[Erp5-report] r38533 kazuhiko - /erp5/trunk/products/ERP5/mixin/extensible_traversable.py
nobody at svn.erp5.org
nobody at svn.erp5.org
Tue Sep 21 18:07:25 CEST 2010
Author: kazuhiko
Date: Tue Sep 21 18:07:25 2010
New Revision: 38533
URL: http://svn.erp5.org?rev=38533&view=rev
Log:
use portal_membership._huntUser() instead of calling portal.acl_users.validate directly, that does not work for root level zope users.
Modified:
erp5/trunk/products/ERP5/mixin/extensible_traversable.py
Modified: erp5/trunk/products/ERP5/mixin/extensible_traversable.py
URL: http://svn.erp5.org/erp5/trunk/products/ERP5/mixin/extensible_traversable.py?rev=38533&r1=38532&r2=38533&view=diff
==============================================================================
--- erp5/trunk/products/ERP5/mixin/extensible_traversable.py [utf8] (original)
+++ erp5/trunk/products/ERP5/mixin/extensible_traversable.py [utf8] Tue Sep 21 18:07:25 2010
@@ -40,6 +40,7 @@ from Products.CMFCore.utils import getTo
from OFS.Image import File as OFSFile
from warnings import warn
import sys
+from base64 import decodestring
from Products.ERP5Type.UnrestrictedMethod import unrestricted_apply
@@ -84,8 +85,9 @@ class BaseExtensibleTraversableMixin(Ext
if user is _MARKER:
user = None # By default, do nothing
if old_user is None or old_user.getUserName() == 'Anonymous User':
- user_folder = getattr(self.getPortalObject(), 'acl_users', None)
- if user_folder is not None:
+ portal_membership = getToolByName(self.getPortalObject(),
+ 'portal_membership')
+ if portal_membership is not None:
try:
if request.get('PUBLISHED', _MARKER) is _MARKER:
# request['PUBLISHED'] is required by validate
@@ -94,7 +96,14 @@ class BaseExtensibleTraversableMixin(Ext
else:
has_published = True
try:
- user = user_folder.validate(request)
+ auth = request._auth
+ # this logic is copied from identify() in
+ # AccessControl.User.BasicUserFolder.
+ if auth and auth.lower().startswith('basic '):
+ name = decodestring(auth.split(' ')[-1]).split(':', 1)[0]
+ user = portal_membership._huntUser(name, self)
+ else:
+ user = None
except AttributeError:
# This kind of error happens with unrestrictedTraverse,
# because the request object is a fake, and it is just
@@ -206,4 +215,4 @@ class OOoDocumentExtensibleTraversableMi
if user is not None:
setSecurityManager(old_manager)
return document
-
\ No newline at end of file
+
More information about the Erp5-report
mailing list