Python IDeferSecurityCheck.providedBy Exemples

Exemple #1

Fichier : trigger.py Projet : lukasgraf/opengever.core

    def fields(self):
        """Dynamically generate a responsible field with the Keywordwidget
        for each selected template.
        """

        # When using the keywordwidget autocomplete search, the widget is
        # traversing anonymously. Therefore we're not able to get the selected
        # templates and generate all fields correctly.
        # Therefore we handle all responsible widget traversals "manually".
        responsible_field_match = re.match(
            r'^{}(.*?)\.responsible$'.format(re.escape('++widget++form.widgets.')),
            self.request._steps[-1])
        if IDeferSecurityCheck.providedBy(self.request) and responsible_field_match:
            field = Field(ITaskTemplate['responsible'],
                          prefix=responsible_field_match.group(1),)
            field.widgetFactory[INPUT_MODE] = ParameterizedWidget(
                KeywordWidget, async=True)
            return Fields(field)

        self.fallback_field = ITaskTemplate['responsible']
        fields = []
        for template in self.get_selected_tasktemplates():
            schema_field = copy.copy(ITaskTemplate['responsible'])
            field = Field(schema_field, prefix=template.id)
            field.field.required = True
            field.widgetFactory[INPUT_MODE] = ParameterizedWidget(
                KeywordWidget, async=True)
            fields.append(field)

        return Fields(*fields)

Exemple #2

 def getTile(self):
     # if IDeferSecurityCheck is provided by the request,
     # you can't use restricted traverse, perms aren't set up yet.
     if IDeferSecurityCheck.providedBy(self.request):
         view = getMultiAdapter((self.context, self.request),
                                name=self.tileType.__name__)
         return view[self.tileId]
     else:
         return self.context.restrictedTraverse('@@{0}/{1}'.format(
             self.tileType.__name__, self.tileId))

Exemple #3

Fichier : edit.py Projet : jean/collective.cover

 def getTile(self):
     # if IDeferSecurityCheck is provided by the request,
     # you can't use restricted traverse, perms aren't set up yet.
     if IDeferSecurityCheck.providedBy(self.request):
         view = getMultiAdapter((self.context, self.request),
                                name=self.tileType.__name__)
         return view[self.tileId]
     else:
         return self.context.restrictedTraverse('@@%s/%s' % (
             self.tileType.__name__, self.tileId,))

Exemple #4

    def update(self):
        super(CustomEditForm, self).update()

        tile = self.getTile()

        if (not IDeferSecurityCheck.providedBy(self.request)
                and not tile.isAllowedToEdit()):
            # if IDeferSecurityCheck is provided by the request,
            # we're not going to worry about security, perms not set up yet
            raise Unauthorized(
                _(u'You are not allowed to add this kind of tile'))

Exemple #5

Fichier : edit.py Projet : jean/collective.cover

    def update(self):
        super(CustomEditForm, self).update()

        tile = self.getTile()

        if (not IDeferSecurityCheck.providedBy(self.request) and
                not tile.isAllowedToEdit()):
            # if IDeferSecurityCheck is provided by the request,
            # we're not going to worry about security, perms not set up yet
            raise Unauthorized(
                _(u'You are not allowed to add this kind of tile'))

Exemple #6

Fichier : base.py Projet : plone/plone.app.tiles

    def update(self):
        # Support drafting tile data context
        if PLONE_APP_DRAFTS:
            ICurrentDraftManagement(self.request).mark()

        # Override to check the tile add/edit permission
        if not IDeferSecurityCheck.providedBy(self.request):
            if not checkPermission(self.tileType.add_permission, self.context):
                raise Unauthorized(
                    "You are not allowed to add this kind of tile")

        super(TileForm, self).update()

Exemple #7

Fichier : base.py Projet : hatchddigital/plone.app.tiles

    def update(self):
        # Support drafting tile data context
        if PLONE_APP_DRAFTS:
            ICurrentDraftManagement(self.request).mark()

        # Override to check the tile add/edit permission
        if not IDeferSecurityCheck.providedBy(self.request):
            if not checkPermission(self.tileType.add_permission, self.context):
                raise Unauthorized(
                    "You are not allowed to add this kind of tile")

        super(TileForm, self).update()

Exemple #8

Fichier : base.py Projet : sixfeetup/plone.app.tiles

    def update(self):

        # Set up draft information if required
        currentDraft = ICurrentDraftManagement(self.request)
        currentDraft.mark()

        # Override to check the tile add/edit permission
        if not IDeferSecurityCheck.providedBy(self.request):
            if not checkPermission(self.tileType.add_permission, self.context):
                raise Unauthorized(
                    "You are not allowed to add this kind of tile")

        super(TileForm, self).update()

Exemple #9

Fichier : add.py Projet : eea/plone.dexterity

 def update(self):
     if not IDeferSecurityCheck.providedBy(self.request):
         allowed_ids = [
             fti.getId() for fti in self.context.allowedContentTypes()
         ]
         if self.portal_type not in allowed_ids:
             raise ValueError(
                 'Subobject type disallowed by IConstrainTypes adapter: %s'
                 % self.portal_type)
     super(DefaultAddForm, self).update()
     # fire the edit begun only if no action was executed
     if len(self.actions.executedActions) == 0:
         notify(AddBegunEvent(self.context))

Exemple #10

Fichier : add.py Projet : sgeulette/plone.dexterity

 def update(self):
     if not IDeferSecurityCheck.providedBy(self.request):
         allowed_ids = [fti.getId() for fti in
                        self.context.allowedContentTypes()]
         if self.portal_type not in allowed_ids:
             raise ValueError(
                 'Subobject type disallowed by IConstrainTypes adapter: %s'
                 % self.portal_type
             )
     super(DefaultAddForm, self).update()
     # fire the edit begun only if no action was executed
     if len(self.actions.executedActions) == 0:
         notify(AddBegunEvent(self.context))

Exemple #11

Fichier : base.py Projet : CGTIC/Plone_SP

    def update(self):

        # Set up draft information if required
        currentDraft = ICurrentDraftManagement(self.request)
        currentDraft.mark()

        # Override to check the tile add/edit permission
        if not IDeferSecurityCheck.providedBy(self.request):
            if not checkPermission(self.tileType.add_permission, self.context):
                raise Unauthorized(
                    "You are not allowed to add this kind of tile")

        super(TileForm, self).update()

Exemple #12

Fichier : edit-tile.py Projet : datakurre/jyu.portfolio.layout

 def wrapper(self, *args, **kwargs):
     request = globalrequest.getRequest()
     if IDeferSecurityCheck.providedBy(request):
         old_security_manager = getSecurityManager()
         newSecurityManager(
             None, UnrestrictedUser('manager', '', ['Manager'], []))
         try:
             return func(self, *args, **kwargs)
         except:
             pass
         finally:
             # Note that finally is also called before return
             setSecurityManager(old_security_manager)
         return func(self, *args, **kwargs)
     else:
         return func(self, *args, **kwargs)

Exemple #13

Fichier : edit.py Projet : plone/plone.app.tiles

    def getContent(self):
        typeName = self.tileType.__name__
        tileId = self.tileId

        # Traverse to the tile. If it is a transient tile, it will pick up
        # query string parameters from the original request It is necessary to
        # defer security checking because during initial form setup, the
        # security context is not yet set. Setting the IDeferSecurityCheck
        # interface on the request is handled in
        # plone.z3cform.traversal.FormWidgetTraversal
        if IDeferSecurityCheck.providedBy(self.request):
            tile = self.context.unrestrictedTraverse("@@%s/%s" % (typeName, tileId))
        else:
            tile = self.context.restrictedTraverse("@@%s/%s" % (typeName, tileId))

        dataManager = ITileDataManager(tile)
        return AcquirableDictionary(dataManager.get()).__of__(self.context)

Exemple #14

    def getContent(self):
        typeName = self.tileType.__name__
        tileId = self.tileId

        # Traverse to the tile. If it is a transient tile, it will pick up
        # query string parameters from the original request It is necessary to
        # defer security checking because during initial form setup, the
        # security context is not yet set. Setting the IDeferSecurityCheck
        # interface on the request is handled in
        # plone.z3cform.traversal.FormWidgetTraversal
        if IDeferSecurityCheck.providedBy(self.request):
            tile = self.context.unrestrictedTraverse(
                '@@%s/%s' % (typeName, tileId,))
        else:
            tile = self.context.restrictedTraverse(
                '@@%s/%s' % (typeName, tileId,))

        dataManager = ITileDataManager(tile)
        return AcquirableDictionary(dataManager.get()).__of__(self.context)

Exemple #15

Fichier : trigger.py Projet : robertmuehsig/opengever.core

    def updateWidgets(self):
        """Change the label of the dynamically generated responsible fields.
        """
        super(SelectResponsiblesWizardStep, self).updateWidgets()
        if IDeferSecurityCheck.providedBy(self.request):
            return

        for name in self.widgets:
            if not name.endswith('responsible'):
                continue
            widget = self.widgets[name]
            template_id = self.fields[name].prefix
            template = self.get_selected_task_templatefolder().get(template_id)
            widget.label = translate(_(
                'label_responsible_for_task',
                default=u'Responsible \xab${template_title}\xbb',
                mapping={'template_title': template.title}),
                                     context=self.request)

            if template.responsible:
                widget.value = self.get_responsible_widget_value(template)

Exemple #16

Fichier : trigger.py Projet : 4teamwork/opengever.core

    def updateWidgets(self):
        """Change the label of the dynamically generated responsible fields.
        """
        super(SelectResponsiblesWizardStep, self).updateWidgets()
        if IDeferSecurityCheck.providedBy(self.request):
            return

        for name in self.widgets:
            if not name.endswith('responsible'):
                continue
            widget = self.widgets[name]
            template_id = self.fields[name].prefix
            template = self.get_selected_task_templatefolder().get(template_id)
            widget.label = translate(
                _('label_responsible_for_task',
                  default=u'Responsible \xab${template_title}\xbb',
                  mapping={'template_title': template.title}),
                context=self.request)

            if template.responsible:
                widget.value = self.get_responsible_widget_value(template)