def initialize(context): import content ########## # Add our content types # A little different from the average Archetype product # due to the need to individualize some add permissions. # # This approach borrowed from ATContentTypes # listOfTypes = listTypes(PROJECTNAME) content_types, constructors, ftis = process_types(listOfTypes, PROJECTNAME) allTypes = zip(content_types, constructors) for atype, constructor in allTypes: kind = "%s: %s" % (PROJECTNAME, atype.archetype_name) if atype.portal_type == 'SalesforcePFGAdapter': permission = SFA_ADD_CONTENT_PERMISSION else: permission = ADD_CONTENT_PERMISSION utils.ContentInit( kind, content_types=(atype, ), permission=permission, extra_constructors=(constructor, ), fti=ftis, ).initialize(context) ModuleSecurityInfo('Products.PloneFormGen').declarePublic( 'SalesforcePFGAdapterMessageFactory') ModuleSecurityInfo('Products.PloneFormGen').declarePublic('HAS_PLONE25')
def initialize(context): """Initializer called when used as a Zope 2 product.""" ModuleSecurityInfo("ubify.viewlets.utils").declarePublic("scale_image") ModuleSecurityInfo("ubify.viewlets.utils").declarePublic( "scaleandcrop_image") ModuleSecurityInfo("ubify.viewlets.utils").declarePublic( "getObjectModifiedBy")
def initialize(context): """Initializer called when used as a Zope 2 product.""" ModuleSecurityInfo("ubify.smartview").declarePublic("getResults") ModuleSecurityInfo("ubify.smartview").declarePublic("getQValue") ModuleSecurityInfo("ubify.smartview").declarePublic( "getProcessResultForTimeLineView") pass
def setUp(self): from AccessControl import ModuleSecurityInfo from AccessControl.SecurityInfo import _appliedModuleSecurity from AccessControl.SecurityInfo import _moduleSecurity self._ms_before = _moduleSecurity.copy() self._ams_before = _appliedModuleSecurity.copy() ModuleSecurityInfo('string').declarePublic('split') # noqa: D001 ModuleSecurityInfo('sets').declarePublic('Set') # noqa: D001 newSecurityManager(None, None)
def patch_security(): ModuleSecurityInfo('OFS.ObjectManager').setDefaultAccess(0) ModuleSecurityInfo('OFS.ObjectManager').declareObjectPrivate() ModuleSecurityInfo('OFS.ObjectManager').declarePublic('BeforeDeleteException') for m in BAD_IMPORTS: modsec = ModuleSecurityInfo(m) for a in BAD_IMPORTS[m]: modsec.declarePrivate(a)
def initialize(context): # inicializa a instalacao e estrutura do SAGL-OpenLegis ModuleSecurityInfo('socket.socket').declarePublic('fileno') ModuleSecurityInfo('tempfile.NamedTemporaryFile').declarePublic('flush') allow_module('zlib') allow_module('urllib') allow_module('urllib2') allow_module('sys') allow_module('os') allow_module('lacunarestpki') allow_module('Acquisition') allow_module('ExtensionClass') allow_module('App.FindHomes') allow_module('trml2pdf') allow_module('cStringIO.StringIO') allow_module('time') allow_module('_strptime') allow_module('csv') allow_module('pdb') allow_module('simplejson') allow_module('tempfile.NamedTemporaryFile') allow_module('collections') allow_module('base64') allow_module('socket') allow_module('fcntl') allow_module('struct') allow_module('array') allow_module('datetime') allow_module('datetime.datetime.timetuple') allow_module('PyPDF2') allow_module('StringIO') allow_module('PIL') tools = (SAPLTool.SAPLTool, ) ToolInit('SAPL Tool', tools=tools, icon='tool.gif').initialize(context) context.registerClass(Portal.SAPL, constructors=( Portal.manage_addSAPLForm, Portal.manage_addSAPL, ), icon='interlegisIcon.gif') context.registerClass(lexml.SAPLOAIServer.SAPLOAIServer, constructors=( SAPLOAIServer.manage_addSAPLOAIServerForm, SAPLOAIServer.manage_addSAPLOAIServer, ), icon='oai_service.png')
def initialize(context): import ubify.coretypes.content from Products.ATContentTypes.permission import permissions content_types, constructors, ftis = process_types(listTypes(PROJECTNAME), PROJECTNAME) allTypes = zip(content_types, constructors) for atype, constructor in allTypes: kind = "%s: %s" % (PROJECTNAME, atype.archetype_name) if atype.portal_type not in TYPES_NEW: ContentInit( kind, content_types=(atype, ), permission=permissions[atype.portal_type], extra_constructors=(constructor, ), ).initialize(context) else: ContentInit( kind, content_types=(atype, ), permission=DEFAULT_ADD_CONTENT_PERMISSION, extra_constructors=(constructor, ), ).initialize(context) ModuleSecurityInfo("ubify.coretypes").declarePublic("get_action_mapped")
def initialize( context ): from . import Document # Initialize initializeProduct(context, this_module, globals(), document_module = Document, document_classes = document_classes, object_classes = object_classes, portal_tools = portal_tools, content_constructors = content_constructors, content_classes = content_classes) # Allow some usefull classes and fonctions in TTW code ModuleSecurityInfo('ZODB.POSException').declarePublic('ConflictError') ModuleSecurityInfo('Products.CMFCore.WorkflowCore').declarePublic( 'WorkflowException') # Make sure InteactionWorkflow is visible in UI import Products.ERP5.InteractionWorkflow
def initialize(context): import content, validators, tools, widgets # side-effect import import patches # Add our tools utils.ToolInit('PloneFormGen Tool', tools=( tools.formGenTool.FormGenTool, ), icon='Form.gif', ).initialize(context) ########## # Add our content types # A little different from the average Archetype product # due to the need to individualize some add permissions. # # This approach borrowed from ATContentTypes # listOfTypes = listTypes(PROJECTNAME) content_types, constructors, ftis = process_types( listOfTypes, PROJECTNAME) allTypes = zip(content_types, constructors) for atype, constructor in allTypes: kind = "%s: %s" % (PROJECTNAME, atype.archetype_name) if atype.portal_type == 'FormCustomScriptAdapter': permission = CSA_ADD_CONTENT_PERMISSION elif atype.portal_type == 'FormMailerAdapter': permission = MA_ADD_CONTENT_PERMISSION elif atype.portal_type == 'FormSaveDataAdapter': permission = SDA_ADD_CONTENT_PERMISSION elif atype.portal_type == 'FormSubmissionFolderAdapter': permission = SFA_ADD_CONTENT_PERMISSION else: permission = ADD_CONTENT_PERMISSION utils.ContentInit( kind, content_types = (atype,), permission = permission, extra_constructors = (constructor,), fti = ftis, ).initialize(context) ModuleSecurityInfo('Products.PloneFormGen').declarePublic('PloneFormGenMessageFactory')
def initialize(context): from Products.IMU import IMUResearch, IMUSeminar, IMUPublication, IMUConsulting security = ModuleSecurityInfo( 'Products.IMU.utils' ) security.declareObjectPublic() security.declarePublic('uploadProjectsFromFile') security.declarePublic('getProjects') security.declarePublic('checkProjectId') contentClasses = ( IMUResearch.IMUResearch, IMUSeminar.IMUSeminar, IMUPublication.IMUPublication, IMUConsulting.IMUConsulting ) contentConstructors = ( IMUResearch.addResearch, IMUSeminar.addSeminar, IMUPublication.addPublication, IMUConsulting.addConsulting ) ftis = ( IMUResearch.factory_type_information, IMUSeminar.factory_type_information, IMUPublication.factory_type_information, IMUConsulting.factory_type_information ) this_module = sys.modules[ __name__ ] bases = contentClasses z_bases = utils.initializeBasesPhase1(bases, this_module) utils.initializeBasesPhase2( z_bases, context ) utils.ContentInit( 'IMU Content' , content_types=contentClasses , permission=ADD_CONTENT_PERMISSION , extra_constructors=contentConstructors , fti=ftis ).initialize( context )
# -*- coding: utf-8 -*- from Products.CMFCore.permissions import setDefaultRoles from AccessControl import ModuleSecurityInfo security = ModuleSecurityInfo("collective.dancefloor") PROJECTNAME = 'collective.dancefloor' #permission to manage local newsletters security.declarePublic("DelegateLocalNewsletterManager") DelegateLocalNewsletterManager = "Sharing page: delegate Local Newsletter Manager role" setDefaultRoles(DelegateLocalNewsletterManager, ()) #permission to manage local newsletters security.declarePublic("ManageLocalNewsletter") ManageLocalNewsletter = "collective.dancefloor: Manage Local Newsletters" setDefaultRoles(ManageLocalNewsletter, ('Manager', ))
# -*- coding: utf-8 -*- # Copyright (c) 2002-2013 Infrae. All rights reserved. # See also LICENSE.txt # from AccessControl import ModuleSecurityInfo import zope.deferredimport module_security = ModuleSecurityInfo('silva.app.news.codesources.inline') module_security.declarePublic('get_items') zope.deferredimport.deprecated( 'Please refresh your News viewer code source', get_items='silva.app.news.codesources.api:get_items')
This Product stores two texts - a "source" text in ReStructureText format, and a HTML "formatted" version of that text. ''' import docutils.core, docutils.io from Globals import InitializeClass, DTMLFile from OFS.SimpleItem import Item from OFS.PropertyManager import PropertyManager from OFS.History import Historical, html_diff from Acquisition import Implicit from Persistence import Persistent from AccessControl import ClassSecurityInfo from AccessControl import ModuleSecurityInfo from DateTime.DateTime import DateTime modulesecurity = ModuleSecurityInfo() modulesecurity.declareProtected('View management screens', 'manage_addZReSTForm') manage_addZReSTForm = DTMLFile('dtml/manage_addZReSTForm', globals()) modulesecurity.declareProtected('Add Z Roundups', 'manage_addZReST') def manage_addZReST(self, id, file='', REQUEST=None): """Add a ZReST product """ # validate the instance_home self._setObject(id, ZReST(id)) self._getOb(id).manage_upload(file) if REQUEST: return self.manage_main(self, REQUEST) class Warnings:
from AccessControl import getSecurityManager, Unauthorized from AccessControl import ModuleSecurityInfo from Acquisition import aq_get from Acquisition import aq_base, aq_inner, aq_parent from App.Common import package_home from App.ImageFile import ImageFile from DateTime import DateTime from DateTime.interfaces import DateTimeError from Products.CMFCore.interfaces import IPropertiesTool from Products.CMFCore.permissions import ManageUsers from Products.CMFCore.utils import ToolInit as CMFCoreToolInit from Products.CMFCore.utils import getToolByName import transaction security = ModuleSecurityInfo() security.declarePrivate('deprecated') security.declarePrivate('abspath') security.declarePrivate('re') security.declarePrivate('OFS') security.declarePrivate('aq_get') security.declarePrivate('package_home') security.declarePrivate('ImageFile') security.declarePrivate('CMFCoreToolInit') security.declarePrivate('transaction') security.declarePrivate('zope') # Canonical way to get at CMFPlone directory PACKAGE_HOME = package_home(globals()) security.declarePrivate('PACKAGE_HOME')
from html2safehtml import HTML2SafeHTML def html2text(s, ignore_tags=(), indent_width=4, page_width=80): ignore_tags = [t.lower() for t in ignore_tags] parser = HTML2Text(ignore_tags, indent_width, page_width) parser.feed(s) parser.close() parser.generate() return parser.result def html2safehtml(s, valid_tags=('b', 'a', 'i', 'br', 'p')): valid_tags = [t.lower() for t in valid_tags] parser = HTML2SafeHTML(valid_tags) parser.feed(s) parser.close() parser.cleanup() return parser.result try: from AccessControl import ModuleSecurityInfo except ImportError: # no Zope around pass else: ModuleSecurityInfo('Products.stripogram').declareObjectPublic() ModuleSecurityInfo('Products.stripogram').declarePublic( 'html2text', 'html2safehtml')
from AccessControl import ClassSecurityInfo from AccessControl import ModuleSecurityInfo from AccessControl.SecurityInfo import ACCESS_PUBLIC from Acquisition import aq_base, aq_inner, aq_parent from ExtensionClass import ExtensionClass from App.class_init import InitializeClass from Products.CMFCore.utils import getToolByName from Products.Archetypes.log import log from Products.Archetypes.config import DEBUG_SECURITY from Products.statusmessages.interfaces import IStatusMessage from plone.uuid.interfaces import IUUIDGenerator security = ModuleSecurityInfo() security.declarePrivate('transaction') security.declarePrivate('ClassSecurityInfo') security.declarePrivate('InitializeClass') def make_uuid(*args): generator = getUtility(IUUIDGenerator) return generator() logger = logging.getLogger('Archetypes') def fixSchema(schema): """Fix persisted schema from AT < 1.3 (UserDict-based) to work with the new fixed order schema."""
# WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED # WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS # FOR A PARTICULAR PURPOSE. # ############################################################################## """ CMFDefault product exceptions. $Id$ """ from zope.schema import ValidationError from zope.i18nmessageid import MessageFactory _ = MessageFactory('cmf_default') from AccessControl import ModuleSecurityInfo security = ModuleSecurityInfo('Products.CMFDefault.exceptions') security.declarePublic('AccessControl_Unauthorized') from Products.CMFCore.exceptions import AccessControl_Unauthorized security.declarePublic('BadRequest') from Products.CMFCore.exceptions import BadRequest security.declarePublic('CopyError') from Products.CMFCore.exceptions import CopyError security.declarePublic('ResourceLockedError') from Products.CMFCore.exceptions import ResourceLockedError security.declarePublic('WorkflowException') from Products.CMFCore.WorkflowCore import WorkflowException
folder_id = quote_userid(user_id) if folder_id not in personal: # don't let the request interfere in the processForm call request = aq_get(personal, 'REQUEST', None) if request is not None: fullname = get_fullname(context, user_id) # if we create a new user ttw - the memberdata isn't yet set when # we call this, take it directly from the request if fullname == user_id: fullname = request.form.get('form.fullname', fullname) request.form['title'] = fullname _createObjectByType('Folder', personal, id=folder_id, title=fullname) folder = personal[folder_id] folder.processForm() # Fire events pu = getToolByName(personal, 'plone_utils') pu.changeOwnershipOf(folder, (user_id, )) folder.__ac_local_roles__ = None folder.manage_setLocalRoles(user_id, ['Owner']) folder.setCreators([user_id]) folder.reindexObject() # Make functions available to scripts from AccessControl import ModuleSecurityInfo ModuleSecurityInfo('intranett.policy.utils').declarePublic('getMembersFolderId') ModuleSecurityInfo('intranett.policy.utils').declarePublic('getMembersFolder') ModuleSecurityInfo('intranett.policy.utils').declarePublic( 'get_current_user_profile_url') ModuleSecurityInfo('intranett.policy.utils').declarePublic( 'get_user_profile_url')
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS # FOR A PARTICULAR PURPOSE. # ############################################################################## """ CMFSetup product initialization. $Id$ """ from AccessControl import ModuleSecurityInfo from interfaces import BASE, EXTENSION from permissions import ManagePortal from registry import _profile_registry as profile_registry security = ModuleSecurityInfo( 'Products.CMFSetup' ) security.declareProtected( ManagePortal, 'profile_registry' ) def initialize( context ): from Products.CMFCore.utils import ToolInit, registerIcon from tool import SetupTool ToolInit( 'CMF Setup Tool' , tools=[ SetupTool ] , product_name='CMFSetup' , icon='www/tool.png' ).initialize( context ) from factory import addConfiguredSiteForm
import socket from AccessControl import ModuleSecurityInfo HAS_SSL=hasattr(socket, "ssl") del socket security = ModuleSecurityInfo('collective.browserid.config') security.declarePublic('DEFAULT_HOST') DEFAULT_HOST = 'https://browserid.org/verify' security.declarePublic('DEFAULT_TIMEOUT') DEFAULT_TIMEOUT = 15 security.declarePublic('PLUGIN_META_TYPE') PLUGIN_META_TYPE = "BrowserID plugin"
# # This software is subject to the provisions of the Zope Public License, # Version 2.0 (ZPL). A copy of the ZPL should accompany this distribution. # THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED # WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED # WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS # FOR A PARTICULAR PURPOSE # ############################################################################## """ Permissions used throughout CMFTopic. $Id$ """ from AccessControl import ModuleSecurityInfo security = ModuleSecurityInfo('Products.CMFTopic.permissions') from Products.CMFCore.permissions import setDefaultRoles security.declarePublic('AddTopics') AddTopics = 'Add portal topics' setDefaultRoles(AddTopics, ('Manager',)) security.declarePublic('ChangeTopics') ChangeTopics = 'Change portal topics' setDefaultRoles(ChangeTopics, ('Manager', 'Owner',)) security.declarePublic('AccessContentsInformation') from Products.CMFCore.permissions import AccessContentsInformation security.declarePublic('ListFolderContents')
from AccessControl import ModuleSecurityInfo security = ModuleSecurityInfo('Products.CMFStaging.permissions') security.declarePublic('ManagePortal') security.declarePublic('ModifyPortalContent') try: from Products.CMFCore.permissions import ManagePortal from Products.CMFCore.permissions import ModifyPortalContent except ImportError: from Products.CMFCore.CMFCorePermissions import ManagePortal from Products.CMFCore.CMFCorePermissions import ModifyPortalContent security.declarePublic('StageObjects') StageObjects = 'Use version control' security.declarePublic('UseVersionControl') UseVersionControl = 'Use version control' security.declarePublic('LockObjects') LockObjects = 'WebDAV Lock items' security.declarePublic('UnlockObjects') UnlockObjects = 'WebDAV Unlock items'
from AccessControl import ModuleSecurityInfo from AccessControl.Permission import addPermission security = ModuleSecurityInfo('cnm.website.permissions') security.declarePublic('DeleteThisObject') DeleteThisObject = 'CNM: Delete this object' addPermission(DeleteThisObject, default_roles=('Manager', 'Owner'))
class ValidationFailed(Exception): """Transition can not be executed because data is not in consistent state""" __allow_access_to_unprotected_subobjects__ = {'msg': 1} def __init__(self, message_instance=None): """ Redefine init in order to register the message class instance """ Exception.__init__(self, message_instance) self.msg = message_instance DCWorkflow.ValidationFailed = ValidationFailed ModuleSecurityInfo('Products.DCWorkflow.DCWorkflow').declarePublic( 'ValidationFailed') # Patch excecuteTransition from DCWorkflowDefinition, to put ValidationFailed # error messages in workflow history. def DCWorkflowDefinition_executeTransition(self, ob, tdef=None, kwargs=None): ''' Private method. Puts object in a new state. ''' sci = None econtext = None moved_exc = None validation_exc = None # Figure out the old and new states.
import PortalObject, PortalContent, PortalFolder import MembershipTool, WorkflowTool, CatalogTool, DiscussionTool import ActionsTool, UndoTool, RegistrationTool, SkinsTool import MemberDataTool, TypesTool import DirectoryView, FSImage, FSPropertiesObject import FSDTMLMethod, FSPythonScript, FSSTXMethod import FSZSQLMethod import CookieCrumbler import ContentTypeRegistry import CachingPolicyManager import utils from AccessControl import ModuleSecurityInfo prod_security = ModuleSecurityInfo( 'Products' ) prod_security.declarePublic( 'CMFCore' ) security = ModuleSecurityInfo( 'Products.CMFCore' ) security.declarePublic( 'utils' ) try: import FSPageTemplate except ImportError: HAS_PAGE_TEMPLATES = 0 else: HAS_PAGE_TEMPLATES = 1 ADD_FOLDERS_PERMISSION = 'Add portal folders'
def initialize(context): context.registerClass( BrowserIdManager.BrowserIdManager, icon="www/idmgr.gif", permission=BrowserIdManager.ADD_BROWSER_ID_MANAGER_PERM, constructors=(BrowserIdManager.constructBrowserIdManagerForm, BrowserIdManager.constructBrowserIdManager)) context.registerClass( SessionDataManager.SessionDataManager, icon='www/datamgr.gif', permission=SessionDataManager.ADD_SESSION_DATAMANAGER_PERM, constructors=(SessionDataManager.constructSessionDataManagerForm, SessionDataManager.constructSessionDataManager)) context.registerHelp() context.registerHelpTitle("Zope Help") # do module security declarations so folks can use some of the # module-level stuff in PythonScripts # # declare on behalf of Transience too, since ModuleSecurityInfo is too # stupid for me to declare in two places without overwriting one set # with the other. :-( from AccessControl import ModuleSecurityInfo security = ModuleSecurityInfo('Products') security.declarePublic('Sessions') security.declarePublic('Transience') security = ModuleSecurityInfo('Products.Sessions') security.declarePublic('BrowserIdManagerErr') security.declarePublic('SessionDataManagerErr') security = ModuleSecurityInfo('Products.Transience') security.declarePublic('MaxTransientObjectsExceeded')
# Version 2.0 (ZPL). A copy of the ZPL should accompany this distribution. # THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED # WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED # WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS # FOR A PARTICULAR PURPOSE # ############################################################################## """ CMFCalendar product permissions $Id$ """ from AccessControl import ModuleSecurityInfo from Products.CMFCore.permissions import setDefaultRoles security = ModuleSecurityInfo('Products.CMFCalendar.permissions') security.declarePublic('AddEvents') AddEvents = 'Add portal events' setDefaultRoles(AddEvents, ('Manager', 'Owner', 'Member')) security.declarePublic('ChangeEvents') ChangeEvents = 'Change portal events' setDefaultRoles(ChangeEvents, ('Manager', 'Owner',)) security.declarePublic('AddPortalContent') from Products.CMFCore.permissions import AddPortalContent security.declarePublic('ManagePortal') from Products.CMFCore.permissions import ManagePortal
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS # FOR A PARTICULAR PURPOSE # ############################################################################## """ Product-specifict permissions. $Id$ """ from AccessControl import ModuleSecurityInfo from AccessControl import Permissions from AccessControl.Permission import _registeredPermissions from AccessControl.Permission import pname from Globals import ApplicationDefaultPermissions import Products security = ModuleSecurityInfo('Products.PluggableAuthService.permissions') security.declarePublic('ManageUsers') ManageUsers = Permissions.manage_users security.declarePublic('ManageGroups') ManageGroups = "Manage Groups" security.declarePrivate('setDefaultRoles') def setDefaultRoles(permission, roles): """ Set the defaults roles for a permission. o XXX This ought to be in AccessControl.SecurityInfo. """
from AccessControl import ModuleSecurityInfo from Products.ERP5 import _dtmldir from mimetypes import guess_type from email.mime.multipart import MIMEMultipart from email.mime.text import MIMEText from email.mime.base import MIMEBase from email.mime.audio import MIMEAudio from email.mime.image import MIMEImage from email.header import make_header from email import encoders class ConversionError(Exception): pass class MimeTypeException(Exception): pass security = ModuleSecurityInfo('Products.ERP5.Tool.NotificationTool') security.declarePublic('buildEmailMessage',) def buildAttachmentDictList(document_list, document_type_list=()): """return a list of dictionary which will be used by buildEmailMessage""" attachment_list = [] for attachment in document_list: mime_type = None content = None name = None if not attachment.getPortalType() in document_type_list: mime_type = 'application/pdf' content = attachment.asPDF() # XXX - Not implemented yet else: # # Document type attachment
from zope.event import notify from AccessControl import ModuleSecurityInfo from Products.CMFCore.WorkflowCore import ActionSucceededEvent def notifyActionSucceeded(state_change): """Called from workflow after scripts.""" notify(ActionSucceededEvent(state_change.object, state_change.workflow, state_change.transition.getId(), None)) # Allow from Python scripts security = ModuleSecurityInfo('intranett.policy.workflow') security.declarePublic('notifyActionSucceeded')
# FOR A PARTICULAR PURPOSE. # ############################################################################## """ CMFCore product permissions. $Id$ """ import Products from AccessControl import ModuleSecurityInfo from AccessControl import Permissions from AccessControl.Permission import _registeredPermissions from AccessControl.Permission import pname from Globals import ApplicationDefaultPermissions security = ModuleSecurityInfo('Products.CMFCore.permissions') # # General Zope permissions # security.declarePublic('AccessContentsInformation') AccessContentsInformation = Permissions.access_contents_information security.declarePublic('ChangePermissions') ChangePermissions = Permissions.change_permissions security.declarePublic('DeleteObjects') DeleteObjects = Permissions.delete_objects security.declarePublic('FTPAccess')
from Globals import package_home from Globals import UNIQUE from OFS.misc_ import misc_ as misc_images from OFS.misc_ import Misc_ as MiscImage from OFS.PropertyManager import PropertyManager from OFS.PropertySheets import PropertySheets from OFS.SimpleItem import SimpleItem from Products.PageTemplates.Expressions import getEngine from Products.PageTemplates.Expressions import SecureModuleImporter from StructuredText.StructuredText import HTML from thread import allocate_lock from webdav.common import rfc1123_date from exceptions import AccessControl_Unauthorized from exceptions import NotFound security = ModuleSecurityInfo('Products.CMFCore.utils') _dtmldir = os_path.join(package_home(globals()), 'dtml') _wwwdir = os_path.join(package_home(globals()), 'www') # # Simple utility functions, callable from restricted code. # _marker = [] # Create a new marker object. security.declarePublic('getToolByName') def getToolByName(obj, name, default=_marker): """ Get the tool, 'toolname', by acquiring it.
from interfaces.plugins import IUserEnumerationPlugin from interfaces.plugins import IUserAdderPlugin from interfaces.plugins import IGroupEnumerationPlugin from interfaces.plugins import IRoleEnumerationPlugin from interfaces.plugins import IRoleAssignerPlugin from interfaces.plugins import IChallengeProtocolChooser from interfaces.plugins import IRequestTypeSniffer from permissions import SearchPrincipals from PropertiedUser import PropertiedUser from utils import _wwwdir from utils import createViewName from utils import classImplements security = ModuleSecurityInfo( 'Products.PluggableAuthService.PluggableAuthService') logger = logging.getLogger('PluggableAuthService') # Errors which plugins may raise, and which we suppress: _SWALLOWABLE_PLUGIN_EXCEPTIONS = (NameError, AttributeError, KeyError, TypeError, ValueError) MultiPlugins = [] def registerMultiPlugin(meta_type): """ Register a 'multi-plugin' in order to expose it to the Add List """ if meta_type in MultiPlugins: raise RuntimeError('Meta-type (%s) already available to Add List' %
import getGlobalTranslationService from ZTUtils.Zope import complex_marshal from zope import i18n from zope.component import getUtility from zope.component import queryUtility from zope.i18n.interfaces import IUserPreferredCharsets from zope.i18nmessageid import MessageFactory from Products.CMFCore.interfaces import IPropertiesTool from Products.CMFDefault.interfaces import IHTMLScrubber from Products.CMFDefault.exceptions import EmailAddressInvalid from Products.CMFDefault.exceptions import IllegalHTML security = ModuleSecurityInfo('Products.CMFDefault.utils') security.declarePrivate('_dtmldir') _dtmldir = os.path.join(package_home(globals()), 'dtml') _wwwdir = os.path.join(package_home(globals()), 'www') security.declarePublic('formatRFC822Headers') def formatRFC822Headers(headers): """ Convert the key-value pairs in 'headers' to valid RFC822-style headers, including adding leading whitespace to elements which contain newlines in order to preserve continuation-line semantics. """ munged = [] linesplit = re.compile(r'[\n\r]+?')
""" CMFDefault product permissions $Id: permissions.py 36693 2004-12-04 21:10:32Z jens $ """ from AccessControl import ModuleSecurityInfo security = ModuleSecurityInfo('Products.CMFDefault.permissions') security.declarePublic('AccessContentsInformation') from Products.CMFCore.permissions import AccessContentsInformation security.declarePublic('AddPortalContent') from Products.CMFCore.permissions import AddPortalContent security.declarePublic('AddPortalFolders') from Products.CMFCore.permissions import AddPortalFolders security.declarePublic('AddPortalMember') from Products.CMFCore.permissions import AddPortalMember security.declarePublic('DeleteObjects') from Products.CMFCore.permissions import DeleteObjects security.declarePublic('FTPAccess') from Products.CMFCore.permissions import FTPAccess security.declarePublic('ListFolderContents') from Products.CMFCore.permissions import ListFolderContents security.declarePublic('ListPortalMembers') from Products.CMFCore.permissions import ListPortalMembers
# FOR A PARTICULAR PURPOSE # ############################################################################## """ Utility functions. $Id$ """ from sgmllib import SGMLParser import re import os from Globals import package_home from AccessControl import ModuleSecurityInfo security = ModuleSecurityInfo( 'Products.CMFDefault.utils' ) security.declarePrivate('_dtmldir') _dtmldir = os.path.join( package_home( globals() ), 'dtml' ) security.declarePublic('formatRFC822Headers') def formatRFC822Headers( headers ): """ Convert the key-value pairs in 'headers' to valid RFC822-style headers, including adding leading whitespace to elements which contain newlines in order to preserve continuation-line semantics. """ munged = [] linesplit = re.compile( r'[\n\r]+?' ) for key, value in headers:
# WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS # FOR A PARTICULAR PURPOSE. # ############################################################################## """ Product-specifict permissions. $Id$ """ from AccessControl import ModuleSecurityInfo from AccessControl import Permissions from AccessControl.Permission import _registeredPermissions from AccessControl.Permission import pname from Globals import ApplicationDefaultPermissions import Products security = ModuleSecurityInfo( 'Products.PluggableAuthService.permissions' ) security.declarePublic( 'ManageUsers' ) ManageUsers = Permissions.manage_users security.declarePublic( 'ManageGroups' ) ManageGroups = "Manage Groups" security.declarePrivate( 'setDefaultRoles' ) def setDefaultRoles( permission, roles ): """ Set the defaults roles for a permission. o XXX This ought to be in AccessControl.SecurityInfo. """ registered = _registeredPermissions
container_filter=ProcessManagerFilter, ) def initialize(context): from gocept.alphaflow import patch_plone_types DirectoryView.registerDirectory(config.SKINS_DIR, config.GLOBALS) initialize_tools(context) initialize_content(context) initialize_index(context) def ProcessManagerFilter(objectManager): """Processes can only show up in Process Manager objects.""" meta_type = getattr(objectManager.getParentNode(), 'meta_type', '') if meta_type not in ["AlphaFlow Process Manager"]: return False if objectManager.getId() != "processes": return False return True ModuleSecurityInfo("Products.Archetypes.config").declarePublic("UID_CATALOG") ModuleSecurityInfo("gocept.alphaflow.utils").declarePublic( "urlAppendToQueryString") ModuleSecurityInfo("gocept.alphaflow.interfaces").declarePublic( "ILifeCycleController")
############################################################################## # # Copyright (c) 2004 Zope Corporation and Contributors. All Rights Reserved. # # This software is subject to the provisions of the Zope Public License, # Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution. # THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED # WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED # WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS # FOR A PARTICULAR PURPOSE. # ############################################################################## """ CMFSetup product exceptions. $Id$ """ from AccessControl import ModuleSecurityInfo security = ModuleSecurityInfo('Products.CMFSetup.exceptions') security.declarePublic('BadRequest') from Products.CMFCore.exceptions import BadRequest
from AccessControl import ModuleSecurityInfo from Products.CMFCore.permissions import setDefaultRoles security = ModuleSecurityInfo('pcommerce.core.config') security.declarePublic('AddProduct') AddProduct = 'PCommerce: Add Product' setDefaultRoles(AddProduct, ('Manager','Contributer','Owner',)) security.declarePublic('AddVariation') AddVariation = 'PCommerce: Add Variation' setDefaultRoles(AddVariation, ('Manager','Contributer','Owner',)) security.declarePublic('AddImage') AddVariation = 'PCommerce: Add Image' setDefaultRoles(AddVariation, ('Manager','Contributer','Owner',)) security.declarePublic('AddPrice') AddPrice = 'PCommerce: Add Price' setDefaultRoles(AddPrice, ('Manager','Contributer','Owner',)) security.declarePublic('AddToCart') AddToCart = 'PCommerce: Add to Cart' setDefaultRoles(AddToCart, ('Anonymous', 'Authenticated',)) security.declarePublic('CheckOut') CheckOut = 'PCommerce: Check out' setDefaultRoles(CheckOut, ('Authenticated',)) security.declarePublic('ManageOrders') ManageOrders = 'PCommerce: Manage Orders'
# id to use in the Control Panel cp_id = 'TranslationService' # module level translation service translation_service = None # icon misc_ = { 'PlacelessTranslationService.png': Globals.ImageFile('www/PlacelessTranslationService.png', globals()), 'GettextMessageCatalog.png': Globals.ImageFile('www/GettextMessageCatalog.png', globals()), } # set product-wide attrs for importing security = ModuleSecurityInfo('Products.PlacelessTranslationService') allow_module('Products.PlacelessTranslationService') security.declareProtected(view, 'getTranslationService') def getTranslationService(): """returns the PTS instance """ return translation_service security.declareProtected(view, 'translate') @deprecate("The translate method of the PTS package is deprecated and will be " "removed in the next PTS release. Use the translate method of the " "global translation service instead.") def translate(*args, **kwargs): """see PlaceslessTranslationService.PlaceslessTranslationService """
# # This software is subject to the provisions of the Zope Public License, # Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution. # THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED # WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED # WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS # FOR A PARTICULAR PURPOSE. # ############################################################################## """ Permissions used throughout CMFTopic. $Id$ """ from AccessControl import ModuleSecurityInfo security = ModuleSecurityInfo('Products.CMFTopic.permissions') from Products.CMFCore.permissions import setDefaultRoles security.declarePublic('AddTopics') AddTopics = 'Add portal topics' setDefaultRoles(AddTopics, ('Manager', )) security.declarePublic('ChangeTopics') ChangeTopics = 'Change portal topics' setDefaultRoles(ChangeTopics, ( 'Manager', 'Owner', )) security.declarePublic('AccessContentsInformation')
from email.MIMEBase import MIMEBase from plone.memoize import ram from plone.registry.interfaces import IRegistry from Products.Archetypes.public import DisplayList from Products.CMFCore.utils import getToolByName from Products.CMFPlone.utils import safe_unicode from zope.component import queryUtility from zope.i18n import translate from zope.i18n.locales import locales import App import Globals import os import re import urllib2 ModuleSecurityInfo('email.Utils').declarePublic('formataddr') allow_module('csv') def to_utf8(text): if text is None: text = '' return safe_unicode(text).encode('utf-8') def to_unicode(text): if text is None: text = '' return safe_unicode(text)
from AccessControl.Role import gather_permissions from OFS.PropertyManager import PropertyManager from OFS.SimpleItem import SimpleItem from OFS.PropertySheets import PropertySheets from OFS.misc_ import misc_ as misc_images from OFS.misc_ import Misc_ as MiscImage try: from OFS.ObjectManager import UNIQUE except ImportError: UNIQUE = 2 from Products.PageTemplates.Expressions import getEngine from Products.PageTemplates.Expressions import SecureModuleImporter security = ModuleSecurityInfo( 'Products.CMFCore.utils' ) _dtmldir = os_path.join( package_home( globals() ), 'dtml' ) # # Simple utility functions, callable from restricted code. # _marker = [] # Create a new marker object. security.declarePublic('getToolByName') def getToolByName(obj, name, default=_marker): """ Get the tool, 'toolname', by acquiring it. o Application code should use this method, rather than simply acquiring the tool by name, to ease forward migration (e.g.,
import transaction import warnings import zope.interface try: from types import ClassType except ImportError: ClassType = type deprecated_import( "Import from Products.CMFPlone.defaultpage instead", isDefaultPage='Products.CMFPlone.defaultpage:check_default_page_via_view', getDefaultPage='Products.CMFPlone.defaultpage:get_default_page_via_view', ) security = ModuleSecurityInfo() security.declarePrivate('deprecated') security.declarePrivate('abspath') security.declarePrivate('re') security.declarePrivate('OFS') security.declarePrivate('aq_get') security.declarePrivate('package_home') security.declarePrivate('ImageFile') security.declarePrivate('CMFCoreToolInit') security.declarePrivate('transaction') security.declarePrivate('zope') # Canonical way to get at CMFPlone directory PACKAGE_HOME = package_home(globals()) security.declarePrivate('PACKAGE_HOME') WWW_DIR = join(PACKAGE_HOME, 'www')
"""Common configuration constants """ from AccessControl import ModuleSecurityInfo from Products.CMFCore.permissions import setDefaultRoles PROJECTNAME = 'raptus.filesystemindex' security = ModuleSecurityInfo('raptus.filesystemindex.config') security.declarePublic('ADD_PERMISSION') ADD_PERMISSION = 'raptus.filesystemindex: Add FileSystemIndex' setDefaultRoles(ADD_PERMISSION, ('Manager','Contributor',))
# -*- coding: utf-8 -*- # Copyright (c) 2012-2013 Infrae. All rights reserved. # See also LICENSE.txt # Helpers for cs_youtube ... import urlparse from AccessControl import ModuleSecurityInfo module_security = ModuleSecurityInfo( 'Products.SilvaExternalSources.codesources.youtube') # correct urls have a path which start with '/v/' and youtube netloc # urls have which have a path that starts with '/watch' or with '/embed' # need to get formatted, invalid urls have a path different than that module_security.declarePublic('validate_youtube_url') def validate_youtube_url(value, REQUEST=None): """Validate that a url can be used as a youtube URL. >>> validate_youtube_url("http://www.youtube.com/watch?v=4T1BITS4Hz0&feature=g-all-u") True >>> validate_youtube_url("http://www.youtube.com/v/4T1BITS4Hz0") True >>> validate_youtube_url("http://youtube.com/v/4T1BITS4Hz0") True >>> validate_youtube_url("http://www.youtube.com/embed/fwUHKgVc2zc") True >>> validate_youtube_url("http://www.youtube.com/v/4T1BITS4Hz0?version=3&hl=nl_NL")
def initialize(context): context.registerClass( ZSQLCatalog.ZCatalog, permission='Add ZCatalogs', constructors=(ZSQLCatalog.manage_addZSQLCatalogForm, ZSQLCatalog.manage_addZSQLCatalog), icon='www/ZCatalog.gif', ) context.registerClass( SQLCatalog.Catalog, permission='Add ZCatalogs', constructors=(SQLCatalog.manage_addSQLCatalogForm, SQLCatalog.manage_addSQLCatalog), icon='www/ZCatalog.gif', ) context.registerHelp() context.registerHelpTitle('Zope Help') from AccessControl import ModuleSecurityInfo, ClassSecurityInfo ModuleSecurityInfo('Products.ZSQLCatalog.SQLCatalog').declarePublic( 'ComplexQuery', 'Query', 'NegatedQuery', 'AndQuery', 'OrQuery', 'BaseQuery', 'SQLQuery') from Query import Query, SimpleQuery from SearchKey import SearchKey
context.registerHelp() context.registerHelpTitle('Script (Python)') global _m _m['recompile'] = recompile _m['recompile__roles__'] = ('Manager', ) # utility stuff def recompile(self): '''Recompile all Python Scripts''' base = self.this() scripts = base.ZopeFind(base, obj_metatypes=('Script (Python)', ), search_sub=1) names = [] for name, ob in scripts: if ob._v_change: names.append(name) ob._compile() ob._p_changed = 1 if names: return 'The following Scripts were recompiled:\n' + '\n'.join(names) return 'No Scripts were found that required recompilation.' import patches ModuleSecurityInfo('json').declarePublic('dumps')
# -*- coding: utf-8 -*- # Copyright (c) 2012-2013 Infrae. All rights reserved. # See also LICENSE.txt from AccessControl import ModuleSecurityInfo from silva.translations import translate as _ module_security = ModuleSecurityInfo('Products.Silva.roleinfo') BUILTIN_VIEWER_ROLES = ('Anonymous', 'Authenticated') SILVA_VIEWER_ROLES = ('Viewer', 'Viewer +', 'Viewer ++') VIEWER_ROLES = BUILTIN_VIEWER_ROLES + SILVA_VIEWER_ROLES module_security.declareProtected('View', 'CHIEF_ROLES') MANAGER_ROLES = ('Manager',) CHIEF_ROLES = ('ChiefEditor',) + MANAGER_ROLES EDITOR_ROLES = ('Editor',) + CHIEF_ROLES AUTHOR_ROLES = ('Author',) + EDITOR_ROLES #aaltepet: 1/12/06: we want to be able test reader_roles #from pythonscripts. e.g. to see if current user #can access smi module_security.declareProtected('Change Silva access', 'READER_ROLES') READER_ROLES = ('Reader',) + AUTHOR_ROLES module_security.declareProtected('View', 'ALL_ROLES') ALL_ROLES = VIEWER_ROLES + READER_ROLES _i18n_markers = ( _('zope roles'), _('silva roles'),
from AccessControl import ModuleSecurityInfo from AccessControl import Unauthorized as AccessControl_Unauthorized from OFS.CopySupport import CopyError from zExceptions import BadRequest from zExceptions import NotFound from zExceptions import Unauthorized as zExceptions_Unauthorized try: from zExceptions import ResourceLockedError except ImportError: from webdav.Lockable import ResourceLockedError security = ModuleSecurityInfo('Products.CMFCore.exceptions') # Use AccessControl_Unauthorized to raise Unauthorized errors and # zExceptions_Unauthorized to catch them all. security.declarePublic('AccessControl_Unauthorized') security.declarePublic('BadRequest') security.declarePublic('CopyError') security.declarePublic('NotFound') @security.public class SkinPathError(Exception): """ Invalid skin path error. """ pass
# Copyright © 2003, 2004 IOPEN Technologies Ltd, 2013 OnlineGroups.net and # Contributors. All Rights Reserved. # # This software is subject to the provisions of the Zope Public License, # Version 2.1 (ZPL). A copy of the ZPL should accompany this distribution. # THIS SOFTWARE IS PROVIDED "AS IS" AND ANY AND ALL EXPRESS OR IMPLIED # WARRANTIES ARE DISCLAIMED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED # WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS # FOR A PARTICULAR PURPOSE. # ############################################################################## from AccessControl import ModuleSecurityInfo from AccessControl import allow_class xwfutils_security = ModuleSecurityInfo('Products.XWFCore.XWFUtils') xwfutils_security.declarePublic('convertCatalogResultsToXml') xwfutils_security.declarePublic('convertObjectsToXml') xwfutils_security.declarePublic('createRequestFromRequest') xwfutils_security.declarePublic('convertTextToAscii') xwfutils_security.declarePublic('createBatch') xwfutils_security.declarePublic('generate_user_id') xwfutils_security.declarePublic('assign_ownership') xwfutils_security.declarePublic('markupEmail') xwfutils_security.declarePublic('getToolByName') xwfutils_security.declarePublic('convertTextUsingContentType') xwfutils_security.declarePublic('rfc822_date') xwfutils_security.declarePublic('change_timezone') xwfutils_security.declarePublic('all_timezones') xwfutils_security.declarePublic('munge_date') xwfutils_security.declarePublic('curr_time')
from AccessControl import allow_class, ModuleSecurityInfo, ClassSecurityInfo from AccessControl.class_init import InitializeClass from Products.PythonScripts.Utility import allow_module from zope.security.checker import defineChecker, CheckerPublic, NamesChecker allow_module("plone.subrequest") # Whitelist plone.api allow_module('plone.api.portal') portal = ModuleSecurityInfo('plone.api.portal') portal.declarePublic('get_tool') # zope transcation stuff ModuleSecurityInfo("transaction").declarePublic("savepoint") # Basic ZODB stuff import persistent.list import persistent.dict defineChecker(persistent.list, NamesChecker(['PersistentList'])) defineChecker(persistent.dict, NamesChecker(['PersistentDict'])) dict_checker = NamesChecker(['__call__','__init__','__getitem__', '__len__', '__iter__', 'get', 'has_key', 'copy', '__str__', 'keys', 'values', 'items', 'iterkeys', 'iteritems', 'itervalues', '__contains__']) persistent.dict.PersistentDict.__Security_checker__ = dict_checker list_checker = NamesChecker(['__call__','__init__','__getitem__', '__getslice__', '__len__', '__iter__', '__contains__', 'index', 'count', '__str__', '__add__', '__radd__','__setitem__' ]) persistent.list.PersistentList.__Security_checker__ = list_checker
"""Common configuration constants """ from AccessControl import ModuleSecurityInfo from Products.CMFCore.permissions import setDefaultRoles PROJECTNAME = "raptus.article.media" security = ModuleSecurityInfo("raptus.article.media.config") security.declarePublic("ADD_PERMISSION") ADD_PERMISSION = {} ADD_PERMISSION["Video"] = "raptus.article: Add Video" setDefaultRoles(ADD_PERMISSION["Video"], ("Manager", "Contributor")) ADD_PERMISSION["VideoEmbed"] = "raptus.article: Add Embeded Video" setDefaultRoles(ADD_PERMISSION["VideoEmbed"], ("Manager", "Contributor")) ADD_PERMISSION["Audio"] = "raptus.article: Add Audio" setDefaultRoles(ADD_PERMISSION["Audio"], ("Manager", "Contributor"))
This means that the regular CGI interface does all authentication quite independently of Zope. The roundup code is kept in memory though, and it runs in the same server as all your other Zope stuff, so it does have _some_ advantages over regular CGI :) ''' import urlparse from Globals import InitializeClass, HTMLFile from OFS.SimpleItem import Item from OFS.PropertyManager import PropertyManager from Acquisition import Explicit, Implicit from Persistence import Persistent from AccessControl import ClassSecurityInfo from AccessControl import ModuleSecurityInfo modulesecurity = ModuleSecurityInfo() import roundup.instance from roundup.cgi import client modulesecurity.declareProtected('View management screens', 'manage_addZRoundupForm') manage_addZRoundupForm = HTMLFile('dtml/manage_addZRoundupForm', globals()) modulesecurity.declareProtected('Add Z Roundups', 'manage_addZRoundup') def manage_addZRoundup(self, id, instance_home, REQUEST): """Add a ZRoundup product """ # validate the instance_home roundup.instance.open(instance_home)
import re from AccessControl import ModuleSecurityInfo from Acquisition import aq_inner from OFS.ObjectManager import checkValidId from OFS.interfaces import IObjectManager from five import grok from zExceptions import BadRequest from zope.interface import providedBy from silva.translations import translate as _ from silva.core.interfaces import ISilvaObject, IAsset, IContainer, ContentError from silva.core.interfaces import ISilvaNameChooser from Products.Silva import characters module_security = ModuleSecurityInfo('Products.Silva.mangle') _marker = object() class NameValidator(grok.Subscription): grok.implements(ISilvaNameChooser) grok.context(IContainer) grok.order(10) def __init__(self, context): self.context = context def checkName(self, identifier, content, file=None, interface=None): if content is not None: interface = providedBy(content) mangle = Id(self.context, identifier, file=file, interface=interface)
from plone.app.layout.navigation.navtree import NavtreeStrategyBase from plone.app.layout.navigation.root import getNavigationRoot from plone.i18n.normalizer.interfaces import IIDNormalizer from AccessControl import ModuleSecurityInfo from Acquisition import aq_inner from Products.CMFCore.utils import getToolByName from Products.CMFPlone import utils # Strategy objects for the navtree creation code. You can subclass these # to expand the default navtree behaviour, and pass instances of your # subclasses to buildFolderTree(). security = ModuleSecurityInfo() security.declarePrivate('plone') security.declarePrivate('utils') class NavtreeQueryBuilder(object): """Build a navtree query based on the settings in navtree_properties """ implements(INavigationQueryBuilder) def __init__(self, context): portal_properties = getToolByName(context, 'portal_properties') navtree_properties = getattr(portal_properties, 'navtree_properties') # Acquire a custom nav query if available customQuery = getattr(context, 'getCustomNavQuery', None)
# ############################################################################## """ CMFCore product permissions. $Id$ """ import Products from AccessControl import ModuleSecurityInfo from AccessControl import Permissions from AccessControl.Permission import _registeredPermissions from AccessControl.Permission import pname from Globals import ApplicationDefaultPermissions security = ModuleSecurityInfo('Products.CMFCore.permissions') # # General Zope permissions # security.declarePublic('AccessContentsInformation') AccessContentsInformation = Permissions.access_contents_information security.declarePublic('ChangePermissions') ChangePermissions = Permissions.change_permissions security.declarePublic('DeleteObjects') DeleteObjects = Permissions.delete_objects security.declarePublic('FTPAccess')
# -*- coding: utf-8 -*- # Copyright (c) 2012-2013 Infrae. All rights reserved. # See also LICENSE.txt from random import choice from AccessControl import ModuleSecurityInfo module_security = ModuleSecurityInfo( 'Products.SilvaExternalSources.codesources.make_HTML_token') chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ_abcdefghijklmnopqrstuvwxyz-0123456789' length = 12 module_security.declarePublic('make_token') def make_token(): return ''.join(choice(chars) for x in xrange(length))