[Checkins] SVN: Products.CMFCore/trunk/Products/CMFCore/MemberDataTool.py - refactored setProperties (no need to wrap the authenticated user again - 'self' should be the right member)

Yvo Schubbe y.2011 at wcm-solutions.de
Tue Feb 22 11:11:47 EST 2011 

Log message for revision 120514:
  - refactored setProperties (no need to wrap the authenticated user again - 'self' should be the right member)

Changed:
  U   Products.CMFCore/trunk/Products/CMFCore/MemberDataTool.py

-=-
Modified: Products.CMFCore/trunk/Products/CMFCore/MemberDataTool.py
===================================================================
--- Products.CMFCore/trunk/Products/CMFCore/MemberDataTool.py	2011-02-22 12:44:59 UTC (rev 120513)
+++ Products.CMFCore/trunk/Products/CMFCore/MemberDataTool.py	2011-02-22 16:11:47 UTC (rev 120514)
@@ -15,6 +15,7 @@
 
 from AccessControl.interfaces import IUser
 from AccessControl.SecurityInfo import ClassSecurityInfo
+from AccessControl.SecurityManagement import getSecurityManager
 from Acquisition import aq_base
 from Acquisition import aq_inner
 from Acquisition import aq_parent
@@ -273,19 +274,16 @@
         '''
         # XXX: this method violates the rules for tools/utilities:
         # it depends on a non-utility tool
+        if self._user.getId() != getSecurityManager().getUser().getId():
+            raise BadRequest(u'Only own properties can be set.')
         if properties is None:
             properties = kw
-        membership = getToolByName(self._tool, 'portal_membership')
-        registration = getToolByName(self._tool, 'portal_registration', None)
-        if not membership.isAnonymousUser():
-            member = membership.getAuthenticatedMember()
-            if registration:
-                failMessage = registration.testPropertiesValidity(properties, member)
-                if failMessage is not None:
-                    raise BadRequest(failMessage)
-            member.setMemberProperties(properties)
-        else:
-            raise BadRequest('Not logged in.')
+        rtool = getToolByName(self._tool, 'portal_registration', None)
+        if rtool is not None:
+            failMessage = rtool.testPropertiesValidity(properties, self)
+            if failMessage is not None:
+                raise BadRequest(failMessage)
+        self.setMemberProperties(properties)
 
     security.declarePrivate('setMemberProperties')
     def setMemberProperties(self, mapping):

More information about the checkins mailing list