[Zope-Checkins] CVS: Zope/lib/python/AccessControl -
cAccessControl.c:1.20.2.4
Brian Lloyd
brian at zope.com
Wed Jan 14 13:51:32 EST 2004
Update of /cvs-repository/Zope/lib/python/AccessControl
In directory cvs.zope.org:/tmp/cvs-serv29202
Modified Files:
Tag: Zope-2_7-branch
cAccessControl.c
Log Message:
merge fixes
=== Zope/lib/python/AccessControl/cAccessControl.c 1.20.2.3 => 1.20.2.4 ===
--- Zope/lib/python/AccessControl/cAccessControl.c:1.20.2.3 Thu Jan 8 18:33:43 2004
+++ Zope/lib/python/AccessControl/cAccessControl.c Wed Jan 14 13:51:31 2004
@@ -1078,17 +1078,17 @@
**| # access
**| raise Unauthorized(name, value)
**|
- **| for r in proxy_roles:
+ **| for r in proxy_roles:
**| if r in roles: return 1
**|
- **| # proxy roles actually limit access!
- **| raise Unauthorized, ('You are not authorized to access'
- **| '<em>%s</em>.' % cleanupName(name, value))
+ **| raise Unauthorized, ('You are not authorized to access'
+ **| '<em>%s</em>.' % cleanupName(name, value))
*/
proxy_roles = PyObject_GetAttr(eo, _proxy_roles_str);
- Py_DECREF(eo);
+
if (proxy_roles == NULL)
{
+ Py_DECREF(eo);
PyErr_Clear();
}
else if (PyObject_IsTrue(proxy_roles))
@@ -1098,25 +1098,43 @@
method = PyObject_GetAttr(eo, getOwner_str);
if (method == NULL) {
+ Py_DECREF(eo);
+ Py_DECREF(proxy_roles);
goto err;
}
owner = PyObject_CallObject(method, NULL);
Py_DECREF(method);
-
if (owner == NULL) {
+ Py_DECREF(eo);
+ Py_DECREF(proxy_roles);
goto err;
}
-
if (PyObject_IsTrue(owner)) {
if (!PyObject_HasAttr(owner, aq_parent_str)) {
item = PyInt_FromLong(1);
+ if (item == NULL) {
+ Py_DECREF(eo);
+ Py_DECREF(proxy_roles);
+ Py_DECREF(owner);
+ goto err;
+ }
+
tmp = callmethod1(eo, getOwner_str, item);
- Py_XDECREF(item);
+ Py_DECREF(item);
+ if (tmp == NULL) (
+ Py_DECREF(eo);
+ Py_DECREF(proxy_roles);
+ Py_DECREF(owner);
+ goto err;
+ }
+
udb = PySequence_GetItem(tmp, 0);
Py_XDECREF(tmp);
if (udb == NULL) {
+ Py_DECREF(eo);
+ Py_DECREF(proxy_roles);
Py_DECREF(owner);
goto err;
}
@@ -1124,44 +1142,65 @@
method = PyObject_GetAttr(container,
getPhysicalRoot_str);
if (method == NULL) {
+ Py_DECREF(eo);
+ Py_DECREF(proxy_roles);
Py_DECREF(owner);
Py_DECREF(udb);
+ goto err;
}
+
root = PyObject_CallObject(method, NULL);
Py_DECREF(method);
-
+ if (root == NULL) {
+ Py_DECREF(eo);
+ Py_DECREF(proxy_roles);
+ Py_DECREF(owner);
+ Py_DECREF(udb);
+ goto err;
+ }
+
ASSIGN(udb, callmethod1(root, unrestrictedTraverse_str,
udb));
+ Py_DECREF(root);
if (udb == NULL) {
+ Py_DECREF(eo);
+ Py_DECREF(proxy_roles);
Py_DECREF(owner);
- Py_DECREF(udb);
+ goto err;
}
ASSIGN(owner, callmethod1(owner, __of__, udb));
Py_DECREF(udb);
-
+ if (owner == NULL) {
+ Py_DECREF(eo);
+ Py_DECREF(proxy_roles);
+ goto err;
+ }
}
}
+ Py_DECREF(eo);
if (owner != Py_None) {
- PyObject *tmp = callmethod1(owner,
- _check_context_str,
- container
- );
+ tmp = callmethod1(owner,_check_context_str,
+ container
+ );
if (tmp == NULL) {
+ Py_DECREF(proxy_roles);
Py_DECREF(owner);
goto err;
}
if (!PyObject_IsTrue(tmp)) {
+ Py_DECREF(proxy_roles);
Py_DECREF(owner);
Py_DECREF(tmp);
unauthErr(name, value);
goto err;
}
Py_DECREF(owner);
+ Py_DECREF(tmp);
}
/* ------------------------------------------- */
@@ -1199,9 +1238,9 @@
Py_DECREF(proxy_roles);
if (contains > 0)
- rval = PyInt_FromLong(1);
+ rval = PyInt_FromLong(contains);
else if (contains == 0) {
- unauthErr(name, value);
+ unauthErr(name, value);
}
goto err;
}
More information about the Zope-Checkins
mailing list