summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRadoslaw Stachowiak <radek@gentoo.org>2006-04-17 13:17:37 +0000
committerRadoslaw Stachowiak <radek@gentoo.org>2006-04-17 13:17:37 +0000
commitd8dd321f203dc7b099e12f6c3a66685e5184f286 (patch)
treecff87bab6117cf97788ae359b83871b81b4bb652 /net-zope/plone
parentMoved games_pkg_setup to beginning of pkg_setup. (diff)
downloadgentoo-2-d8dd321f203dc7b099e12f6c3a66685e5184f286.tar.gz
gentoo-2-d8dd321f203dc7b099e12f6c3a66685e5184f286.tar.bz2
gentoo-2-d8dd321f203dc7b099e12f6c3a66685e5184f286.zip
Corrected plone-2.0.5-r2 patch
(Portage version: 2.1_pre7-r5)
Diffstat (limited to 'net-zope/plone')
-rw-r--r--net-zope/plone/ChangeLog6
-rw-r--r--net-zope/plone/files/plone-2.0.5-portrait_security.patch230
2 files changed, 132 insertions, 104 deletions
diff --git a/net-zope/plone/ChangeLog b/net-zope/plone/ChangeLog
index 46ca4134aa9d..55195173d136 100644
--- a/net-zope/plone/ChangeLog
+++ b/net-zope/plone/ChangeLog
@@ -1,6 +1,10 @@
# ChangeLog for net-zope/plone
# Copyright 2003-2006 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-zope/plone/ChangeLog,v 1.28 2006/04/16 11:31:08 radek Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-zope/plone/ChangeLog,v 1.29 2006/04/17 13:17:33 radek Exp $
+
+ 17 Apr 2006; Radoslaw Stachowiak <radek@gentoo.org>
+ files/plone-2.0.5-portrait_security.patch:
+ Corrected plone-2.0.5-r2 patch
*plone-2.0.5-r2 (16 Apr 2006)
diff --git a/net-zope/plone/files/plone-2.0.5-portrait_security.patch b/net-zope/plone/files/plone-2.0.5-portrait_security.patch
index e3e0d62614b5..83efe6cb6c68 100644
--- a/net-zope/plone/files/plone-2.0.5-portrait_security.patch
+++ b/net-zope/plone/files/plone-2.0.5-portrait_security.patch
@@ -1,103 +1,127 @@
---- CMFPlone/MembershipTool.py (revision 5844)
-+++ CMFPlone/MembershipTool.py (revision 9512)
-@@ -1,4 +1,4 @@
--from Products.CMFCore.CMFCorePermissions import SetOwnPassword
- from Products.CMFCore.utils import getToolByName
-+from Products.CMFCore.utils import _checkPermission
- from Products.CMFDefault.MembershipTool import MembershipTool as BaseTool
- from Products.CMFPlone import ToolNames
-@@ -9,4 +9,7 @@
- from Globals import InitializeClass
- from Acquisition import aq_base, aq_parent, aq_inner
-+from Products.CMFCore.CMFCorePermissions import ManagePortal
-+from Products.CMFCore.CMFCorePermissions import SetOwnProperties
-+from Products.CMFCore.CMFCorePermissions import SetOwnPassword
- from Products.CMFCore.CMFCorePermissions import View
- from Products.CMFPlone.PloneBaseTool import PloneBaseTool
-@@ -40,4 +43,5 @@
- security.declareProtected(View, 'getPortalRoles')
-
-+ security.declarePublic('getAuthenticatedMember')
- def getAuthenticatedMember(self):
- """ """
-@@ -52,4 +56,5 @@
- return _user
-
-+ security.declarePublic('getPersonalPortrait')
- def getPersonalPortrait(self, member_id = None, verifyPermission=0):
- """
-@@ -58,7 +63,4 @@
- membertool = getToolByName(self, 'portal_memberdata')
-
-- # what are we doing with that
-- #if verifyPermission and not _checkPermission('View', portrait):
-- # return None
- if not member_id:
- member_id = self.getAuthenticatedMember().getUserName()
-@@ -67,5 +69,8 @@
- if type(portrait) == type(''):
- portrait = None
-- #portrait = None
-+ if portrait is not None:
-+ if verifyPermission and not _checkPermission(View, portrait):
-+ # Don't return the portrait if the user can't get to it
-+ portrait = None
- if portrait is None:
- portal = getToolByName(self, 'portal_url').getPortalObject()
-@@ -74,4 +79,5 @@
- return portrait
-
-+ security.declareProtected(SetOwnProperties, 'deletePersonalPortrait')
- def deletePersonalPortrait(self, member_id = None):
- """
-@@ -85,4 +91,5 @@
- membertool._deletePortrait(member_id)
-
-+ security.declarePublic('getPersonalFolder')
- def getPersonalFolder(self, member_id=None):
- """
-@@ -98,4 +105,5 @@
- return personal
-
-+ security.declareProtected(SetOwnProperties, 'changeMemberPortrait')
- def changeMemberPortrait(self, portrait, member_id=None):
- """
-@@ -112,4 +120,5 @@
- membertool._setPortrait(portrait, member_id)
-
-+ security.declarePublic('createMemberarea')
- def createMemberarea(self, member_id=None, minimal=0):
- """
-@@ -242,4 +251,5 @@
- createMemberArea = createMemberarea
-
-+ security.declareProtected(ManagePortal, 'listMembers')
- def listMembers(self):
- '''Gets the list of all members.
-@@ -251,4 +261,5 @@
- return BaseTool.listMembers(self)
-
-+ security.declareProtected(ManagePortal, 'listMemberIds')
- def listMemberIds(self):
- '''Lists the ids of all members. This may eventually be
-@@ -263,5 +274,5 @@
-
- # this should probably be in MemberDataTool.py
-- #security.declarePublic( 'searchForMembers' )
-+ security.declarePublic('searchForMembers')
- def searchForMembers( self, REQUEST=None, **kw ):
- """ """
-@@ -319,10 +330,10 @@
- return res
-
-- def testCurrentPassword(self, password, username=None):
-+ security.declareProtected(SetOwnPassword, 'testCurrentPassword')
-+ def testCurrentPassword(self, password):
- """ test to see if password is current """
- portal=getToolByName(self, 'portal_url').getPortalObject()
- REQUEST=getattr(self, 'REQUEST', {})
-- if username is None:
-- username=self.getAuthenticatedMember().getUserName()
-+ username=self.getAuthenticatedMember().getUserName()
- acl_users = self._findUsersAclHome(username)
- if not acl_users:
+--- CMFPlone/MembershipTool.py 2004-12-01 15:54:09.000000000 +0100
++++ CMFPlone/MembershipTool.py 2006-04-17 15:11:56.000000000 +0200
+@@ -1,5 +1,5 @@
+-from Products.CMFCore.CMFCorePermissions import SetOwnPassword
+ from Products.CMFCore.utils import getToolByName
++from Products.CMFCore.utils import _checkPermission
+ from Products.CMFDefault.MembershipTool import MembershipTool as BaseTool
+ from Products.CMFPlone import ToolNames
+ from Products.CMFPlone.PloneUtilities import translate
+@@ -8,6 +8,9 @@
+ from AccessControl import ClassSecurityInfo, getSecurityManager
+ from Globals import InitializeClass
+ from Acquisition import aq_base, aq_parent, aq_inner
++from Products.CMFCore.CMFCorePermissions import ManagePortal
++from Products.CMFCore.CMFCorePermissions import SetOwnProperties
++from Products.CMFCore.CMFCorePermissions import SetOwnPassword
+ from Products.CMFCore.CMFCorePermissions import View
+ from Products.CMFPlone.PloneBaseTool import PloneBaseTool
+
+@@ -39,6 +42,7 @@
+ # in CMFCore.MembershipTool - but in Plone we are not so anal ;-)
+ security.declareProtected(View, 'getPortalRoles')
+
++ security.declarePublic('getAuthenticatedMember')
+ def getAuthenticatedMember(self):
+ """ """
+ _user=self.REQUEST.get('_portaluser', None)
+@@ -51,28 +55,30 @@
+ self.REQUEST.set('_portaluser', _user)
+ return _user
+
++ security.declarePublic('getPersonalPortrait')
+ def getPersonalPortrait(self, member_id = None, verifyPermission=0):
+ """
+ returns the Portait for a member_id
+ """
+ membertool = getToolByName(self, 'portal_memberdata')
+
+- # what are we doing with that
+- #if verifyPermission and not _checkPermission('View', portrait):
+- # return None
+ if not member_id:
+ member_id = self.getAuthenticatedMember().getUserName()
+
+ portrait = membertool._getPortrait(member_id)
+ if type(portrait) == type(''):
+ portrait = None
+- #portrait = None
++ if portrait is not None:
++ if verifyPermission and not _checkPermission(View, portrait):
++ # Don't return the portrait if the user can't get to it
++ portrait = None
+ if portrait is None:
+ portal = getToolByName(self, 'portal_url').getPortalObject()
+ portrait = getattr(portal, default_portrait)
+
+ return portrait
+
++ security.declareProtected(SetOwnProperties, 'deletePersonalPortrait')
+ def deletePersonalPortrait(self, member_id = None):
+ """
+ deletes the Portait of member_id
+@@ -84,6 +90,7 @@
+
+ membertool._deletePortrait(member_id)
+
++ security.declarePublic('getPersonalFolder')
+ def getPersonalFolder(self, member_id=None):
+ """
+ returns the Personal Item folder for a member
+@@ -97,6 +104,7 @@
+ , None )
+ return personal
+
++ security.declareProtected(SetOwnProperties, 'changeMemberPortrait')
+ def changeMemberPortrait(self, portrait, member_id=None):
+ """
+ given a portrait we will modify the users portrait
+@@ -111,6 +119,7 @@
+ membertool = getToolByName(self, 'portal_memberdata')
+ membertool._setPortrait(portrait, member_id)
+
++ security.declarePublic('createMemberarea')
+ def createMemberarea(self, member_id=None, minimal=0):
+ """
+ Create a member area for 'member_id' or the authenticated user.
+@@ -241,6 +250,7 @@
+ security.declarePublic('createMemberArea')
+ createMemberArea = createMemberarea
+
++ security.declareProtected(ManagePortal, 'listMembers')
+ def listMembers(self):
+ '''Gets the list of all members.
+ '''
+@@ -250,6 +260,7 @@
+ else:
+ return BaseTool.listMembers(self)
+
++ security.declareProtected(ManagePortal, 'listMemberIds')
+ def listMemberIds(self):
+ '''Lists the ids of all members. This may eventually be
+ replaced with a set of methods for querying pieces of the
+@@ -262,7 +273,7 @@
+ return self.__getPUS().getUserNames()
+
+ # this should probably be in MemberDataTool.py
+- #security.declarePublic( 'searchForMembers' )
++ security.declarePublic('searchForMembers')
+ def searchForMembers( self, REQUEST=None, **kw ):
+ """ """
+ if REQUEST:
+@@ -318,12 +329,12 @@
+ res.append(member)
+ return res
+
+- def testCurrentPassword(self, password, username=None):
++ security.declareProtected(SetOwnPassword, 'testCurrentPassword')
++ def testCurrentPassword(self, password):
+ """ test to see if password is current """
+ portal=getToolByName(self, 'portal_url').getPortalObject()
+ REQUEST=getattr(self, 'REQUEST', {})
+- if username is None:
+- username=self.getAuthenticatedMember().getUserName()
++ username=self.getAuthenticatedMember().getUserName()
+ acl_users = self._findUsersAclHome(username)
+ if not acl_users:
+ return 0