def patch_security():
ModuleSecurityInfo('OFS.ObjectManager').setDefaultAccess(0)
ModuleSecurityInfo('OFS.ObjectManager').declareObjectPrivate()
ModuleSecurityInfo('OFS.ObjectManager').declarePublic('BeforeDeleteException')
for m in BAD_IMPORTS:
modsec = ModuleSecurityInfo(m)
for a in BAD_IMPORTS[m]:
modsec.declarePrivate(a)
from AccessControl import ClassSecurityInfo
from AccessControl import ModuleSecurityInfo
from AccessControl.SecurityInfo import ACCESS_PUBLIC
from Acquisition import aq_base, aq_inner, aq_parent
from ExtensionClass import ExtensionClass
from App.class_init import InitializeClass
from Products.CMFCore.utils import getToolByName
from Products.Archetypes.log import log
from Products.Archetypes.config import DEBUG_SECURITY
from Products.statusmessages.interfaces import IStatusMessage
from plone.uuid.interfaces import IUUIDGenerator
security = ModuleSecurityInfo()
security.declarePrivate('transaction')
security.declarePrivate('ClassSecurityInfo')
security.declarePrivate('InitializeClass')
def make_uuid(*args):
generator = getUtility(IUUIDGenerator)
return generator()
logger = logging.getLogger('Archetypes')
def fixSchema(schema):
"""Fix persisted schema from AT < 1.3 (UserDict-based)
to work with the new fixed order schema."""
from Products.Archetypes.Schema import Schemata
from plone.app.layout.navigation.navtree import NavtreeStrategyBase
from plone.app.layout.navigation.root import getNavigationRoot
from plone.i18n.normalizer.interfaces import IIDNormalizer
from AccessControl import ModuleSecurityInfo
from Acquisition import aq_inner
from Products.CMFCore.utils import getToolByName
from Products.CMFPlone import utils
# Strategy objects for the navtree creation code. You can subclass these
# to expand the default navtree behaviour, and pass instances of your
# subclasses to buildFolderTree().
security = ModuleSecurityInfo()
security.declarePrivate('plone')
security.declarePrivate('utils')
class NavtreeQueryBuilder(object):
"""Build a navtree query based on the settings in navtree_properties
"""
implements(INavigationQueryBuilder)
def __init__(self, context):
portal_properties = getToolByName(context, 'portal_properties')
navtree_properties = getattr(portal_properties, 'navtree_properties')
# Acquire a custom nav query if available
customQuery = getattr(context, 'getCustomNavQuery', None)
if customQuery is not None and utils.safe_callable(customQuery):
from AccessControl import ClassSecurityInfo
from AccessControl import ModuleSecurityInfo
from AccessControl.SecurityInfo import ACCESS_PUBLIC
from Acquisition import aq_base, aq_inner, aq_parent
from ExtensionClass import ExtensionClass
from App.class_init import InitializeClass
from Products.CMFCore.utils import getToolByName
from Products.Archetypes.log import log
from Products.Archetypes.config import DEBUG_SECURITY
from Products.statusmessages.interfaces import IStatusMessage
from plone.uuid.interfaces import IUUIDGenerator
security = ModuleSecurityInfo()
security.declarePrivate('transaction')
security.declarePrivate('ClassSecurityInfo')
security.declarePrivate('InitializeClass')
def make_uuid(*args):
generator = getUtility(IUUIDGenerator)
return generator()
logger = logging.getLogger('Archetypes')
def fixSchema(schema):
"""Fix persisted schema from AT < 1.3 (UserDict-based)
to work with the new fixed order schema."""
from Products.Archetypes.Schema import Schemata
"""some common utilities
"""
import logging
from time import time
from types import UnicodeType, StringType
STRING_TYPES = (UnicodeType, StringType)
class MimeTypeException(Exception):
pass
# logging function
logger = logging.getLogger('MimetypesRegistry')
def log(msg, severity=logging.INFO, id='MimetypesRegistry'):
logger.log(severity, msg)
# directory where template for the ZMI are located
import os.path
_www = os.path.join(os.path.dirname(__file__), 'www')
from AccessControl import ModuleSecurityInfo
security = ModuleSecurityInfo()
security.declarePrivate('logging')
security.declarePrivate('os')
security.declarePrivate('time')
import warnings
import zope.interface
try:
from types import ClassType
except ImportError:
ClassType = type
deprecated_import(
"Import from Products.CMFPlone.defaultpage instead",
isDefaultPage='Products.CMFPlone.defaultpage:check_default_page_via_view',
getDefaultPage='Products.CMFPlone.defaultpage:get_default_page_via_view',
)
security = ModuleSecurityInfo()
security.declarePrivate('deprecated')
security.declarePrivate('abspath')
security.declarePrivate('re')
security.declarePrivate('OFS')
security.declarePrivate('aq_get')
security.declarePrivate('package_home')
security.declarePrivate('ImageFile')
security.declarePrivate('CMFCoreToolInit')
security.declarePrivate('transaction')
security.declarePrivate('zope')
# Canonical way to get at CMFPlone directory
PACKAGE_HOME = package_home(globals())
security.declarePrivate('PACKAGE_HOME')
WWW_DIR = join(PACKAGE_HOME, 'www')
security.declarePrivate('WWW_DIR')
""" Make a tuple from 'value'.
o Use 'valueName' to generate appropriate error messages.
"""
if type(value) == type(()):
return value
if type(value) == type([]):
return tuple( value )
if type(value) == type(''):
return tuple( value.split() )
raise ValueError, "%s of unsupported type" % valueName
#
# Security utilities, callable only from unrestricted code.
#
security.declarePrivate('_getAuthenticatedUser')
def _getAuthenticatedUser( self ):
return getSecurityManager().getUser()
security.declarePrivate('_checkPermission')
def _checkPermission(permission, obj, StringType = type('')):
roles = rolesForPermissionOn(permission, obj)
if type(roles) is StringType:
roles=[roles]
if _getAuthenticatedUser( obj ).allowed( obj, roles ):
return 1
return 0
security.declarePrivate('_verifyActionPermissions')
def _verifyActionPermissions(obj, action):
pp = action.getPermissions()
from AccessControl import ModuleSecurityInfo
from Acquisition import aq_get
from Acquisition import aq_base, aq_inner, aq_parent
from App.Common import package_home
from App.ImageFile import ImageFile
from DateTime import DateTime
from DateTime.interfaces import DateTimeError
from Products.CMFCore.interfaces import IPropertiesTool
from Products.CMFCore.permissions import ManageUsers
from Products.CMFCore.utils import ToolInit as CMFCoreToolInit
from Products.CMFCore.utils import getToolByName
import transaction
security = ModuleSecurityInfo()
security.declarePrivate('deprecated')
security.declarePrivate('abspath')
security.declarePrivate('re')
security.declarePrivate('OFS')
security.declarePrivate('aq_get')
security.declarePrivate('package_home')
security.declarePrivate('ImageFile')
security.declarePrivate('CMFCoreToolInit')
security.declarePrivate('transaction')
security.declarePrivate('zope')
# Canonical way to get at CMFPlone directory
PACKAGE_HOME = package_home(globals())
security.declarePrivate('PACKAGE_HOME')
WWW_DIR = join(PACKAGE_HOME, 'www')
SUBTEMPLATE = '__SUBTEMPLATE__'
security = ModuleSecurityInfo( 'Products.CMFCore.utils' )
_globals = globals()
_dtmldir = os_path.join( package_home( globals() ), 'dtml' )
_wwwdir = os_path.join( package_home( globals() ), 'www' )
#
# Simple utility functions, callable from restricted code.
#
_marker = [] # Create a new marker object.
_tool_interface_registry = {}
security.declarePrivate('registerToolInterface')
def registerToolInterface(tool_id, tool_interface):
""" Register a tool ID for an interface
This method can go away when getToolByName is going away (CMF 2.3).
"""
global _tool_interface_registry
_tool_interface_registry[tool_id] = tool_interface
security.declarePrivate('getToolInterface')
def getToolInterface(tool_id):
""" Get the interface registered for a tool ID
"""
global _tool_interface_registry
return _tool_interface_registry.get(tool_id, None)
ps = getToolByName(self, 'portal_properties').cmfbibat_properties
prop_name = '%s_%s' % (prefix, property)
prop_name = ''.join([c for c in prop_name if c.lower() in string.letters + '_'])
ps.manage_changeProperties(**{prop_name:value})
security.declareProtected(View, 'getSheetProperty')
def getSheetProperty(self, prefix, property):
""" return property from cmfbibat propertysheet """
ps = getToolByName(self, 'portal_properties').cmfbibat_properties
prop_name = '%s_%s' % (prefix, property)
prop_name = ''.join([c for c in prop_name if c.lower() in string.letters + '_'])
return ps.getProperty(prop_name)
security.declarePrivate('getEntryDict')
def getEntryDict(self, bibref_item, instance=None, title_link=False, title_link_only_if_owner=False, ):
""" transform a BiblioRef Object into python dictionary
"""
ref_attributes = ('publication_year',
'publication_month',
'publication_url',
'abstract',
'note',
'publisher',
'editor',
'editor_flag',
'organization',
'institution',
'school',
'address',
from plone.app.layout.navigation.navtree import NavtreeStrategyBase
from plone.app.layout.navigation.root import getNavigationRoot
from plone.i18n.normalizer.interfaces import IIDNormalizer
from AccessControl import ModuleSecurityInfo
from Acquisition import aq_inner
from Products.CMFCore.utils import getToolByName
from Products.CMFPlone import utils
# Strategy objects for the navtree creation code. You can subclass these
# to expand the default navtree behaviour, and pass instances of your
# subclasses to buildFolderTree().
security = ModuleSecurityInfo()
security.declarePrivate('plone')
security.declarePrivate('utils')
class NavtreeQueryBuilder(object):
"""Build a navtree query based on the settings in navtree_properties
"""
implements(INavigationQueryBuilder)
def __init__(self, context):
portal_properties = getToolByName(context, 'portal_properties')
navtree_properties = getattr(portal_properties, 'navtree_properties')
# Acquire a custom nav query if available
customQuery = getattr(context, 'getCustomNavQuery', None)
if customQuery is not None and utils.safe_callable(customQuery):
o Use 'valueName' to generate appropriate error messages.
"""
if isinstance(value, tuple):
return value
if isinstance(value, list):
return tuple(value)
if isinstance(value, basestring):
return tuple(value.split())
raise ValueError, "%s of unsupported type" % valueName
#
# Security utilities, callable only from unrestricted code.
#
security.declarePrivate("_getAuthenticatedUser")
def _getAuthenticatedUser(self):
return getSecurityManager().getUser()
security.declarePrivate("_checkPermission")
def _checkPermission(permission, obj):
return getSecurityManager().checkPermission(permission, obj)
security.declarePrivate("_verifyActionPermissions")
# module level translation service
translation_service = None
# icon
misc_ = {
'PlacelessTranslationService.png':
ImageFile('www/PlacelessTranslationService.png', globals()),
'GettextMessageCatalog.png':
ImageFile('www/GettextMessageCatalog.png', globals()),
}
# set product-wide attrs for importing
security = ModuleSecurityInfo('Products.PlacelessTranslationService')
allow_module('Products.PlacelessTranslationService')
security.declarePrivate('os')
security.declarePrivate('logging')
security.declarePrivate('isdir')
security.declarePrivate('deprecate')
security.declarePrivate('Globals')
security.declarePrivate('ImageFile')
security.declarePrivate('pts_globals')
security.declarePrivate('CACHE_PATH')
security.declarePrivate('get_registered_packages')
security.declarePrivate('ModuleSecurityInfo')
security.declarePrivate('PTSWrapper')
security.declarePrivate('get_products')
security.declarePrivate('patches')
security.declarePrivate('warnings')
security.declarePrivate('misc_')
security.declarePrivate('os')
prop_name = '%s_%s' % (prefix, property)
prop_name = ''.join(
[c for c in prop_name if c.lower() in string.letters + '_'])
ps.manage_changeProperties(**{prop_name: value})
security.declareProtected(View, 'getSheetProperty')
def getSheetProperty(self, prefix, property):
""" return property from cmfbibat propertysheet """
ps = getToolByName(self, 'portal_properties').cmfbibat_properties
prop_name = '%s_%s' % (prefix, property)
prop_name = ''.join(
[c for c in prop_name if c.lower() in string.letters + '_'])
return ps.getProperty(prop_name)
security.declarePrivate('getEntryDict')
def getEntryDict(
self,
bibref_item,
instance=None,
title_link=False,
title_link_only_if_owner=False,
):
""" transform a BiblioRef Object into python dictionary
"""
ref_attributes = (
'publication_year',
'publication_month',
'publication_url',
'abstract',
o Use 'valueName' to generate appropriate error messages.
"""
if isinstance(value, tuple):
return value
if isinstance(value, list):
return tuple(value)
if isinstance(value, basestring):
return tuple(value.split())
raise ValueError, "%s of unsupported type" % valueName
#
# Security utilities, callable only from unrestricted code.
#
security.declarePrivate('_getAuthenticatedUser')
def _getAuthenticatedUser(self):
return getSecurityManager().getUser()
security.declarePrivate('_checkPermission')
def _checkPermission(permission, obj):
return getSecurityManager().checkPermission(permission, obj)
security.declarePrivate('_verifyActionPermissions')
from zope import i18n
from zope.component import getUtility
from zope.component import queryUtility
from zope.i18n.interfaces import IUserPreferredCharsets
from zope.i18nmessageid import MessageFactory
from Products.CMFCore.interfaces import IPropertiesTool
from Products.CMFDefault.interfaces import IHTMLScrubber
from Products.CMFDefault.exceptions import EmailAddressInvalid
from Products.CMFDefault.exceptions import IllegalHTML
security = ModuleSecurityInfo('Products.CMFDefault.utils')
security.declarePrivate('_dtmldir')
_dtmldir = os.path.join(package_home(globals()), 'dtml')
_wwwdir = os.path.join(package_home(globals()), 'www')
security.declarePublic('formatRFC822Headers')
def formatRFC822Headers(headers):
""" Convert the key-value pairs in 'headers' to valid RFC822-style
headers, including adding leading whitespace to elements which
contain newlines in order to preserve continuation-line semantics.
"""
munged = []
linesplit = re.compile(r'[\n\r]+?')
for key, value in headers:
# module level translation service
translation_service = None
# icon
misc_ = {
'PlacelessTranslationService.png':
ImageFile('www/PlacelessTranslationService.png', globals()),
'GettextMessageCatalog.png':
ImageFile('www/GettextMessageCatalog.png', globals()),
}
# set product-wide attrs for importing
security = ModuleSecurityInfo('Products.PlacelessTranslationService')
allow_module('Products.PlacelessTranslationService')
security.declarePrivate('os')
security.declarePrivate('logging')
security.declarePrivate('isdir')
security.declarePrivate('deprecate')
security.declarePrivate('Globals')
security.declarePrivate('ImageFile')
security.declarePrivate('pts_globals')
security.declarePrivate('CACHE_PATH')
security.declarePrivate('get_registered_packages')
security.declarePrivate('ModuleSecurityInfo')
security.declarePrivate('PTSWrapper')
security.declarePrivate('get_products')
security.declarePrivate('patches')
security.declarePrivate('warnings')
security.declarePrivate('misc_')
security.declarePrivate('os')
##############################################################################
""" Utility functions.
$Id$
"""
from sgmllib import SGMLParser
import re
import os
from Globals import package_home
from AccessControl import ModuleSecurityInfo
security = ModuleSecurityInfo( 'Products.CMFDefault.utils' )
security.declarePrivate('_dtmldir')
_dtmldir = os.path.join( package_home( globals() ), 'dtml' )
security.declarePublic('formatRFC822Headers')
def formatRFC822Headers( headers ):
""" Convert the key-value pairs in 'headers' to valid RFC822-style
headers, including adding leading whitespace to elements which
contain newlines in order to preserve continuation-line semantics.
"""
munged = []
linesplit = re.compile( r'[\n\r]+?' )
for key, value in headers:
vallines = linesplit.split( value )
security.declarePublic( 'formatRFC822Headers'
, 'parseHeadersBody'
, 'semi_split'
, 'comma_split'
, 'seq_strip'
, 'tuplize'
, 'scrubHTML'
, 'isHTMLSafe'
, 'bodyfinder'
, 'html_headcheck'
)
security.declarePrivate( '_dtmldir'
, '_bodyre'
, '_endbodyre'
, '_htfinder'
)
_dtmldir = os.path.join( package_home( globals() ), 'dtml' )
def formatRFC822Headers( headers ):
""" Convert the key-value pairs in 'headers' to valid RFC822-style
headers, including adding leading whitespace to elements which
contain newlines in order to preserve continuation-line semantics.
"""
munged = []
linesplit = re.compile( r'[\n\r]+?' )
for key, value in headers:
from AccessControl import ModuleSecurityInfo
from AccessControl import Permissions
from AccessControl.Permission import _registeredPermissions
from AccessControl.Permission import pname
from Globals import ApplicationDefaultPermissions
import Products
security = ModuleSecurityInfo('Products.PluggableAuthService.permissions')
security.declarePublic('ManageUsers')
ManageUsers = Permissions.manage_users
security.declarePublic('ManageGroups')
ManageGroups = "Manage Groups"
security.declarePrivate('setDefaultRoles')
def setDefaultRoles(permission, roles):
""" Set the defaults roles for a permission.
o XXX This ought to be in AccessControl.SecurityInfo.
"""
registered = _registeredPermissions
if not registered.has_key(permission):
registered[permission] = 1
Products.__ac_permissions__ = (Products.__ac_permissions__ +
((permission, (), roles), ))
SUBTEMPLATE = '__SUBTEMPLATE__'
security = ModuleSecurityInfo('Products.CMFCore.utils')
_globals = globals()
_dtmldir = os_path.join(package_home(globals()), 'dtml')
_wwwdir = os_path.join(package_home(globals()), 'www')
#
# Simple utility functions, callable from restricted code.
#
_marker = [] # Create a new marker object.
_tool_interface_registry = {}
security.declarePrivate('registerToolInterface')
def registerToolInterface(tool_id, tool_interface):
""" Register a tool ID for an interface
This method can go away when getToolByName is going away (CMF 2.3).
"""
global _tool_interface_registry
_tool_interface_registry[tool_id] = tool_interface
security.declarePrivate('getToolInterface')
def getToolInterface(tool_id):
security.declarePublic('ManageProperties')
ManageProperties = Permissions.manage_properties
security.declarePublic('ManageUsers')
ManageUsers = Permissions.manage_users
security.declarePublic('UndoChanges')
UndoChanges = Permissions.undo_changes
security.declarePublic('View')
View = Permissions.view
security.declarePublic('ViewManagementScreens')
ViewManagementScreens = Permissions.view_management_screens
security.declarePrivate('setDefaultRoles')
def setDefaultRoles(permission, roles):
'''
Sets the defaults roles for a permission.
'''
# XXX This ought to be in AccessControl.SecurityInfo.
registered = _registeredPermissions
if not registered.has_key(permission):
registered[permission] = 1
Products.__ac_permissions__=(
Products.__ac_permissions__+((permission,(),roles),))
mangled = pname(permission)
setattr(ApplicationDefaultPermissions, mangled, roles)
# Note that we can only use the default Zope roles in calls to
# setDefaultRoles(). The default Zope roles are:
from AccessControl import ModuleSecurityInfo
from types import StringType
from types import UnicodeType
import logging
import os.path
STRING_TYPES = (UnicodeType, StringType)
# directory where template for the ZMI are located
_www = os.path.join(os.path.dirname(__file__), 'www')
security = ModuleSecurityInfo()
security.declarePrivate('logging')
security.declarePrivate('os')
security.declarePrivate('time')
logger = logging.getLogger('MimetypesRegistry')
def log(msg, severity=logging.INFO, id='MimetypesRegistry'):
logger.log(severity, msg)
class MimeTypeException(Exception):
pass
