[Zope-Checkins] CVS: Packages/AccessControl - ImplPython.py:1.1.2.5 cAccessControl.c:1.20.2.21

Tres Seaver tseaver at zope.com
Tue Feb 15 15:59:55 EST 2005


Update of /cvs-repository/Packages/AccessControl
In directory cvs.zope.org:/tmp/cvs-serv10996/lib/python/AccessControl

Modified Files:
      Tag: Zope-2_7-branch
	ImplPython.py cAccessControl.c 
Log Message:
  - AccessControl.ZopeGuards.guarded_getattr:  Restored ability to aquire
    "through" unprotected contexts, broken through overzealous cleanup in
    Zope 2.7.3.


=== Packages/AccessControl/ImplPython.py 1.1.2.4 => 1.1.2.5 ===
--- Packages/AccessControl/ImplPython.py:1.1.2.4	Sat Aug  7 13:15:48 2004
+++ Packages/AccessControl/ImplPython.py	Tue Feb 15 15:59:25 2005
@@ -17,6 +17,9 @@
 import string
 
 from Acquisition import aq_base
+from Acquisition import aq_parent
+from Acquisition import aq_inner
+from Acquisition import aq_acquire
 from ExtensionClass import Base
 from zLOG import LOG, PROBLEM
 
@@ -550,7 +553,13 @@
                 assert assertion == 1
             return v
 
+
+        # See if we can get the value doing a filtered acquire.
+        # aq_acquire will either return the same value as held by
+        # v or it will return an Unauthorized raised by validate.
         validate = SecurityManagement.getSecurityManager().validate
-        if validate(inst, inst, name, v):
-            return v
+        aq_acquire(inst, name, aq_validate, validate)
+        
+        return v
+        
     raise Unauthorized, name


=== Packages/AccessControl/cAccessControl.c 1.20.2.20 => 1.20.2.21 ===
--- Packages/AccessControl/cAccessControl.c:1.20.2.20	Tue Dec 14 14:34:45 2004
+++ Packages/AccessControl/cAccessControl.c	Tue Feb 15 15:59:25 2005
@@ -2065,7 +2065,6 @@
                 PyObject *validate)
 {
   PyObject *v=0, *t=0;
-  int i;
 
   /* if name[:1] != '_': */
   if (PyString_Check(name) || PyUnicode_Check(name)) {
@@ -2133,17 +2132,23 @@
           return v;
         }
 
-      /*
-        if validate(inst, inst, name, v):
-            return v
-       */
-      validate=callfunction4(validate, inst, inst, name, v);
-      if (validate==NULL) goto err;
-      i=PyObject_IsTrue(validate);
-      Py_DECREF(validate);
-      if (i < 0) goto err;
-      if (i > 0) return v;
-      
+      /* 
+        # See if we can get the value doing a filtered acquire.
+        # aq_acquire will either return the same value as held by
+        # v or it will return an Unauthorized raised by validate.
+        validate = SecurityManagement.getSecurityManager().validate
+        aq_acquire(inst, name, aq_validate, validate)
+        
+        return v
+      */
+
+      t = aq_Acquire(inst, name, aq_validate, validate, 1, NULL, 0);
+      if (t == NULL)
+        return NULL;
+      Py_DECREF(t);
+
+      return v;
+            
       unauthErr(name, v);
     err:
       Py_DECREF(v);
@@ -2331,4 +2336,3 @@
 	Py_DECREF(module);
 	module = NULL;
 }
-



More information about the Zope-Checkins mailing list