[Zope-CVS] CVS: Products/QueueCatalog - QueueCatalog.py:1.5
Shane Hathaway
shane@cvs.zope.org
Thu, 26 Sep 2002 14:02:26 -0400
Update of /cvs-repository/Products/QueueCatalog
In directory cvs.zope.org:/tmp/cvs-serv18692
Modified Files:
QueueCatalog.py
Log Message:
Revisited the handling of security in QueueCatalog. catalog_object and
uncatalog_object were public, checking security by checking access to the
corresponding methods of the catalog, but this strategy only works if
the security context is complete, and most of the time in Zope the security
context is not complete (it does not explicitly specify that filesystem
code is unrestricted).
Instead, (un)catalog_object has a simple permission declaration and we should
no longer check access to methods in getZCatalog since the calling code
already checks access if necessary.
=== Products/QueueCatalog/QueueCatalog.py 1.4 => 1.5 ===
--- Products/QueueCatalog/QueueCatalog.py:1.4 Fri Sep 6 12:20:49 2002
+++ Products/QueueCatalog/QueueCatalog.py Thu Sep 26 14:02:26 2002
@@ -20,6 +20,7 @@
from OFS.SimpleItem import SimpleItem
from AccessControl.SecurityManagement import getSecurityManager
from AccessControl.SecurityInfo import ClassSecurityInformation
+from AccessControl.Permissions import manage_zcatalog_entries
from OFS.SimpleItem import SimpleItem
from BTrees.OOBTree import OOBTree
from time import time
@@ -27,7 +28,7 @@
from CatalogEventQueue import ADDED, CHANGED, CHANGED_ADDED, REMOVED
from Products.PageTemplates.PageTemplateFile import PageTemplateFile
from Globals import DTMLFile
-from Acquisition import Implicit, aq_inner, aq_parent
+from Acquisition import Implicit, aq_base, aq_inner, aq_parent
StringType = type('')
@@ -128,7 +129,7 @@
def getZCatalog(self, method=''):
ZC = None
- REQUEST = self.REQUEST
+ REQUEST = getattr(self, 'REQUEST', None)
cache = self._v_catalog_cache
if cache is not None:
# The cached catalog may be wrapped with an earlier
@@ -155,20 +156,21 @@
raise QueueConfigurationError(
"The object at %s does not implement the "
"IZCatalog interface." % self._location
- )
- self._v_catalog_cache = (ZC, REQUEST)
+ )
- security_manager = getSecurityManager()
+ security_manager = getSecurityManager()
+ if not security_manager.validateValue(ZC):
+ raise Unauthorized(self._location, ZC)
- if not security_manager.validateValue(ZC):
- raise Unauthorized(self._location, ZC)
+ ZC = aq_base(ZC).__of__(parent)
+ self._v_catalog_cache = (ZC, REQUEST)
if method:
if not _is_zcatalog_method(method):
raise AttributeError(method)
m = getattr(ZC, method)
- if not security_manager.validateValue(m):
- raise Unauthorized(name=method)
+ # Note that permission to access the method may be checked
+ # later on. This isn't the right place to check permission.
return m
else:
return ZC
@@ -324,8 +326,10 @@
# Disallow access to subobjects with no security assertions.
security.setDefaultAccess('deny')
- security.declarePublic('catalog_object', 'uncatalog_object',
- 'manage_process', 'getTitle', 'title_or_id')
+ security.declarePublic('manage_process', 'getTitle', 'title_or_id')
+
+ security.declareProtected(manage_zcatalog_entries,
+ 'catalog_object', 'uncatalog_object')
security.declareProtected(
'View management screens',