[Erp5-report] r18494 - /erp5/trunk/products/ERP5Type/UnrestrictedMethod.py
nobody at svn.erp5.org
nobody at svn.erp5.org
Mon Dec 24 16:14:04 CET 2007
Author: yo
Date: Mon Dec 24 16:14:04 2007
New Revision: 18494
URL: http://svn.erp5.org?rev=18494&view=rev
Log:
Initial import.
Added:
erp5/trunk/products/ERP5Type/UnrestrictedMethod.py
Added: erp5/trunk/products/ERP5Type/UnrestrictedMethod.py
URL: http://svn.erp5.org/erp5/trunk/products/ERP5Type/UnrestrictedMethod.py?rev=18494&view=auto
==============================================================================
--- erp5/trunk/products/ERP5Type/UnrestrictedMethod.py (added)
+++ erp5/trunk/products/ERP5Type/UnrestrictedMethod.py Mon Dec 24 16:14:04 2007
@@ -1,0 +1,86 @@
+##############################################################################
+#
+# Copyright (c) 2007 Nexedi SA and Contributors. All Rights Reserved.
+# Yoshinori Okuji <yo at nexedi.com>
+#
+# WARNING: This program as such is intended to be used by professional
+# programmers who take the whole responsability of assessing all potential
+# consequences resulting from its eventual inadequacies and bugs
+# End users who are looking for a ready-to-use solution with commercial
+# garantees and support are strongly adviced to contract a Free Software
+# Service Company
+#
+# This program is Free Software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+#
+##############################################################################
+
+from AccessControl.User import UnrestrictedUser
+from AccessControl.SecurityManagement import getSecurityManager, \
+ newSecurityManager, setSecurityManager
+
+class PrivilegedUser(UnrestrictedUser):
+ """User that bypasses all security checks, but retains an original
+ identity.
+
+ This is used to execute some system activities which should not be
+ affected by any given user. UnrestrictedUser is not used as it is,
+ because the owner must be still provided, so that new objects will
+ be owned by the same user (of course, without privileged rights).
+ """
+ def getId(self):
+ """Get the ID of the user. This is disabled in UnrestrictedUser."""
+ return self.getUserName()
+
+class UnrestrictedMethod(object):
+ """Callable object that bypasses all security checks.
+
+ This method is dangerous. Never use this, until you are 100% certain
+ that you have no other way.
+
+ When a method is wrapped with an instance of this class, it will behave
+ in the same way as before, besides that all security checks pass through.
+ This is required, for example, for the simulation to expand movements,
+ regardless of the permissions given to a user.
+
+ This method is dangerous. Note that not only a method directly wrapped,
+ but also methods invoked subsequently within that method, bypass all
+ the security checks. If the user can inject something, for example,
+ by passing an arbitrary parameter, this will be a serious security hole.
+
+ This method is dangerous. Enough said. Be careful.
+ """
+ def __init__(self, method):
+ self._m = method
+
+ def __call__(self, *args, **kw):
+ security_manager = getSecurityManager()
+ user = security_manager.getUser()
+ uf = user.aq_inner.aq_parent
+ # XXX is it better to get roles from the parent (i.e. portal)?
+ role_list = uf.valid_roles()
+ if user.getId() is None:
+ # This is a special user, thus the user is not allowed to own objects.
+ super_user = UnrestrictedUser(user.getUserName(), None,
+ role_list, user.getDomains())
+ else:
+ super_user = PrivilegedUser(user.getId(), None,
+ role_list, user.getDomains())
+ newSecurityManager(None, super_user.__of__(uf))
+ try:
+ return self._m(*args, **kw)
+ finally:
+ # Make sure that the original user is back.
+ setSecurityManager(security_manager)
+
More information about the Erp5-report
mailing list