[gen] Get rid of some Zope-specific security aspects. This is a preparatory work to extend the Appy authentication system to perform ldap authentication as well.

fields/__init__.py

@@ -246,14 +246,14 @@ class Field:
         elif rp and isinstance(rp, basestring):
             self.readPermission = rp
         else:
-            self.readPermission = 'View'
+            self.readPermission = 'read'
         wp = self.specificWritePermission
         if wp and not isinstance(wp, basestring):
             self.writePermission = '%s: Write %s %s' % (appName, prefix, name)
         elif wp and isinstance(wp, basestring):
             self.writePermission = wp
         else:
-            self.writePermission = 'Modify portal content'
+            self.writePermission = 'write'
         if (self.type == 'Ref') and not self.isBack:
             # We must initialise the corresponding back reference
             self.back.klass = klass

fields/ref.py

@@ -140,7 +140,7 @@ class Ref(Field):
                folder=zobj.getCreateFolder();
                tiedClassName=ztool.getPortalType(field.klass);
                canWrite=not field.isBack and zobj.allows(field.writePermission);
-               showPlusIcon=zobj.mayAddReference(field.name);
+               showPlusIcon=field.mayAdd(zobj);
                atMostOneRef=(field.multiplicity[1] == 1) and \
                             (len(zobjects)<=1);
                addConfirmMsg=field.addConfirm and \
@@ -592,12 +592,8 @@ class Ref(Field):
         # May the user edit this Ref field?
         if not obj.allows(self.writePermission):
             return gutils.No('no_write_perm')
-        # Have the user the correct add permission?
-        tool = obj.getTool()
-        addPermission = '%s: Add %s' % (tool.getAppName(),
-                                        tool.getPortalType(self.klass))
-        folder = obj.getCreateFolder()
-        if not tool.getUser().has_permission(addPermission, folder):
+        # May the user create instances of the referred class?
+        if not obj.getTool().userMayCreate(self.klass):
             return gutils.No('no_add_perm')
         return True
 

fields/search.py

@@ -147,7 +147,7 @@ class UiSearch:
     pxView = Px('''
      <div class="portletSearch">
       <a href=":'%s?className=%s&amp;search=%s' % \
-                 (queryUrl, rootClass, search.name)"
+                 (queryUrl, className, search.name)"
          class=":search.name == currentSearch and 'portletCurrent' or ''"
          title=":search.translatedDescr">:search.translated</a>
      </div>''')