[gen] Added appy.gen.Pod.rLayouts, a default layout for rendering POD templates on query result pages; various security and bugfixes.

2012-11-26 13:58:27 +01:00 · 2012-11-26 13:58:27 +01:00 · 3ec1270fc2
parent c3aa01a554
commit 3ec1270fc2
5 changed files with 12 additions and 7 deletions
--- a/gen/init.py
+++ b/gen/init.py
@ -2222,6 +2222,8 @@ class Pod(Type):
    '''A pod is a field allowing to produce a (PDF, ODT, Word, RTF...) document
       from data contained in Appy class and linked objects or anything you
       want to put in it. It uses appy.pod.'''
    # Layout for rendering a POD field for exporting query results.
    rLayouts = {'view': Table('fl', width=None)}
    POD_ERROR = 'An error occurred while generating the document. Please ' \
                'contact the system administrator.'
    DELETE_TEMP_DOC_ERROR = 'A temporary document could not be removed. %s.'
--- a/gen/installer.py
+++ b/gen/installer.py
@ -316,7 +316,7 @@ class ZopeInstaller:
    def configureSessions(self):
        '''Configure the session machinery.'''
        # Register a function warning us when a session object is deleted. When
-        # launching Zope, the temp folder does not exist.
+        # launching Zope in test mode, the temp folder does not exist.
        if not hasattr(self.app, 'temp_folder'): return
        self.app.temp_folder.session_data.setDelNotificationTarget(onDelSession)
--- a/gen/mixins/init.py
+++ b/gen/mixins/init.py
@ -361,9 +361,10 @@ class BaseMixin:
            appyObj = self.appy()
            try:
                methodRes = getattr(appyObj, action)()
-                res = XmlMarshaller().marshall(methodRes)
+                res = XmlMarshaller().marshall(methodRes, objectType='appy')
            except Exception, e:
-                res = XmlMarshaller().marshall(Traceback.get())
+                tb = Traceback.get()
                res = XmlMarshaller().marshall(tb, objectType='appy')
        return res
    def say(self, msg, type='info'):
--- a/gen/model.py
+++ b/gen/model.py
@ -239,13 +239,14 @@ class Tool(ModelClass):
    users = gen.Ref(User, multiplicity=(0,None), add=True, link=False,
                    back=gen.Ref(attribute='toTool', show=False), page=userPage,
                    queryable=True, queryFields=('title', 'login'),
                    show=isManager,
                    showHeaders=True, shownInfo=('title', 'login', 'roles'))
    def computeConnectedUsers(self): pass
    connectedUsers = gen.Computed(method=computeConnectedUsers, page=userPage,
-                                  plainText=False)
+                                  plainText=False, show=isManager)
    groups = gen.Ref(Group, multiplicity=(0,None), add=True, link=False,
                     back=gen.Ref(attribute='toTool2', show=False),
-                     page=gen.Page('groups', show=isManager),
+                     page=gen.Page('groups', show=isManager), show=isManager,
                     queryable=True, queryFields=('title', 'login'),
                     showHeaders=True, shownInfo=('title', 'login', 'roles'))
    pt = gen.Page('translations', show=isManager)
--- a/gen/wrappers/ToolWrapper.py
+++ b/gen/wrappers/ToolWrapper.py
@ -32,11 +32,12 @@ class ToolWrapper(AbstractWrapper):
        return True
    def isManager(self):
-        '''Some pages on the tool can only be accessed by God.'''
+        '''Some pages on the tool can only be accessed by managers.'''
        if self.user.has_role('Manager'): return 'view'
    def isManagerEdit(self):
-        '''Some pages on the tool can only be accessed by God, also in edit.'''
+        '''Some pages on the tool can only be accessed by managers, also in
           edit mode.'''
        if self.user.has_role('Manager'): return True
    def computeConnectedUsers(self):