[Erp5-report] r30329 - /erp5/trunk/products/ERP5Type/
nobody at svn.erp5.org
nobody at svn.erp5.org
Thu Nov 5 11:00:31 CET 2009
Author: jm
Date: Thu Nov 5 11:00:28 2009
New Revision: 30329
URL: http://svn.erp5.org?rev=30329&view=rev
Log:
Allow UnrestrictedMethod to be used as a decorator
Modified:
erp5/trunk/products/ERP5Type/Base.py
erp5/trunk/products/ERP5Type/ERP5Type.py
erp5/trunk/products/ERP5Type/UnrestrictedMethod.py
Modified: erp5/trunk/products/ERP5Type/Base.py
URL: http://svn.erp5.org/erp5/trunk/products/ERP5Type/Base.py?rev=30329&r1=30328&r2=30329&view=diff
==============================================================================
--- erp5/trunk/products/ERP5Type/Base.py [utf8] (original)
+++ erp5/trunk/products/ERP5Type/Base.py [utf8] Thu Nov 5 11:00:28 2009
@@ -79,7 +79,6 @@
from Products.ERP5Type.Accessor.Accessor import Accessor as Method
from Products.ERP5Type.Accessor.TypeDefinition import asDate
from Products.ERP5Type.Message import Message
-from Products.ERP5Type.UnrestrictedMethod import UnrestrictedMethod
from zope.interface import classImplementsOnly, implementedBy
Modified: erp5/trunk/products/ERP5Type/ERP5Type.py
URL: http://svn.erp5.org/erp5/trunk/products/ERP5Type/ERP5Type.py?rev=30329&r1=30328&r2=30329&view=diff
==============================================================================
--- erp5/trunk/products/ERP5Type/ERP5Type.py [utf8] (original)
+++ erp5/trunk/products/ERP5Type/ERP5Type.py [utf8] Thu Nov 5 11:00:28 2009
@@ -55,10 +55,8 @@
zope.interface.implements(interfaces.ILocalRoleAssignor)
security.declarePrivate('updateLocalRolesOnObject')
- def updateLocalRolesOnDocument(self, *args, **kw):
- return UnrestrictedMethod(self._updateLocalRolesOnDocument)(*args, **kw)
-
- def _updateLocalRolesOnDocument(self, ob, user_name=None, reindex=True):
+ @UnrestrictedMethod
+ def updateLocalRolesOnDocument(self, ob, user_name=None, reindex=True):
"""
Assign Local Roles to Groups on object 'ob', based on Portal Type Role
Definitions and "ERP5 Role Definition" objects contained inside 'ob'.
Modified: erp5/trunk/products/ERP5Type/UnrestrictedMethod.py
URL: http://svn.erp5.org/erp5/trunk/products/ERP5Type/UnrestrictedMethod.py?rev=30329&r1=30328&r2=30329&view=diff
==============================================================================
--- erp5/trunk/products/ERP5Type/UnrestrictedMethod.py [utf8] (original)
+++ erp5/trunk/products/ERP5Type/UnrestrictedMethod.py [utf8] Thu Nov 5 11:00:28 2009
@@ -48,13 +48,13 @@
"""Get the ID of the user. This is disabled in UnrestrictedUser."""
return self.getUserName()
-class UnrestrictedMethod(object):
- """Callable object that bypasses all security checks.
+def UnrestrictedMethod(function):
+ """Decorator to bypass all security checks.
This method is dangerous. Never use this, until you are 100% certain
that you have no other way.
- When a method is wrapped with an instance of this class, it will behave
+ When a function is wrapped with this decorator, it will behave
in the same way as before, besides that all security checks pass through.
This is required, for example, for the simulation to expand movements,
regardless of the permissions given to a user.
@@ -66,10 +66,9 @@
This method is dangerous. Enough said. Be careful.
"""
- def __init__(self, method):
- self._m = method
+ return lambda *args, **kw: _unrestricted_apply(function, args, kw)
- def __call__(self, *args, **kw):
+def _unrestricted_apply(function, args, kw):
security_manager = getSecurityManager()
user = security_manager.getUser()
anonymous = (user.getUserName() == 'Anonymous User')
@@ -94,8 +93,7 @@
role_list, user.getDomains()).__of__(uf)
newSecurityManager(None, super_user)
try:
- return self._m(*args, **kw)
+ return apply(function, args, kw)
finally:
# Make sure that the original user is back.
setSecurityManager(security_manager)
-
More information about the Erp5-report
mailing list