def __init__(self, obj, request): self.object = obj self.request = request if hasattr(self.object, 'path_key'): pk = getattr(self.object, 'path_key') given_pk = request.get('path_key', '') pk = getMD5SUM(pk) if given_pk != pk: self.request.response.redirect(self.object.absolute_url()+'/pathkey-requester')
def __init__(self, obj, request): self.object = obj self.request = request if hasattr(self.object, 'path_key'): pk = getattr(self.object, 'path_key') given_pk = request.get('path_key', '') pk = getMD5SUM(pk) if given_pk != pk: self.request.response.redirect(self.object.absolute_url() + '/pathkey-requester')
def action_send(self, action, data): # status = IStatusMessage(self.request) try: suggested_pathkey = data['pathkey'] except KeyError: suggested_pathkey = False if suggested_pathkey: pathkey = getMD5SUM(suggested_pathkey) self.response.setCookie('path_key', pathkey, path='/') self.response.redirect(self.context.absolute_url()) return ''
def validatePathkey(self): """ Returns True if when user can access pathkey protected object. Returns always True if object does not have pathkey protection. """ if hasattr(self.object, 'path_key'): pk = getattr(self.object, 'path_key') given_pk = self.request.get('path_key', '') pk = getMD5SUM(pk) return given_pk == pk # No pathkey is set, so pathkey is correct always return True