Ejemplo n.º 1
0

from AccessControl.SecurityInfo import allow_module
from AccessControl.SecurityInfo import ModuleSecurityInfo

allow_module('Products.ERP5Type.Cache')
ModuleSecurityInfo('Products.ERP5Type.Utils').declarePublic(
    'sortValueList',
    'convertToUpperCase',
    'UpperCase',
    'convertToMixedCase',
    'cartesianProduct',
    'sleep',
    'getCommonTimeZoneList',
    'int2letter',
    'getMessageIdWithContext',
    'getTranslationStringWithContext',
    'Email_parseAddressHeader',
    'guessEncodingFromText',
    'isValidTALESExpression',
    'ensure_list',
    'bytes2str',
    'str2bytes',
    'unicode2str',
)

allow_module('Products.ERP5Type.Message')
ModuleSecurityInfo('Products.ERP5Type.Message').declarePublic(
    'translateString')

allow_module('Products.ERP5Type.Error')
Ejemplo n.º 2
0
#
##############################################################################
""" Some common utilities.

$Id$
"""

import os

from AccessControl.Permission import Permission
from AccessControl.Role import gather_permissions
from AccessControl.SecurityInfo import ModuleSecurityInfo
from App.Common import package_home
from zope.i18nmessageid import MessageFactory

security = ModuleSecurityInfo('Products.DCWorkflow.utils')

_dtmldir = os.path.join(package_home(globals()), 'dtml')
_xmldir = os.path.join(package_home(globals()), 'xml')


def ac_inherited_permissions(ob, all=0):
    # Get all permissions not defined in ourself that are inherited
    # This will be a sequence of tuples with a name as the first item and
    # an empty tuple as the second.
    d = {}
    perms = getattr(ob, '__ac_permissions__', ())
    for p in perms:
        d[p[0]] = None
    r = gather_permissions(ob.__class__, [], d)
    if all:
Ejemplo n.º 3
0
from AccessControl.SecurityInfo import ClassSecurityInfo
from AccessControl.SecurityInfo import ModuleSecurityInfo
from AccessControl.SecurityInfo import ACCESS_PRIVATE
from AccessControl.SecurityInfo import ACCESS_PUBLIC
from AccessControl.SecurityInfo import ACCESS_NONE
from AccessControl.SecurityInfo import secureModule
from AccessControl.SecurityInfo import allow_module
from AccessControl.SecurityInfo import allow_class
from AccessControl.SimpleObjectPolicies import allow_type
from AccessControl.unauthorized import Unauthorized
from AccessControl.ZopeGuards import full_write_guard
from AccessControl.ZopeGuards import safe_builtins
from AccessControl.safe_formatter import safe_format


ModuleSecurityInfo('AccessControl').declarePublic('getSecurityManager')

# allow imports of utility_builtins

for name in ('string', 'math', 'random', 'sets'):
    ModuleSecurityInfo(name).setDefaultAccess('allow')

ModuleSecurityInfo('DateTime').declarePublic('DateTime')

# We want to allow all methods on string type except "format".
# That one needs special handling to avoid access to attributes.
# from Products.PageTemplates.safe_formatter import safe_format
rules = dict([(m, True) for m in dir(str) if not m.startswith('_')])
rules['format'] = safe_format
allow_type(str, rules)
# This software is subject to the provisions of the Zope Public License,
# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
"""Package of template utility classes and functions.
"""
from AccessControl.SecurityInfo import ModuleSecurityInfo

from .Tree import a2b  # NOQA: F401
from .Tree import b2a  # NOQA: F401
from .Tree import decodeExpansion  # NOQA: F401
from .Tree import encodeExpansion  # NOQA: F401
from .Zope import Batch  # NOQA: F401
from .Zope import LazyFilter  # NOQA: F401
from .Zope import SimpleTreeMaker  # NOQA: F401
from .Zope import TreeMaker  # NOQA: F401
from .Zope import make_hidden_input  # NOQA: F401
from .Zope import make_query  # NOQA: F401
from .Zope import url_query  # NOQA: F401

security = ModuleSecurityInfo('ZTUtils')

for name in ('encodeExpansion', 'decodeExpansion', 'a2b', 'b2a', 'Batch',
             'TreeMaker', 'SimpleTreeMaker', 'LazyFilter'
             'url_query', 'make_query', 'make_hidden_input'):
    security.declarePublic(name)  # NOQA: D001
Ejemplo n.º 5
0
from pkg_resources import DistributionNotFound
from pkg_resources import get_distribution
from zope import i18n  # disambiguation
from zope.component import getUtility
from zope.component import queryUtility
from zope.i18n.interfaces import IUserPreferredCharsets
from zope.i18nmessageid import MessageFactory
from zope.publisher.interfaces.browser import IBrowserRequest
from ZTUtils.Zope import complex_marshal

from Products.CMFCore.interfaces import IPropertiesTool
from Products.CMFDefault.exceptions import EmailAddressInvalid
from Products.CMFDefault.exceptions import IllegalHTML
from Products.CMFDefault.interfaces import IHTMLScrubber

security = ModuleSecurityInfo('Products.CMFDefault.utils')

try:
    get_distribution('Products.CMFCalendar')
except DistributionNotFound:
    PRODUCTS_CMFCALENDAR_INSTALLED = False
else:
    PRODUCTS_CMFCALENDAR_INSTALLED = True

try:
    get_distribution('Products.CMFUid')
except DistributionNotFound:
    PRODUCTS_CMFUID_INSTALLED = False
else:
    PRODUCTS_CMFUID_INSTALLED = True
Ejemplo n.º 6
0
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles

security = ModuleSecurityInfo('collective.favoriting')

security.declarePublic('AddToFavorites')
AddToFavorites = 'collective.favoriting: Add'
setDefaultRoles(AddToFavorites, ('Member', 'Manager'))
Ejemplo n.º 7
0
import Products

from .exceptions import AccessControl_Unauthorized
from .exceptions import NotFound
from .interfaces import ICachingPolicyManager

HAS_ZSERVER = True
try:
    dist = pkg_resources.get_distribution('ZServer')
except pkg_resources.DistributionNotFound:
    HAS_ZSERVER = False

SUBTEMPLATE = '__SUBTEMPLATE__'
ProductsPath = [abspath(ppath) for ppath in Products.__path__]
security = ModuleSecurityInfo('Products.CMFCore.utils')

_globals = globals()
_dtmldir = os_path.join(package_home(globals()), 'dtml')
_wwwdir = os_path.join(package_home(globals()), 'www')

#
#   Simple utility functions, callable from restricted code.
#
_marker = []  # Create a new marker object.

_tool_interface_registry = {}


@security.private
def registerToolInterface(tool_id, tool_interface):
Ejemplo n.º 8
0
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
################################################################################

# Imports.
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.ExternalMethod import ExternalMethod
from Products.PageTemplates import ZopePageTemplate
from Products.PythonScripts import PythonScript
import os
import re
# Product Imports.
from Products.zms import standard
from Products.zms import _fileutil

security = ModuleSecurityInfo('Products.zms.zopeutil')

class MissingArtefactProxy(object):
  def __init__(self, id, meta_type, data=None):
    self.id=id
    self.meta_type=meta_type
    self.data = data
  icon__roles__=None
  def zmi_icon(self):
    return 'fas fa-skull-crossbones text-danger'
  def zmi_icon(self):
    return icon_clazz(self)
  getId__roles__=None
  def getId(self):
    return self.id
  getData__roles__=None
Ejemplo n.º 9
0
# TODO: write a similar helper for 'nt' platform
GIT_ASKPASS = os.path.join(os.path.dirname(__file__), 'bin', 'git_askpass')

class GitInstallationError(EnvironmentError):
  """Raised when an installation is broken"""
  pass

class GitError(EnvironmentError):
  def __init__(self, err, out, returncode):
    EnvironmentError.__init__(self, err)
    self.stdout = out
    self.returncode = returncode

class GitLoginError(EnvironmentError):
  """Raised when an authentication is required"""
ModuleSecurityInfo(__name__).declarePublic('GitLoginError')

class Git(WorkingCopy):

  security = ClassSecurityInfo()

  reference = 'git'
  title = 'Git'

  _login_cookie_name = 'erp5_git_login'

  def _git(self, *args, **kw):
    kw.setdefault('cwd', self.working_copy)
    argv = ['git']
    try:
      return subprocess.Popen(argv + list(args), **kw)
Ejemplo n.º 10
0
from Products.CMFCore import permissions as CMFCorePermissions
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles

security = ModuleSecurityInfo("DiPP")

security.declarePublic("MANAGE_JOURNAL")
MANAGE_JOURNAL = "DiPP: Manage Journal"

security.declarePublic("VIEW_STATISTICS")
VIEW_STATISTICS = "DiPP: View Statistics"

setDefaultRoles(MANAGE_JOURNAL, ())
setDefaultRoles(VIEW_STATISTICS, ())

# Publishing Permission
ADD_CONTENTS_PERMISSION = "Fedora: Add Content"
setDefaultRoles(ADD_CONTENTS_PERMISSION, ('Manager', ))
VIEW_CONTENTS_PERMISSION = "Fedora: View Content"
setDefaultRoles(VIEW_CONTENTS_PERMISSION, ('Manager', ))
EDIT_CONTENTS_PERMISSION = "Fedora: Edit Content"
setDefaultRoles(EDIT_CONTENTS_PERMISSION, ('Manager', ))

# Review Permission
VIEW_ORIGINAL_MANUSCRIPT_PERMISSION = "DiPPReview: View the original manuscript"
VIEW_ANONYM_MANUSCRIPT_PERMISSION = "DiPPReview: View the anonymized manuscript"
ADD_ANONYM_MANUSCRIPT_PERMISSION = "DiPPReview: Add the anonymized manuscript"
VIEW_AUTHOR_REVIEW_PERMISSION = "DiPPReview: View the reviewers report for the author"
VIEW_EDITOR_REVIEW_PERMISSION = "DiPPReview: View the reviewers report for the editor"
VIEW_ORIGINAL_ATTACHMENT_PERMISSION = "DiPPReview: View the original attachment"
VIEW_ANONYM_ATTACHMENT_PERMISSION = "DiPPReview: View the anonymized attachment"
Ejemplo n.º 11
0
from DocumentTemplate.DT_Var import whole_dollars    # NOQA
from DocumentTemplate.DT_Var import dollars_and_cents    # NOQA
from DocumentTemplate.DT_Var import structured_text    # NOQA
from DocumentTemplate.DT_Var import sql_quote    # NOQA
from DocumentTemplate.DT_Var import html_quote    # NOQA
from DocumentTemplate.DT_Var import url_quote    # NOQA
from DocumentTemplate.DT_Var import url_quote_plus    # NOQA
from DocumentTemplate.DT_Var import newline_to_br    # NOQA
from DocumentTemplate.DT_Var import thousands_commas    # NOQA
from DocumentTemplate.DT_Var import url_unquote    # NOQA
from DocumentTemplate.DT_Var import url_unquote_plus    # NOQA
from DocumentTemplate.DT_Var import restructured_text    # NOQA
from DocumentTemplate.security import RestrictedDTML
from ZPublisher.HTTPRequest import record

security = ModuleSecurityInfo('Products.PythonScripts.standard')

security.declarePublic(
    'special_formats',
    'whole_dollars',
    'dollars_and_cents',
    'structured_text',
    'restructured_text',
    'sql_quote',
    'html_quote',
    'url_quote',
    'url_quote_plus',
    'newline_to_br',
    'thousands_commas',
    'url_unquote',
    'url_unquote_plus',
Ejemplo n.º 12
0
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
""" GenericSetup product initialization.
"""

from AccessControl.SecurityInfo import ModuleSecurityInfo

from Products.GenericSetup.interfaces import BASE
from Products.GenericSetup.interfaces import EXTENSION
from Products.GenericSetup.permissions import ManagePortal
from Products.GenericSetup.registry import _profile_registry \
    as profile_registry

security = ModuleSecurityInfo('Products.GenericSetup')
security.declareProtected(ManagePortal, 'profile_registry')


def initialize(context):

    import tool

    context.registerClass(
        tool.SetupTool,
        constructors=(  #tool.addSetupToolForm,
            tool.addSetupTool, ),
        permissions=(ManagePortal, ),
        interfaces=None,
        icon='www/tool.png',
    )
Ejemplo n.º 13
0
# -*- coding: utf-8 -*-
from AccessControl.Permission import addPermission
from AccessControl.SecurityInfo import ModuleSecurityInfo

security = ModuleSecurityInfo('collective.testimonial')

TYPE_ROLES = ('Manager', 'Site Administrator', 'Owner', 'Contributor')
TYPES = ['Testimonial']

perms = []

for typename in TYPES:
    permid = 'Add' + typename
    permname = 'collective.testimonial: Add ' + typename
    security.declarePublic(permid)
    addPermission(permname, default_roles=TYPE_ROLES)

AddTestimonial = 'collective.artowrk: Add Testimonial'
Ejemplo n.º 14
0
# This program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
# details.
#
# You should have received a copy of the GNU General Public License along with
# this program; if not, write to the Free Software Foundation, Inc., 51
# Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
#
# Copyright 2019-2020 by it's authors.
# Some rights reserved, see README and LICENSE.

from AccessControl.SecurityInfo import ModuleSecurityInfo
from senaite.storage.interfaces import IStorageSamplesContainer

security = ModuleSecurityInfo(__name__)


@security.public
def guard_recover_samples(samples_container):
    """ Guard for recover all samples from this container
    """
    if not IStorageSamplesContainer.providedBy(samples_container):
        return False
    return samples_container.has_samples()


@security.public
def guard_add_samples(samples_container):
    """Guard for adding samples to this container
    """
Ejemplo n.º 15
0
# -*- coding: utf-8 -*-
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles

security = ModuleSecurityInfo('cpskin.core.permissions')

security.declarePublic('CPSkinSiteAdministrator')
CPSkinSiteAdministrator = 'CPSkin: Site administrator'
setDefaultRoles(CPSkinSiteAdministrator, ('Site Administrator', 'Manager'))

security.declarePublic('CPSkinEditKeywords')
CPSkinEditKeywords = 'CPSkin: Edit keywords'
setDefaultRoles(CPSkinEditKeywords,
                ('Site Administrator', 'Manager', 'Portlets Manager'))
Ejemplo n.º 16
0
    """Raised when an authentication is required.
  """
    # Declarative Security
    security = ClassSecurityInfo()

    def __init__(self, realm=None):
        self._realm = realm

    security.declarePublic('getRealm')

    def getRealm(self):
        return self._realm


InitializeClass(SubversionLoginError)
ModuleSecurityInfo(__name__).declarePublic('SubversionLoginError')


class SubversionSSLTrustError(SubversionError):
    """Raised when a SSL certificate is not trusted.
  """
    # Declarative Security
    security = ClassSecurityInfo()

    def __init__(self, trust_dict=None):
        self._trust_dict = trust_dict

    security.declarePublic('getTrustDict')

    def getTrustDict(self):
        return self._trust_dict
Ejemplo n.º 17
0
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles
#http://developer.plone.org/security/custom_permissions.html
security = ModuleSecurityInfo('collective.rcse')
TYPE_ROLES = ('Manager', 'Site Administrator', 'Owner')
perms = []

for typename in (
        "article",
        "audio",
        "discussion",
        "etherpad",
        "event",
        "file",
        "group",
        "image",
        "video",
):
    ctype = "collective.rcse." + typename
    permid = 'Add' + typename.capitalize()
    permname = 'collective.rcse: Add ' + typename
    security.declarePublic(permid)
    setDefaultRoles(permname, TYPE_ROLES)

AddArticle = "collective.rcse: Add article"
AddAudio = "collective.rcse: Add audio"
AddDiscussion = "collective.rcse: Add discussion"
AddEtherpad = "collective.rcse: Add etherpad"
AddEvent = "collective.rcse: Add event"
AddFile = "collective.rcse: Add file"
AddGroup = "collective.rcse: Add group"
# -*- coding: utf-8 -*-

from AccessControl.SecurityInfo import ModuleSecurityInfo

PROJECTNAME = 'collective.loremipsum'

security = ModuleSecurityInfo(PROJECTNAME)

security.declarePublic('CanPopulate')
CanPopulate = PROJECTNAME + ': Can Populate'
Ejemplo n.º 19
0
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
################################################################################

# Imports.
from AccessControl.SecurityInfo import ModuleSecurityInfo
import tempfile
# Product Imports.
from . import _fileutil
from . import standard

security = ModuleSecurityInfo('Products.zms.pilutil')

security.declarePublic('enabled')
def enabled():
  try:
    from PIL import Image
    return True
  except:
    try:
      import Image
      return True
    except:
      return False


security.declarePublic('thumbnail')
Ejemplo n.º 20
0
    from Products.ERP5Type import Timeout
    erp5_conf = getattr(getConfiguration(), 'product_config', {}).get('erp5')
    # Note: erp5_conf attributes are missing in unit tests, fallback to no timeout
    # in that case.
    Timeout.publisher_timeout = getattr(erp5_conf, 'publisher_timeout', None)
    Timeout.activity_timeout = getattr(erp5_conf, 'activity_timeout', None)


from AccessControl.SecurityInfo import allow_module
from AccessControl.SecurityInfo import ModuleSecurityInfo

allow_module('Products.ERP5Type.Cache')
ModuleSecurityInfo('Products.ERP5Type.Utils').declarePublic(
    'sortValueList', 'convertToUpperCase', 'UpperCase', 'convertToMixedCase',
    'cartesianProduct', 'sleep', 'getCommonTimeZoneList', 'int2letter',
    'getMessageIdWithContext', 'getTranslationStringWithContext',
    'Email_parseAddressHeader', 'guessEncodingFromText',
    'isValidTALESExpression')

allow_module('Products.ERP5Type.Message')
ModuleSecurityInfo('Products.ERP5Type.Message').declarePublic(
    'translateString')

allow_module('Products.ERP5Type.Error')
allow_module('Products.ERP5Type.Errors')
allow_module('Products.ERP5Type.JSONEncoder')
allow_module('Products.ERP5Type.Log')
allow_module('Products.ERP5Type.ImmediateReindexContextManager')
ModuleSecurityInfo('Products.ERP5Type.JSON').declarePublic('dumps', 'loads')
ModuleSecurityInfo('Products.ERP5Type.Constraint').declarePublic(
    'PropertyTypeValidity')
Ejemplo n.º 21
0
# Copyright 2020-2022 by it's authors.
# Some rights reserved, see README and LICENSE.

import logging

from AccessControl.Permission import addPermission
from AccessControl.SecurityInfo import ModuleSecurityInfo
from bika.lims.api import get_request
from senaite.patient import permissions
from senaite.patient.config import DEFAULT_ROLES
from senaite.patient.config import DEFAULT_TYPES
from senaite.patient.config import PRODUCT_NAME
from senaite.patient.interfaces import ISenaitePatientLayer
from zope.i18nmessageid import MessageFactory

security = ModuleSecurityInfo("senaite.patient")

# Defining a Message Factory for when this product is internationalized.
messageFactory = MessageFactory(PRODUCT_NAME)

logger = logging.getLogger(PRODUCT_NAME)


def is_installed():
    """Returns whether the product is installed or not
    """
    request = get_request()
    return ISenaitePatientLayer.providedBy(request)


def check_installed(default_return):
Ejemplo n.º 22
0
        ),
        visibility=None,
        icon='www/portal.gif')

    context.registerClass(
        ERP5AccessTokenExtractionPlugin.ERP5AccessTokenExtractionPlugin,
        permission=ManageUsers,
        constructors=(
            ERP5AccessTokenExtractionPlugin.
            manage_addERP5AccessTokenExtractionPluginForm,
            ERP5AccessTokenExtractionPlugin.addERP5AccessTokenExtractionPlugin,
        ),
        visibility=None,
        icon='www/portal.gif')

    context.registerClass(
        ERP5DumbHTTPExtractionPlugin.ERP5DumbHTTPExtractionPlugin,
        permission=ManageUsers,
        constructors=(
            ERP5DumbHTTPExtractionPlugin.
            manage_addERP5DumbHTTPExtractionPluginForm,
            ERP5DumbHTTPExtractionPlugin.addERP5DumbHTTPExtractionPlugin,
        ),
        visibility=None,
        icon='www/portal.gif')


from AccessControl.SecurityInfo import ModuleSecurityInfo
ModuleSecurityInfo('Products.ERP5Security.ERP5UserManager').declarePublic(
    'getUserByLogin')
Ejemplo n.º 23
0
# -*- coding: utf-8 -*-
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.CMFCore.permissions import setDefaultRoles
from plone.app.contenttypes.utils import DEFAULT_TYPES

security = ModuleSecurityInfo('plone.app.contenttypes')

TYPE_ROLES = ('Manager', 'Site Administrator', 'Owner', 'Contributor')

perms = []

for typename in DEFAULT_TYPES:
    permid = 'Add' + typename
    permname = 'plone.app.contenttypes: Add ' + typename
    security.declarePublic(permid)
    setDefaultRoles(permname, TYPE_ROLES)

AddCollection = "plone.app.contenttypes: Add Collection"
AddDocument = "plone.app.contenttypes: Add Document"
AddEvent = "plone.app.contenttypes: Add Event"
AddFile = "plone.app.contenttypes: Add File"
AddFolder = "plone.app.contenttypes: Add Folder"
AddImage = "plone.app.contenttypes: Add Image"
AddLink = "plone.app.contenttypes: Add Link"
AddNewsItem = "plone.app.contenttypes: Add News Item"
Ejemplo n.º 24
0
##############################################################################
#
# Copyright (c) 2004 Zope Foundation and Contributors.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
""" GenericSetup product exceptions.
"""

from AccessControl.SecurityInfo import ModuleSecurityInfo
from zExceptions import BadRequest  # NOQA: F401


security = ModuleSecurityInfo('Products.GenericSetup.exceptions')
security.declarePublic('BadRequest')  # NOQA: D001
Ejemplo n.º 25
0
from Products.ERP5Type import Permissions
from Products.ERP5Type.Cache import CachingMethod
from Products.ERP5Type.Globals import InitializeClass, PersistentMapping
from Products.ERP5Type.Tool.BaseTool import BaseTool
from Products.ERP5Type.Utils import deprecated
from Products.ZSQLCatalog.SQLCatalog import SimpleQuery, AutoQuery, ComplexQuery, NegatedQuery
from sets import ImmutableSet
from zLOG import LOG, WARNING
from six import reraise

WORKLIST_METADATA_KEY = 'metadata'
COUNT_COLUMN_TITLE = 'count'

SECURITY_PARAMETER_ID = 'local_roles'
from AccessControl.SecurityInfo import ModuleSecurityInfo
ModuleSecurityInfo(__name__).declarePublic('SECURITY_PARAMETER_ID')


class WorkflowTool(BaseTool, OriginalWorkflowTool):
    """
  A new container for DC workflow and workflow;
  inherits methods from original WorkflowTool.py;
  contains patches from ERP5Type/patches/WorkflowTool.py.
  """
    id = 'portal_workflow'
    title = 'Workflow Tool'
    meta_type = 'Workflow Tool'
    portal_type = 'Workflow Tool'
    allowed_types = ('Workflow', 'Interaction Workflow')

    security = ClassSecurityInfo()
Ejemplo n.º 26
0
# FOR A PARTICULAR PURPOSE.
#
##############################################################################
""" CMFCore product permissions.
"""

from AccessControl import Permissions
from AccessControl.Permission import addPermission
from AccessControl.SecurityInfo import ModuleSecurityInfo
from zope.deferredimport import deprecated


deprecated('Please use addPermission from AccessControl.Permission.',
           setDefaultRoles='AccessControl.Permission:addPermission')

security = ModuleSecurityInfo('Products.CMFCore.permissions')

#
# General Zope permissions
#

security.declarePublic('AccessContentsInformation')  # NOQA: flake8: D001
AccessContentsInformation = Permissions.access_contents_information

security.declarePublic('ChangePermissions')  # NOQA: flake8: D001
ChangePermissions = Permissions.change_permissions

security.declarePublic('DeleteObjects')  # NOQA: flake8: D001
DeleteObjects = Permissions.delete_objects

security.declarePublic('FTPAccess')  # NOQA: flake8: D001
Ejemplo n.º 27
0
            return cache[args]
        except AttributeError:
            result = func(self, *args)
            setattr(self, key, {args: result})
        except KeyError:
            cache[args] = result = func(self, *args)
        return result

    return decorated


class NotAWorkingCopyError(Exception):
    pass


ModuleSecurityInfo(__name__).declarePublic('NotAWorkingCopyError')


class NotVersionedError(Exception):
    pass


ModuleSecurityInfo(__name__).declarePublic('NotVersionedError')


class BusinessTemplateNotInstalled(Exception):
    pass


ModuleSecurityInfo(__name__).declarePublic('BusinessTemplateNotInstalled')
Ejemplo n.º 28
0
import sys

from AccessControl.class_init import InitializeClass
from AccessControl.SecurityInfo import ClassSecurityInfo
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Acquisition import Implicit
from App.config import getConfiguration
from App.special_dtml import DTMLFile
from DateTime.DateTime import DateTime
from OFS.SimpleItem import Item
from OFS.PropertyManager import PropertyManager
from OFS.History import Historical
from OFS.History import html_diff
from Persistence import Persistent

modulesecurity = ModuleSecurityInfo()

modulesecurity.declareProtected('View management screens',
                                'manage_addZReSTForm')
manage_addZReSTForm = DTMLFile('dtml/manage_addZReSTForm', globals())

modulesecurity.declareProtected('Add RestructuredText Document',
                                'manage_addZReST')


def manage_addZReST(self, id, file='', REQUEST=None):
    """Add a ZReST product """
    # validate the instance_home
    self._setObject(id, ZReST(id))
    self._getOb(id).manage_upload(file)
    if REQUEST is not None:
Ejemplo n.º 29
0
from AccessControl.SecurityInfo import ModuleSecurityInfo
from Products.Archetypes.config import UID_CATALOG
from Products.CMFCore.WorkflowCore import WorkflowException
from Products.CMFCore.utils import getToolByName
from bika.lims import PMF
from bika.lims import api
from bika.lims import logger
from bika.lims.browser import ulocalized_time
from bika.lims.interfaces import IJSONReadExtender
from bika.lims.jsonapi import get_include_fields
from bika.lims.utils import changeWorkflowState
from bika.lims.utils import t
from bika.lims.workflow.indexes import ACTIONS_TO_INDEXES
from zope.interface import implements

security = ModuleSecurityInfo('bika.lims.workflow')
security.declarePublic('guard_handler')

_marker = object()


def skip(instance, action, peek=False, unskip=False):
    """Returns True if the transition is to be SKIPPED

        peek - True just checks the value, does not set.
        unskip - remove skip key (for manual overrides).

    called with only (instance, action_id), this will set the request variable preventing the
    cascade's from re-transitioning the object and return None.
    """
Ejemplo n.º 30
0
# Copyright (c) 2002 Zope Foundation and Contributors.
#
# This software is subject to the provisions of the Zope Public License,
# Version 2.1 (ZPL).  A copy of the ZPL should accompany this distribution.
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS
# FOR A PARTICULAR PURPOSE
#
##############################################################################

# This has to happen early so things get initialized properly
from AccessControl.Implementation import setImplementation

from AccessControl.SecurityManagement import getSecurityManager
from AccessControl.SecurityManagement import setSecurityPolicy
from AccessControl.SecurityInfo import ClassSecurityInfo
from AccessControl.SecurityInfo import ModuleSecurityInfo
from AccessControl.SecurityInfo import ACCESS_PRIVATE
from AccessControl.SecurityInfo import ACCESS_PUBLIC
from AccessControl.SecurityInfo import ACCESS_NONE
from AccessControl.SecurityInfo import secureModule
from AccessControl.SecurityInfo import allow_module
from AccessControl.SecurityInfo import allow_class
from AccessControl.SimpleObjectPolicies import allow_type
from AccessControl.unauthorized import Unauthorized  # XXX
from AccessControl.ZopeGuards import full_write_guard
from AccessControl.ZopeGuards import safe_builtins

ModuleSecurityInfo('AccessControl').declarePublic('getSecurityManager')