[Checkins] SVN: z3ext.preferences/trunk/ raise Unauthorized exception if unauthenticated user access preferences panel
Nikolay Kim
fafhrd at datacom.kz
Thu Oct 30 06:40:48 EDT 2008
Log message for revision 92691:
raise Unauthorized exception if unauthenticated user access preferences panel
Changed:
U z3ext.preferences/trunk/CHANGES.txt
U z3ext.preferences/trunk/src/z3ext/preferences/browser/preferences.py
-=-
Modified: z3ext.preferences/trunk/CHANGES.txt
===================================================================
--- z3ext.preferences/trunk/CHANGES.txt 2008-10-30 10:39:26 UTC (rev 92690)
+++ z3ext.preferences/trunk/CHANGES.txt 2008-10-30 10:40:47 UTC (rev 92691)
@@ -2,6 +2,12 @@
CHANGES
=======
+1.4.3 (2008-??-??)
+------------------
+
+- raise Unauthorized exception if unauthenticated user access preferences panel
+
+
1.4.2 (2008-10-27)
------------------
Modified: z3ext.preferences/trunk/src/z3ext/preferences/browser/preferences.py
===================================================================
--- z3ext.preferences/trunk/src/z3ext/preferences/browser/preferences.py 2008-10-30 10:39:26 UTC (rev 92690)
+++ z3ext.preferences/trunk/src/z3ext/preferences/browser/preferences.py 2008-10-30 10:40:47 UTC (rev 92691)
@@ -18,6 +18,9 @@
from zope import interface, component
from zope.component import getUtility
from zope.app.component.interfaces import ISite
+from zope.security.interfaces import Unauthorized
+from zope.app.security.interfaces import IUnauthenticatedPrincipal
+
from z3ext.preferences.interfaces import IPreferenceGroup
@@ -25,6 +28,10 @@
def getPreferences(site, request):
rootGroup = getUtility(IPreferenceGroup)
rootGroup = rootGroup.__bind__()
+
+ if IUnauthenticatedPrincipal.providedBy(rootGroup.__principal__):
+ raise Unauthorized('preferences')
+
if rootGroup.isAvailable():
return rootGroup
else:
More information about the Checkins
mailing list