コード例 #1
0
ファイル: Restricted.py プロジェクト: ccwalkerjm/erp5
 def guarded_pop():
     v = s.pop()
     try:
         guard(s, v)
     except Unauthorized:
         s.add(v)
         raise
     return v
コード例 #2
0
 def guarded_pop():
     v = s.pop()
     try:
         guard(s, v)
     except Unauthorized:
         s.add(v)
         raise
     return v
コード例 #3
0
def guarded_sorted(seq, cmp=None, key=None, reverse=False):
    if cmp is not None:  # six.PY2
        from functools import cmp_to_key
        key = cmp_to_key(cmp)

    if not isinstance(seq, SafeIter):
        for i, x in enumerate(seq):
            guard(seq, x, i)
    return sorted(seq, key=key, reverse=reverse)
コード例 #4
0
 def __next__(self):
     try:
         ob = self._next()  # AccessControl 2.13
     except AttributeError:
         ob = next(self._iter)  # AccessControl 4.x
     c = self.container
     guard(c, ob[0])
     guard(c, ob[1])
     return ob
コード例 #5
0
ファイル: Restricted.py プロジェクト: ccwalkerjm/erp5
def guarded_sorted(seq, cmp=None, key=None, reverse=False):
    if not isinstance(seq, SafeIter):
        for i, x in enumerate(seq):
            guard(seq, x, i)
    return sorted(seq, cmp=cmp, key=key, reverse=reverse)
コード例 #6
0
ファイル: Restricted.py プロジェクト: ccwalkerjm/erp5
 def next(self):
     ob = self._next()
     c = self.container
     guard(c, ob[0])
     guard(c, ob[1])
     return ob
コード例 #7
0
ファイル: Skinnable.py プロジェクト: goschtl/zope
    def unrestrictedTraverse(self, path, default=_MARKER, restricted=False):
        """Lookup an object by path.

        path -- The path to the object. May be a sequence of strings or a slash
        separated string. If the path begins with an empty path element
        (i.e., an empty string or a slash) then the lookup is performed
        from the application root. Otherwise, the lookup is relative to
        self. Two dots (..) as a path element indicates an upward traversal
        to the acquisition parent.

        default -- If provided, this is the value returned if the path cannot
        be traversed for any reason (i.e., no object exists at that path or
        the object is inaccessible).

        restricted -- If false (default) then no security checking is performed.
        If true, then all of the objects along the path are validated with
        the security machinery. Usually invoked using restrictedTraverse().
        """
        from webdav.NullResource import NullResource
        if not path:
            return self

        next = None

        if isinstance(path, str):
            # Unicode paths are not allowed
            path = path.split('/')
        else:
            path = list(path)

        REQUEST = {'TraversalRequestNameStack': path}
        path.reverse()
        path_pop = path.pop

        if len(path) > 1 and not path[0]:
            # Remove trailing slash
            path_pop(0)

        if restricted:
            validate = getSecurityManager().validate

        if not path[-1]:
            # If the path starts with an empty string, go to the root first.
            path_pop()
            obj = self.getPhysicalRoot()
            if restricted:
                validate(None, None, None, obj) # may raise Unauthorized
        else:
            obj = self

        resource = _MARKER
        try:
            while path:
                name = path_pop()
                __traceback_info__ = path, name

                if name[0] == '_':
                    # Never allowed in a URL.
                    raise NotFound, name

                if name == '..':
                    next = aq_parent(obj)
                    if next is not None:
                        if restricted and not validate(obj, obj, name, next):
                            raise Unauthorized(name)
                        obj = next
                        continue

                bobo_traverse = getattr(obj, '__bobo_traverse__', None)
                try:
                    if name and name[:1] in '@+' and name != '+' and nsParse(name)[1]:
                        # Process URI segment parameters.
                        ns, nm = nsParse(name)
                        try:
                            next = namespaceLookup(
                                ns, nm, obj, aq_acquire(self, 'REQUEST'))
                            if IAcquirer.providedBy(next):
                                next = next.__of__(obj)
                            if restricted and not validate(
                                obj, obj, name, next):
                                raise Unauthorized(name)
                        except TraversalError:
                            raise AttributeError(name)

                    elif bobo_traverse is not None:
                        next = bobo_traverse(REQUEST, name)
                        if restricted:
                            if aq_base(next) is not next:
                                # The object is wrapped, so the acquisition
                                # context is the container.
                                container = aq_parent(aq_inner(next))
                            elif getattr(next, 'im_self', None) is not None:
                                # Bound method, the bound instance
                                # is the container
                                container = next.im_self
                            elif getattr(aq_base(obj), name, _MARKER) is next:
                                # Unwrapped direct attribute of the object so
                                # object is the container
                                container = obj
                            else:
                                # Can't determine container
                                container = None
                            # If next is a simple unwrapped property, its
                            # parentage is indeterminate, but it may have
                            # been acquired safely. In this case validate
                            # will raise an error, and we can explicitly
                            # check that our value was acquired safely.
                            try:
                                ok = validate(obj, container, name, next)
                            except Unauthorized:
                                ok = False
                            if not ok:
                                if (container is not None or
                                    guarded_getattr(obj, name, _MARKER)
                                        is not next):
                                    raise Unauthorized(name)
                    else:
                        try:
                            next = obj.__getattribute__(name)
                        except AttributeError:
                            # this is not a direct object
                            pass
                        else:
                            try:
                                next = next.aq_base.__of__(obj)
                            except (AttributeError, TypeError):
                                pass # We can't aq wrap whatever this is
                            if restricted:
                                guard(obj, next)
                        if next is None:
                            # Go to the case below which handles views and 
                            # acquired attributes.
                            raise NotFound(name)

                except (AttributeError, NotFound, KeyError), e:
                    # Try to look for a view
                    next = queryMultiAdapter((obj, aq_acquire(self, 'REQUEST')),
                                             Interface, name)

                    if next is not None:
                        if IAcquirer.providedBy(next):
                            next = next.__of__(obj)
                        if restricted and not validate(obj, obj, name, next):
                            raise Unauthorized(name)
                    elif bobo_traverse is not None:
                        # Attribute lookup should not be done after
                        # __bobo_traverse__:
                        raise e
                    else:
                        # No view, try acquired attributes
                        try:
                            if restricted:
                                next = guarded_getattr(obj, name, _MARKER)
                            else:
                                next = getattr(obj, name, _MARKER)
                        except AttributeError:
                            raise e
                        if next is None:
                            # If we have a NullResource from earlier use it.
                            next = resource
                            if next is _MARKER:
                                # Nothing found re-raise error
                                raise e
                        if next is None:
                            try:
                                next = obj[name]
                                # The item lookup may return a NullResource,
                                # if this is the case we save it and return it
                                # if all other lookups fail.
                                if isinstance(next, NullResource):
                                    resource = next
                                    raise KeyError(name)
                            except AttributeError:
                                # Raise NotFound for easier debugging
                                # instead of AttributeError: __getitem__
                                raise NotFound(name)
                            if restricted and not validate(
                                obj, obj, None, next):
                                raise Unauthorized(name)

                obj = next

            return obj
コード例 #8
0
def guarded_sorted(seq, cmp=None, key=None, reverse=False):
    if not isinstance(seq, SafeIter):
        for i, x in enumerate(seq):
            guard(seq, x, i)
    return sorted(seq, cmp=cmp, key=key, reverse=reverse)
コード例 #9
0
 def next(self):
     ob = self._next()
     c = self.container
     guard(c, ob[0])
     guard(c, ob[1])
     return ob
コード例 #10
0
    def unrestrictedTraverse(self, path, default=_MARKER, restricted=False):
        """Lookup an object by path.

        path -- The path to the object. May be a sequence of strings or a slash
        separated string. If the path begins with an empty path element
        (i.e., an empty string or a slash) then the lookup is performed
        from the application root. Otherwise, the lookup is relative to
        self. Two dots (..) as a path element indicates an upward traversal
        to the acquisition parent.

        default -- If provided, this is the value returned if the path cannot
        be traversed for any reason (i.e., no object exists at that path or
        the object is inaccessible).

        restricted -- If false (default) then no security checking is performed.
        If true, then all of the objects along the path are validated with
        the security machinery. Usually invoked using restrictedTraverse().
        """
        from webdav.NullResource import NullResource
        if not path:
            return self

        next = None

        if isinstance(path, str):
            # Unicode paths are not allowed
            path = path.split('/')
        else:
            path = list(path)

        REQUEST = {'TraversalRequestNameStack': path}
        path.reverse()
        path_pop = path.pop

        if len(path) > 1 and not path[0]:
            # Remove trailing slash
            path_pop(0)

        if restricted:
            validate = getSecurityManager().validate

        if not path[-1]:
            # If the path starts with an empty string, go to the root first.
            path_pop()
            obj = self.getPhysicalRoot()
            if restricted:
                validate(None, None, None, obj)  # may raise Unauthorized
        else:
            obj = self

        resource = _MARKER
        try:
            while path:
                name = path_pop()
                __traceback_info__ = path, name

                if name[0] == '_':
                    # Never allowed in a URL.
                    raise NotFound, name

                if name == '..':
                    next = aq_parent(obj)
                    if next is not None:
                        if restricted and not validate(obj, obj, name, next):
                            raise Unauthorized(name)
                        obj = next
                        continue

                bobo_traverse = getattr(obj, '__bobo_traverse__', None)
                try:
                    if name and name[:1] in '@+' and name != '+' and nsParse(
                            name)[1]:
                        # Process URI segment parameters.
                        ns, nm = nsParse(name)
                        try:
                            next = namespaceLookup(ns, nm, obj,
                                                   aq_acquire(self, 'REQUEST'))
                            if IAcquirer.providedBy(next):
                                next = next.__of__(obj)
                            if restricted and not validate(
                                    obj, obj, name, next):
                                raise Unauthorized(name)
                        except TraversalError:
                            raise AttributeError(name)

                    elif bobo_traverse is not None:
                        next = bobo_traverse(REQUEST, name)
                        if restricted:
                            if aq_base(next) is not next:
                                # The object is wrapped, so the acquisition
                                # context is the container.
                                container = aq_parent(aq_inner(next))
                            elif getattr(next, 'im_self', None) is not None:
                                # Bound method, the bound instance
                                # is the container
                                container = next.im_self
                            elif getattr(aq_base(obj), name, _MARKER) is next:
                                # Unwrapped direct attribute of the object so
                                # object is the container
                                container = obj
                            else:
                                # Can't determine container
                                container = None
                            # If next is a simple unwrapped property, its
                            # parentage is indeterminate, but it may have
                            # been acquired safely. In this case validate
                            # will raise an error, and we can explicitly
                            # check that our value was acquired safely.
                            try:
                                ok = validate(obj, container, name, next)
                            except Unauthorized:
                                ok = False
                            if not ok:
                                if (container is not None or guarded_getattr(
                                        obj, name, _MARKER) is not next):
                                    raise Unauthorized(name)
                    else:
                        try:
                            next = obj.__getattribute__(name)
                        except AttributeError:
                            # this is not a direct object
                            pass
                        else:
                            try:
                                next = next.aq_base.__of__(obj)
                            except (AttributeError, TypeError):
                                pass  # We can't aq wrap whatever this is
                            if restricted:
                                guard(obj, next)
                        if next is None:
                            # Go to the case below which handles views and
                            # acquired attributes.
                            raise NotFound(name)

                except (AttributeError, NotFound, KeyError), e:
                    # Try to look for a view
                    next = queryMultiAdapter(
                        (obj, aq_acquire(self, 'REQUEST')), Interface, name)

                    if next is not None:
                        if IAcquirer.providedBy(next):
                            next = next.__of__(obj)
                        if restricted and not validate(obj, obj, name, next):
                            raise Unauthorized(name)
                    elif bobo_traverse is not None:
                        # Attribute lookup should not be done after
                        # __bobo_traverse__:
                        raise e
                    else:
                        # No view, try acquired attributes
                        try:
                            if restricted:
                                next = guarded_getattr(obj, name, _MARKER)
                            else:
                                next = getattr(obj, name, _MARKER)
                        except AttributeError:
                            raise e
                        if next is None:
                            # If we have a NullResource from earlier use it.
                            next = resource
                            if next is _MARKER:
                                # Nothing found re-raise error
                                raise e
                        if next is None:
                            try:
                                next = obj[name]
                                # The item lookup may return a NullResource,
                                # if this is the case we save it and return it
                                # if all other lookups fail.
                                if isinstance(next, NullResource):
                                    resource = next
                                    raise KeyError(name)
                            except AttributeError:
                                # Raise NotFound for easier debugging
                                # instead of AttributeError: __getitem__
                                raise NotFound(name)
                            if restricted and not validate(
                                    obj, obj, None, next):
                                raise Unauthorized(name)

                obj = next

            return obj