[Erp5-report] r36532 ivan - /erp5/trunk/products/ERP5OOo/Document/OOoDocument.py

nobody at svn.erp5.org nobody at svn.erp5.org
Wed Jun 23 12:14:27 CEST 2010 

Author: ivan
Date: Wed Jun 23 12:14:25 2010
New Revision: 36532

URL: http://svn.erp5.org?rev=36532&view=rev
Log:
Use force user identification for all OOo documents extensible subcontent.

Modified:
    erp5/trunk/products/ERP5OOo/Document/OOoDocument.py

Modified: erp5/trunk/products/ERP5OOo/Document/OOoDocument.py
URL: http://svn.erp5.org/erp5/trunk/products/ERP5OOo/Document/OOoDocument.py?rev=36532&r1=36531&r2=36532&view=diff
==============================================================================
--- erp5/trunk/products/ERP5OOo/Document/OOoDocument.py [utf8] (original)
+++ erp5/trunk/products/ERP5OOo/Document/OOoDocument.py [utf8] Wed Jun 23 12:14:25 2010
@@ -47,6 +47,7 @@ from Products.ERP5Type.Cache import Cach
 from Products.ERP5.Document.File import File
 from Products.ERP5.Document.Document import Document, PermanentURLMixIn,\
 VALID_IMAGE_FORMAT_LIST, ConversionError, NotConvertedError
+from AccessControl.SecurityManagement import setSecurityManager
 from zLOG import LOG, ERROR
 
 # Mixin Import
@@ -471,15 +472,20 @@ class OOoDocument(PermanentURLMixIn, Bas
   def _getExtensibleContent(self, request, name):
     # Be sure that html conversion is done,
     # as it is required to extract extensible content
+    old_manager, user = self._forceIdentification(request)
+    web_cache_kw = {'name': name,
+                    'format': EMBEDDED_FORMAT}
     try:
       self._convert(format='html')
-      web_cache_kw = {'name': name,
-                      'format': EMBEDDED_FORMAT}
       _setCacheHeaders(_ViewEmulator().__of__(self), web_cache_kw)
       mime, data = self.getConversion(format=EMBEDDED_FORMAT, file_name=name)
-      return OFSFile(name, name, data, content_type=mime).__of__(self.aq_parent)
+      document = OFSFile(name, name, data, content_type=mime).__of__(self.aq_parent)
     except (NotConvertedError, ConversionError, KeyError):
-      return PermanentURLMixIn._getExtensibleContent(self, request, name)
+      document = PermanentURLMixIn._getExtensibleContent(self, request, name)
+    # restore original security context if there's a logged in user
+    if user is not None:
+      setSecurityManager(old_manager)
+    return document
 
   security.declarePrivate('_convertToBaseFormat')
   def _convertToBaseFormat(self):

More information about the Erp5-report mailing list