(
title='Not Supported',
message='The object <EM>%s</EM> does not support this ' \
- 'operation' % absattr(object.id),
+ 'operation.' % absattr(object.id),
action='manage_main')
Globals.default__class_init__(CopyContainer)
-class CopySource:
+class CopySource(ExtensionClass.Base):
"""Interface for objects which allow themselves to be copied."""
+
+ # declare a dummy permission for Copy or Move here that we check
+ # in cb_isCopyable.
+ __ac_permissions__=(
+ ('Copy or Move', (), ('Anonymous', 'Manager',)),
+ )
def _canCopy(self, op=0):
"""Called to make sure this object is copyable. The op var
@@ -414,6 +421,8 @@
return 0
if hasattr(self, '_p_jar') and self._p_jar is None:
return 0
+ if not self.cb_userHasCopyOrMovePermission():
+ return 0
return 1
def cb_isMoveable(self):
@@ -426,8 +435,15 @@
except: n=()
if absattr(self.id) in n:
return 0
+ if not self.cb_userHasCopyOrMovePermission():
+ return 0
return 1
+ def cb_userHasCopyOrMovePermission(self):
+ if getSecurityManager().checkPermission('Copy or Move', self):
+ return 1
+
+Globals.default__class_init__(CopySource)
def sanity_check(c, ob):
@@ -516,7 +532,15 @@
eNotSupported=fMessageDialog(
title='Not Supported',
- message='The item <EM>%s</EM> does not support this operation.',
+ message=(
+ 'The action against the <em>%s</em> object could not be carried '
+ 'out. '
+ 'One of the following constraints caused the problem: <br><br>'
+ 'The object does not support this operation.'
+ '<br><br>-- OR --<br><br>'
+ 'The currently logged-in user does not have the <b>Copy or '
+ 'Move</b> permission respective to the object.'
+ ),
action ='manage_main',)
eNoItemsSpecified=MessageDialog(