def constructInstance(self, container, id, *args, **kw): """Build an instance of the type. Builds the instance in 'container', using 'id' as its id. Returns the object. """ if not self.isConstructionAllowed(container): raise AccessControl_Unauthorized('Cannot create %s' % self.getId()) ob = self._constructInstance(container, id, *args, **kw) return self._finishConstruction(ob)
def _getFactoryMethod(self, container, check_security=1): if not self.product or not self.factory: raise ValueError, ('Product factory for %s was undefined' % self.getId()) p = container.manage_addProduct[self.product] m = getattr(p, self.factory, None) if m is None: raise ValueError, ('Product factory for %s was invalid' % self.getId()) if not check_security: return m if getSecurityManager().validate(p, p, self.factory, m): return m raise AccessControl_Unauthorized('Cannot create %s' % self.getId())
def _limitGrantedRoles(roles, context, special_roles=()): # Only allow a user to grant roles already possessed by that user, # with the exception that all special_roles can also be granted. user = _getAuthenticatedUser(context) if user is None: user_roles = () else: user_roles = user.getRolesInContext(context) if 'Manager' in user_roles: # Assume all other roles are allowed. return for role in roles: if role not in special_roles and role not in user_roles: raise AccessControl_Unauthorized('Too many roles specified.')
def getActionInfo(self, action_chain, object=None, check_visibility=0, check_condition=0): """ Get an ActionInfo object specified by a chain of actions. """ action_infos = self.listActionInfos(action_chain, object, check_visibility=check_visibility, check_permissions=False, check_condition=check_condition) if not action_infos: raise ValueError('No Action meets the given specification.') for ai in action_infos: if ai['allowed']: return ai raise AccessControl_Unauthorized('You are not allowed to access any ' 'of the specified Actions.')
def deleteMembers(self, member_ids, delete_memberareas=1, delete_localroles=1, REQUEST=None): """ Delete members specified by member_ids. """ # XXX: this method violates the rules for tools/utilities: # it depends on a non-utility tool # Delete members in acl_users. acl_users = self.acl_users if _checkPermission(ManageUsers, acl_users): if isinstance(member_ids, basestring): member_ids = (member_ids, ) member_ids = list(member_ids) for member_id in member_ids[:]: if not acl_users.getUserById(member_id, None): member_ids.remove(member_id) try: acl_users.userFolderDelUsers(member_ids) except (AttributeError, NotImplementedError, 'NotImplemented'): raise NotImplementedError('The underlying User Folder ' 'doesn\'t support deleting members.') else: raise AccessControl_Unauthorized( 'You need the \'Manage users\' ' 'permission for the underlying User Folder.') # Delete member data in portal_memberdata. mdtool = getToolByName(self, 'portal_memberdata', None) if mdtool is not None: for member_id in member_ids: mdtool.deleteMemberData(member_id) # Delete members' home folders including all content items. if delete_memberareas: for member_id in member_ids: self.deleteMemberArea(member_id) # Delete members' local roles. if delete_localroles: self.deleteLocalRoles(getUtility(ISiteRoot), member_ids, reindex=1, recursive=1) return tuple(member_ids)
def deleteMembers(self, member_ids, delete_memberareas=1, delete_localroles=1): """ Delete members specified by member_ids. """ # Delete members in acl_users. acl_users = self.acl_users if _checkPermission(ManageUsers, acl_users): if type(member_ids) is StringType: member_ids = (member_ids, ) member_ids = list(member_ids) for member_id in member_ids[:]: if not acl_users.getUserById(member_id, None): member_ids.remove(member_id) try: acl_users.userFolderDelUsers(member_ids) except (NotImplementedError, 'NotImplemented'): raise NotImplementedError('The underlying User Folder ' 'doesn\'t support deleting members.') else: raise AccessControl_Unauthorized( 'You need the \'Manage users\' ' 'permission for the underlying User Folder.') # Delete member data in portal_memberdata. mdtool = getToolByName(self, 'portal_memberdata', None) if mdtool: for member_id in member_ids: mdtool.deleteMemberData(member_id) # Delete members' home folders including all content items. if delete_memberareas: for member_id in member_ids: self.deleteMemberArea(member_id) # Delete members' local roles. if delete_localroles: utool = getToolByName(self, 'portal_url', None) self.deleteLocalRoles(utool.getPortalObject(), member_ids, reindex=1, recursive=1) return tuple(member_ids)
def getActionInfo(self, action_chain, object=None, check_visibility=0, check_condition=0): """ Get an ActionInfo object specified by a chain of actions. """ action_infos = self.listActionInfos(action_chain, object, check_visibility=check_visibility, check_permissions=False, check_condition=check_condition) if not action_infos: if object is None: provider = self else: provider = object msg = 'Action "%s" not available for %s' % ( action_chain, '/'.join(provider.getPhysicalPath())) raise ValueError(msg) for ai in action_infos: if ai['allowed']: return ai raise AccessControl_Unauthorized('You are not allowed to access any ' 'of the specified Actions.')
def _getViewFor(obj, view='view'): warn( '__call__() and view() methods using _getViewFor() as well as ' '_getViewFor() itself are deprecated and will be removed in CMF 2.0. ' 'Bypass these methods by defining \'(Default)\' and \'view\' Method ' 'Aliases.', DeprecationWarning) ti = obj.getTypeInfo() if ti is not None: context = getActionContext(obj) actions = ti.listActions() for action in actions: if action.getId() == view: if _verifyActionPermissions(obj, action): target = action.action(context).strip() if target.startswith('/'): target = target[1:] __traceback_info__ = (ti.getId(), target) return obj.restrictedTraverse(target) # "view" action is not present or not allowed. # Find something that's allowed. for action in actions: if _verifyActionPermissions(obj, action): target = action.action(context).strip() if target.startswith('/'): target = target[1:] __traceback_info__ = (ti.getId(), target) return obj.restrictedTraverse(target) raise AccessControl_Unauthorized('No accessible views available for ' '%s' % '/'.join(obj.getPhysicalPath())) else: raise NotFound('Cannot find default view for "%s"' % '/'.join(obj.getPhysicalPath()))
def constructContent(self, type_name, container, id, RESPONSE=None, *args, **kw): """ Build an instance of the appropriate content class in 'container', using 'id'. """ info = self.getTypeInfo(type_name) if info is None: raise ValueError('No such content type: %s' % type_name) # check we're allowed to access the type object if not self._checkViewType(info): raise AccessControl_Unauthorized(info) ob = info.constructInstance(container, id, *args, **kw) if RESPONSE is not None: immediate_url = '%s/%s' % (ob.absolute_url(), info.immediate_view) RESPONSE.redirect(immediate_url)
def doActionFor(self, ob, action, comment=''): ''' Allows the user to request a workflow action. This method must perform its own security checks. ''' allow_review = _checkPermission(ReviewPortalContent, ob) allow_request = _checkPermission(RequestReview, ob) review_state = self.getReviewStateOf(ob) tool = aq_parent(aq_inner(self)) if action == 'submit': if not allow_request: raise AccessControl_Unauthorized('Not authorized') elif review_state != 'private': raise AccessControl_Unauthorized('Already in submit state') self.setReviewStateOf(ob, 'pending', action, comment) elif action == 'retract': if not allow_request: raise AccessControl_Unauthorized('Not authorized') elif review_state == 'private': raise AccessControl_Unauthorized('Already private') content_creator = ob.Creator() pm = getToolByName(self, 'portal_membership') current_user = pm.getAuthenticatedMember().getId() if (content_creator != current_user) and not allow_review: raise AccessControl_Unauthorized('Not creator or reviewer') self.setReviewStateOf(ob, 'private', action, comment) elif action == 'publish': if not allow_review: raise AccessControl_Unauthorized('Not authorized') self.setReviewStateOf(ob, 'published', action, comment) elif action == 'reject': if not allow_review: raise AccessControl_Unauthorized('Not authorized') self.setReviewStateOf(ob, 'private', action, comment)
def _verifyObjectPaste(self, object, validate_src=1): # This assists the version in OFS.CopySupport. # It enables the clipboard to function correctly # with objects created by a multi-factory. mt = getattr(object, '__factory_meta_type__', None) meta_types = getattr(self, 'all_meta_types', None) if mt is not None and meta_types is not None: method_name = None mt_permission = None if callable(meta_types): meta_types = meta_types() for d in meta_types: if d['name'] == mt: method_name = d['action'] mt_permission = d.get('permission') break if mt_permission is not None: sm = getSecurityManager() if sm.checkPermission(mt_permission, self): if validate_src: # Ensure the user is allowed to access the object on # the clipboard. parent = aq_parent(aq_inner(object)) if not sm.validate(None, parent, None, object): raise AccessControl_Unauthorized(object.getId()) if validate_src == 2: # moving if not sm.checkPermission(DeleteObjects, parent): raise AccessControl_Unauthorized('Delete not ' 'allowed.') else: raise AccessControl_Unauthorized( 'You do not possess the ' '%r permission in the context of the container ' 'into which you are pasting, thus you are not ' 'able to perform this operation.' % mt_permission) else: raise AccessControl_Unauthorized('The object %r does not ' 'support this operation.' % object.getId()) else: # Call OFS' _verifyObjectPaste if necessary PortalFolderBase.inheritedAttribute('_verifyObjectPaste')( self, object, validate_src) # Finally, check allowed content types if hasattr(aq_base(object), 'getPortalTypeName'): type_name = object.getPortalTypeName() if type_name is not None: pt = getToolByName(self, 'portal_types') myType = pt.getTypeInfo(self) if myType is not None and not myType.allowType(type_name): raise ValueError('Disallowed subobject type: %s' % type_name)
def _verifyObjectPaste(self, object, validate_src=1): # This assists the version in OFS.CopySupport. # It enables the clipboard to function correctly # with objects created by a multi-factory. if (hasattr(object, '__factory_meta_type__') and hasattr(self, 'all_meta_types')): mt = object.__factory_meta_type__ method_name = None permission_name = None meta_types = self.all_meta_types if callable(meta_types): meta_types = meta_types() for d in meta_types: if d['name'] == mt: method_name = d['action'] permission_name = d.get('permission', None) break if permission_name is not None: if _checkPermission(permission_name, self): if not validate_src: # We don't want to check the object on the clipboard return try: parent = aq_parent(aq_inner(object)) except: parent = None if getSecurityManager().validate(None, parent, None, object): # validation succeeded return raise AccessControl_Unauthorized(object.getId()) else: raise AccessControl_Unauthorized(permission_name) # # Old validation for objects that may not have registered # themselves in the proper fashion. # elif method_name is not None: meth = self.unrestrictedTraverse(method_name) if hasattr(meth, 'im_self'): parent = meth.im_self else: try: parent = aq_parent(aq_inner(meth)) except: parent = None if getSecurityManager().validate(None, parent, None, meth): # Ensure the user is allowed to access the object on the # clipboard. if not validate_src: return try: parent = aq_parent(aq_inner(object)) except: parent = None if getSecurityManager().validate(None, parent, None, object): return raise AccessControl_Unauthorized(object.getId()) else: raise AccessControl_Unauthorized(method_name) PortalFolder.inheritedAttribute('_verifyObjectPaste')(self, object, validate_src)