Skip to content

Commit

Permalink
[fc] Repository: plone.restapi
Browse files Browse the repository at this point in the history 
Branch: refs/heads/main
Date: 2024-10-16T08:32:56-07:00
Author: jackahl (jackahl) <[email protected]>
Commit: plone/plone.restapi@b9a56e1

Use existing aliases controlpanel permissions for aliases endpoint (#1825)

* Use exisitng aliases controlpanel permissions for aliases endpoint

* Use ManagePortalAliases for alias delete endpoint on siteroot

Co-authored-by: David Glick &lt;[email protected]&gt;

* Update news/1820.bugfix

---------

Co-authored-by: David Glick &lt;[email protected]&gt;

Files changed:
A news/1820.bugfix
M src/plone/restapi/services/aliases/configure.zcml
  • Loading branch information
@davisagli
davisagli committed Oct 16, 2024
1 parent bb9049b commit f3dcff0
Showing 1 changed file with 20 additions and 93 deletions.
113 changes: 20 additions & 93 deletions last_commit.txt
View file
Original file line number Diff line number Diff line change
@@ -1,101 +1,28 @@
Repository: Products.CMFPlone
Repository: plone.restapi


Branch: refs/heads/master
Date: 2024-10-09T09:14:34+02:00
Author: Peter Mathis (petschki) <[email protected]>
Commit: https://github.com/plone/Products.CMFPlone/commit/8a83d04f3c486844251887027b5d8c291e3d76db
Branch: refs/heads/main
Date: 2024-10-16T08:32:56-07:00
Author: jackahl (jackahl) <[email protected]>
Commit: https://github.com/plone/plone.restapi/commit/b9a56e1930748da15351b90d502304ca17a0ac5e

Respect new strict parsing of `email.utils.getaddresses`
Use existing aliases controlpanel permissions for aliases endpoint (#1825)

Files changed:
M Products/CMFPlone/PloneTool.py
M Products/CMFPlone/tests/testPloneTool.py

b'diff --git a/Products/CMFPlone/PloneTool.py b/Products/CMFPlone/PloneTool.py\nindex 0c549327a2..3f4e12da1c 100644\n--- a/Products/CMFPlone/PloneTool.py\n+++ b/Products/CMFPlone/PloneTool.py\n@@ -142,6 +142,10 @@ def validateSingleNormalizedEmailAddress(self, address):\n # Address contains two newlines (possible spammer relay attack)\n return False\n \n+ # address can be empty if getaddresses has parsing errors (returns [("", "")])\n+ if address == "":\n+ return False\n+\n # sub is an empty string if the address is valid\n sub = EMAIL_RE.sub("", address)\n if sub == "":\ndiff --git a/Products/CMFPlone/tests/testPloneTool.py b/Products/CMFPlone/tests/testPloneTool.py\nindex 3e3be2c3ea..23a9120794 100644\n--- a/Products/CMFPlone/tests/testPloneTool.py\n+++ b/Products/CMFPlone/tests/testPloneTool.py\n@@ -74,7 +74,6 @@ def testvalidateEmailAddresses(self):\n validInputs = (\n "[email protected]",\n "[email protected],\\n [email protected]",\n- "[email protected]\\n [email protected]", # omitting comma is ok\n "[email protected],\\n [email protected]",\n )\n invalidInputs = (\n'

Repository: Products.CMFPlone


Branch: refs/heads/master
Date: 2024-10-09T09:14:34+02:00
Author: Peter Mathis (petschki) <[email protected]>
Commit: https://github.com/plone/Products.CMFPlone/commit/ad9586997d91e06e7be57b300bbe46950f0b7365

changenote

Files changed:
A news/4020.bugfix

b'diff --git a/news/4020.bugfix b/news/4020.bugfix\nnew file mode 100644\nindex 0000000000..e9cc73c207\n--- /dev/null\n+++ b/news/4020.bugfix\n@@ -0,0 +1,2 @@\n+Update for strict parsing in `email.utils.getaddresses` newest versions.\n+[petschki]\n'

Repository: Products.CMFPlone


Branch: refs/heads/master
Date: 2024-10-09T10:35:35+02:00
Author: Peter Mathis (petschki) <[email protected]>
Commit: https://github.com/plone/Products.CMFPlone/commit/7de69a11006053849916f290c26e0db0cd1d28b9

cleanup address and check early for empty value

Files changed:
M Products/CMFPlone/PloneTool.py

b'diff --git a/Products/CMFPlone/PloneTool.py b/Products/CMFPlone/PloneTool.py\nindex 3f4e12da1c..85f28e820e 100644\n--- a/Products/CMFPlone/PloneTool.py\n+++ b/Products/CMFPlone/PloneTool.py\n@@ -137,15 +137,17 @@ def validateSingleNormalizedEmailAddress(self, address):\n if not isinstance(address, str):\n return False\n \n- sub = EMAIL_CUTOFF_RE.match(address)\n- if sub is not None:\n- # Address contains two newlines (possible spammer relay attack)\n- return False\n+ address = address.strip()\n \n # address can be empty if getaddresses has parsing errors (returns [("", "")])\n if address == "":\n return False\n \n+ sub = EMAIL_CUTOFF_RE.match(address)\n+ if sub is not None:\n+ # Address contains two newlines (possible spammer relay attack)\n+ return False\n+\n # sub is an empty string if the address is valid\n sub = EMAIL_RE.sub("", address)\n if sub == "":\n'

Repository: Products.CMFPlone


Branch: refs/heads/master
Date: 2024-10-14T14:25:26+02:00
Author: Peter Mathis (petschki) <[email protected]>
Commit: https://github.com/plone/Products.CMFPlone/commit/1d45a8de120c713e8793fb5f66ac59adb9e2e0ff

Merge branch 'master' into getaddresses_strict_parsing_fix

Files changed:
A news/4022.bugfix
A news/4028.bugfix
M Products/CMFPlone/controlpanel/browser/configure.zcml
M Products/CMFPlone/controlpanel/permissions.zcml
M Products/CMFPlone/resources/utils.py
M Products/CMFPlone/tests/testResourceRegistries.py

b'diff --git a/Products/CMFPlone/controlpanel/browser/configure.zcml b/Products/CMFPlone/controlpanel/browser/configure.zcml\nindex 1a8231c590..7cca9f0b3a 100644\n--- a/Products/CMFPlone/controlpanel/browser/configure.zcml\n+++ b/Products/CMFPlone/controlpanel/browser/configure.zcml\n@@ -4,18 +4,6 @@\n xmlns:zcml="http://namespaces.zope.org/zcml"\n >\n \n- <permission\n- id="plone.app.controlpanel.Imaging"\n- title="Plone Site Setup: Imaging"\n- />\n-\n- <permission\n- id="plone.app.controlpanel.TinyMCE"\n- title="Plone Site Setup: TinyMCE"\n- >\n- <role name="Manager" />\n- </permission>\n-\n <!-- Control Panel Main Template -->\n <browser:page\n name="prefs_main_template"\n@@ -325,16 +313,6 @@\n permission="cmf.ManagePortal"\n />\n \n- <permission\n- id="Products.CMFPlone.ManagePortalAliases"\n- title="Manage Portal Aliases"\n- />\n-\n- <permission\n- id="Products.CMFPlone.ManageContextAliases"\n- title="Manage Context Aliases"\n- />\n-\n <browser:page\n name="redirection-controlpanel"\n for="plone.base.interfaces.IPloneSiteRoot"\ndiff --git a/Products/CMFPlone/controlpanel/permissions.zcml b/Products/CMFPlone/controlpanel/permissions.zcml\nindex be7eda7479..a701cf634b 100644\n--- a/Products/CMFPlone/controlpanel/permissions.zcml\n+++ b/Products/CMFPlone/controlpanel/permissions.zcml\n@@ -67,4 +67,26 @@\n <role name="Manager" />\n </permission>\n \n+ <permission\n+ id="plone.app.controlpanel.Imaging"\n+ title="Plone Site Setup: Imaging"\n+ />\n+\n+ <permission\n+ id="plone.app.controlpanel.TinyMCE"\n+ title="Plone Site Setup: TinyMCE"\n+ >\n+ <role name="Manager" />\n+ </permission>\n+\n+ <permission\n+ id="Products.CMFPlone.ManagePortalAliases"\n+ title="Manage Portal Aliases"\n+ />\n+\n+ <permission\n+ id="Products.CMFPlone.ManageContextAliases"\n+ title="Manage Context Aliases"\n+ />\n+\n </configure>\ndiff --git a/Products/CMFPlone/resources/utils.py b/Products/CMFPlone/resources/utils.py\nindex a0632ec8dc..4cbb8bbf67 100644\n--- a/Products/CMFPlone/resources/utils.py\n+++ b/Products/CMFPlone/resources/utils.py\n@@ -1,6 +1,7 @@\n from Acquisition import aq_base\n from Acquisition import aq_inner\n from Acquisition import aq_parent\n+from OFS.Image import File\n from plone.base.interfaces.resources import OVERRIDE_RESOURCE_DIRECTORY_NAME\n from plone.resource.file import FilesystemFile\n from plone.resource.interfaces import IResourceDirectory\n@@ -75,9 +76,15 @@ def get_resource(context, path):\n if hasattr(aq_base(resource), "GET"):\n # for FileResource\n result = resource.GET()\n- else:\n+ elif isinstance(resource, File):\n+ # An OFS.Image.File object\n+ result = resource.data\n+ elif callable(resource):\n # any BrowserView\n result = resource()\n+ else:\n+ logger.info("Cannot get data from resource %r", resource)\n+ result = b""\n context.REQUEST.response = response_before\n return result\n \ndiff --git a/Products/CMFPlone/tests/testResourceRegistries.py b/Products/CMFPlone/tests/testResourceRegistries.py\nindex 12021ceb0a..235ba8cf87 100644\n--- a/Products/CMFPlone/tests/testResourceRegistries.py\n+++ b/Products/CMFPlone/tests/testResourceRegistries.py\n@@ -1,3 +1,4 @@\n+from OFS.Image import File\n from plone.app.testing import logout\n from plone.app.testing import setRoles\n from plone.app.testing import SITE_OWNER_NAME\n@@ -13,6 +14,7 @@\n from Products.CMFPlone.resources.browser.resource import REQUEST_CACHE_KEY\n from Products.CMFPlone.resources.browser.resource import ScriptsView\n from Products.CMFPlone.resources.browser.resource import StylesView\n+from Products.CMFPlone.resources.webresource import PloneScriptResource\n from Products.CMFPlone.tests import PloneTestCase\n from zope.component import getUtility\n \n@@ -180,6 +182,30 @@ def test_bundle_depends_on_missing(self):\n # bundle should be skipped when rendering\n self.assertNotIn("http://foo.bar/foobar.js", results)\n \n+ def test_resource_browser_static_resource(self):\n+ resource = PloneScriptResource(self.portal, resource="++resource++plone-admin-ui.js")\n+ self.assertIn(\n+ b"window.onload", resource.file_data,\n+ )\n+\n+ def test_resource_ofs_file(self):\n+ self.portal["foo.js"] = File("foo.js", "Title", b\'console.log()\')\n+ resource = PloneScriptResource(self.portal, resource="foo.js")\n+ self.assertEqual(\n+ resource.file_data, b\'console.log()\',\n+ )\n+\n+ def test_resource_view(self):\n+ resource = PloneScriptResource(self.portal, resource="@@ok")\n+ self.assertEqual(\n+ resource.file_data, b\'OK\',\n+ )\n+\n+ def test_resource_bogus(self):\n+ resource = PloneScriptResource(self.portal, resource="I_do_not_exist")\n+ self.assertEqual(\n+ resource.file_data, b\'I_do_not_exist\',\n+ )\n \n class TestStylesViewlet(PloneTestCase.PloneTestCase):\n def test_styles_viewlet(self):\ndiff --git a/news/4022.bugfix b/news/4022.bugfix\nnew file mode 100644\nindex 0000000000..292aac9553\n--- /dev/null\n+++ b/news/4022.bugfix\n@@ -0,0 +1,2 @@\n+Resource registry: Support OFS.Image.File objects.\n+[ale-rt, thet]\ndiff --git a/news/4028.bugfix b/news/4028.bugfix\nnew file mode 100644\nindex 0000000000..d0916ccdf0\n--- /dev/null\n+++ b/news/4028.bugfix\n@@ -0,0 +1,2 @@\n+move all permission definitions for controlpanels to unifed file from controlpanel directory\n+[jackahl]\n'

Repository: Products.CMFPlone


Branch: refs/heads/master
Date: 2024-10-16T08:29:26+02:00
Author: Peter Mathis (petschki) <[email protected]>
Commit: https://github.com/plone/Products.CMFPlone/commit/53a22d299a41f44fe6546098e670c7cfe84b3be4

Merge branch 'master' into getaddresses_strict_parsing_fix

Files changed:
A news/4026.bugfix
M Products/CMFPlone/Portal.py

b'diff --git a/Products/CMFPlone/Portal.py b/Products/CMFPlone/Portal.py\nindex cbf4c91149..878872e666 100644\n--- a/Products/CMFPlone/Portal.py\n+++ b/Products/CMFPlone/Portal.py\n@@ -61,7 +61,7 @@ def __getattr__(self, name):\n \n def __setattr__(self, name, obj):\n # handle re setting an item as an attribute\n- if self._tree is not None and name in self:\n+ if not name.startswith("_") and self._tree is not None and name in self:\n del self[name]\n self[name] = obj\n else:\ndiff --git a/news/4026.bugfix b/news/4026.bugfix\nnew file mode 100644\nindex 0000000000..a51ab29b2e\n--- /dev/null\n+++ b/news/4026.bugfix\n@@ -0,0 +1 @@\n+Avoid POSKeyError when commit occurs and we have savepoint that involves Plone Site. @wesleybl\n'

Repository: Products.CMFPlone


Branch: refs/heads/master
Date: 2024-10-16T16:20:15+02:00
Author: Peter Mathis (petschki) <[email protected]>
Commit: https://github.com/plone/Products.CMFPlone/commit/abd111b8b67b8c3c73ed9fd36f3b6cfb60dff81b

Merge pull request #4023 from plone/getaddresses_strict_parsing_fix

Respect new strict parsing of `email.utils.getaddresses`
* Use exisitng aliases controlpanel permissions for aliases endpoint

* Use ManagePortalAliases for alias delete endpoint on siteroot

Co-authored-by: David Glick &lt;[email protected]&gt;

* Update news/1820.bugfix

---------

Co-authored-by: David Glick &lt;[email protected]&gt;

Files changed:
A news/4020.bugfix
M Products/CMFPlone/PloneTool.py
M Products/CMFPlone/tests/testPloneTool.py
A news/1820.bugfix
M src/plone/restapi/services/aliases/configure.zcml

b'diff --git a/Products/CMFPlone/PloneTool.py b/Products/CMFPlone/PloneTool.py\nindex 0c549327a2..85f28e820e 100644\n--- a/Products/CMFPlone/PloneTool.py\n+++ b/Products/CMFPlone/PloneTool.py\n@@ -137,6 +137,12 @@ def validateSingleNormalizedEmailAddress(self, address):\n if not isinstance(address, str):\n return False\n \n+ address = address.strip()\n+\n+ # address can be empty if getaddresses has parsing errors (returns [("", "")])\n+ if address == "":\n+ return False\n+\n sub = EMAIL_CUTOFF_RE.match(address)\n if sub is not None:\n # Address contains two newlines (possible spammer relay attack)\ndiff --git a/Products/CMFPlone/tests/testPloneTool.py b/Products/CMFPlone/tests/testPloneTool.py\nindex 3e3be2c3ea..23a9120794 100644\n--- a/Products/CMFPlone/tests/testPloneTool.py\n+++ b/Products/CMFPlone/tests/testPloneTool.py\n@@ -74,7 +74,6 @@ def testvalidateEmailAddresses(self):\n validInputs = (\n "[email protected]",\n "[email protected],\\n [email protected]",\n- "[email protected]\\n [email protected]", # omitting comma is ok\n "[email protected],\\n [email protected]",\n )\n invalidInputs = (\ndiff --git a/news/4020.bugfix b/news/4020.bugfix\nnew file mode 100644\nindex 0000000000..e9cc73c207\n--- /dev/null\n+++ b/news/4020.bugfix\n@@ -0,0 +1,2 @@\n+Update for strict parsing in `email.utils.getaddresses` newest versions.\n+[petschki]\n'
b'diff --git a/news/1820.bugfix b/news/1820.bugfix\nnew file mode 100644\nindex 000000000..8f2aeaaf4\n--- /dev/null\n+++ b/news/1820.bugfix\n@@ -0,0 +1 @@\n+Aliases endpoint: Use "Manage Portal Aliases" and "Manage Content Aliases" permissions. @jackahl\ndiff --git a/src/plone/restapi/services/aliases/configure.zcml b/src/plone/restapi/services/aliases/configure.zcml\nindex c6499d117..b68d1050c 100644\n--- a/src/plone/restapi/services/aliases/configure.zcml\n+++ b/src/plone/restapi/services/aliases/configure.zcml\n@@ -8,7 +8,7 @@\n accept="application/json,application/schema+json"\n factory=".get.AliasesGet"\n for="Products.CMFPlone.interfaces.IPloneSiteRoot"\n- permission="zope2.View"\n+ permission="Products.CMFPlone.ManagePortalAliases"\n name="@aliases"\n />\n \n@@ -17,7 +17,7 @@\n accept="text/csv"\n factory=".get.AliasesGet"\n for="Products.CMFPlone.interfaces.IPloneSiteRoot"\n- permission="zope2.View"\n+ permission="Products.CMFPlone.ManagePortalAliases"\n name="@aliases"\n />\n \n@@ -26,7 +26,7 @@\n accept="application/json,application/schema+json"\n factory=".get.AliasesGet"\n for="Products.CMFCore.interfaces.IContentish"\n- permission="zope2.View"\n+ permission="Products.CMFPlone.ManageContextAliases"\n name="@aliases"\n />\n \n@@ -34,7 +34,7 @@\n method="POST"\n factory=".add.AliasesPost"\n for="*"\n- permission="cmf.ModifyPortalContent"\n+ permission="Products.CMFPlone.ManageContextAliases"\n name="@aliases"\n />\n \n@@ -42,7 +42,7 @@\n method="POST"\n factory=".add.AliasesRootPost"\n for="Products.CMFPlone.interfaces.IPloneSiteRoot"\n- permission="cmf.ModifyPortalContent"\n+ permission="Products.CMFPlone.ManagePortalAliases"\n name="@aliases"\n />\n \n@@ -50,7 +50,7 @@\n method="DELETE"\n factory=".delete.AliasesDelete"\n for="*"\n- permission="cmf.ModifyPortalContent"\n+ permission="Products.CMFPlone.ManageContextAliases"\n name="@aliases"\n />\n \n@@ -58,7 +58,7 @@\n method="DELETE"\n factory=".delete.AliasesDelete"\n for="Products.CMFPlone.interfaces.IPloneSiteRoot"\n- permission="cmf.ModifyPortalContent"\n+ permission="Products.CMFPlone.ManagePortalAliases"\n name="@aliases"\n />\n \n'

0 comments on commit f3dcff0

Please sign in to comment.