[Zope-Checkins]
SVN: Zope/branches/philikon-aq/lib/python/AccessControl/
Use new module level aq_inContextOf method,
so this works for non-wrappers as well. Still needs to be made aware
of __parent__ pointers
Hanno Schlichting
plone at hannosch.info
Sat Jul 28 06:33:33 EDT 2007
Log message for revision 78422:
Use new module level aq_inContextOf method, so this works for non-wrappers as well. Still needs to be made aware of __parent__ pointers
Changed:
U Zope/branches/philikon-aq/lib/python/AccessControl/ImplPython.py
U Zope/branches/philikon-aq/lib/python/AccessControl/User.py
-=-
Modified: Zope/branches/philikon-aq/lib/python/AccessControl/ImplPython.py
===================================================================
--- Zope/branches/philikon-aq/lib/python/AccessControl/ImplPython.py 2007-07-28 09:58:54 UTC (rev 78421)
+++ Zope/branches/philikon-aq/lib/python/AccessControl/ImplPython.py 2007-07-28 10:33:33 UTC (rev 78422)
@@ -20,6 +20,7 @@
from Acquisition import aq_base
from Acquisition import aq_parent
from Acquisition import aq_inner
+from Acquisition import aq_inContextOf
from Acquisition import aq_acquire
from ExtensionClass import Base
from zope.interface import implements
@@ -840,17 +841,10 @@
# This is a strange rule, though
# it doesn't cause any security holes. SDH
return 1
- if not hasattr(object, 'aq_inContextOf'):
- if hasattr(object, 'im_self'):
- # This is a method. Grab its self.
- object=object.im_self
- if not hasattr(object, 'aq_inContextOf'):
- # object is not wrapped, therefore we
- # can't determine context.
- # Fail the access attempt. Otherwise
- # this would be a security hole.
- return None
- if not object.aq_inContextOf(ucontext, 1):
+ if hasattr(object, 'im_self'):
+ # This is a method. Grab its self.
+ object=object.im_self
+ if not aq_inContextOf(object, ucontext, 1):
if 'Shared' in object_roles:
# Old role setting. Waaa
object_roles=user._shared_roles(object)
Modified: Zope/branches/philikon-aq/lib/python/AccessControl/User.py
===================================================================
--- Zope/branches/philikon-aq/lib/python/AccessControl/User.py 2007-07-28 09:58:54 UTC (rev 78421)
+++ Zope/branches/philikon-aq/lib/python/AccessControl/User.py 2007-07-28 10:33:33 UTC (rev 78422)
@@ -20,6 +20,7 @@
import socket
from base64 import decodestring
+from Acquisition import aq_inContextOf
from Acquisition import Implicit
from App.Management import Navigation, Tabs
from Globals import DTMLFile, MessageDialog, Persistent, PersistentMapping
@@ -165,14 +166,10 @@
if context is not None:
if object is None:
return 1
- if not hasattr(object, 'aq_inContextOf'):
- if hasattr(object, 'im_self'):
- # This is a method. Grab its self.
- object=object.im_self
- if not hasattr(object, 'aq_inContextOf'):
- # Object is not wrapped, so return false.
- return 0
- return object.aq_inContextOf(context, 1)
+ if hasattr(object, 'im_self'):
+ # This is a method. Grab its self.
+ object=object.im_self
+ return aq_inContextOf(object, context, 1)
# This is lame, but required to keep existing behavior.
return 1
More information about the Zope-Checkins
mailing list