From f3dcff06166681d4a3a706d438d9c832acd7b80f Mon Sep 17 00:00:00 2001
From: davisagli <david@glicksoftware.com>
Date: Wed, 16 Oct 2024 08:32:56 -0700
Subject: [PATCH] [fc] Repository: plone.restapi

Branch: refs/heads/main
Date: 2024-10-16T08:32:56-07:00
Author: jackahl (jackahl) <44289551+jackahl@users.noreply.github.com>
Commit: https://github.com/plone/plone.restapi/commit/b9a56e1930748da15351b90d502304ca17a0ac5e

Use existing aliases controlpanel permissions for aliases endpoint (#1825)

* Use exisitng aliases controlpanel permissions for aliases endpoint

* Use ManagePortalAliases for alias delete endpoint on siteroot

Co-authored-by: David Glick &lt;david@glicksoftware.com&gt;

* Update news/1820.bugfix

---------

Co-authored-by: David Glick &lt;david@glicksoftware.com&gt;

Files changed:
A news/1820.bugfix
M src/plone/restapi/services/aliases/configure.zcml
---
 last_commit.txt | 113 +++++++++---------------------------------------
 1 file changed, 20 insertions(+), 93 deletions(-)

diff --git a/last_commit.txt b/last_commit.txt
index 620863adb7..0fa3b56f56 100644
--- a/last_commit.txt
+++ b/last_commit.txt
@@ -1,101 +1,28 @@
-Repository: Products.CMFPlone
+Repository: plone.restapi
 
 
-Branch: refs/heads/master
-Date: 2024-10-09T09:14:34+02:00
-Author: Peter Mathis (petschki) <peter.mathis@kombinat.at>
-Commit: https://github.com/plone/Products.CMFPlone/commit/8a83d04f3c486844251887027b5d8c291e3d76db
+Branch: refs/heads/main
+Date: 2024-10-16T08:32:56-07:00
+Author: jackahl (jackahl) <44289551+jackahl@users.noreply.github.com>
+Commit: https://github.com/plone/plone.restapi/commit/b9a56e1930748da15351b90d502304ca17a0ac5e
 
-Respect new strict parsing of `email.utils.getaddresses`
+Use existing aliases controlpanel permissions for aliases endpoint (#1825)
 
-Files changed:
-M Products/CMFPlone/PloneTool.py
-M Products/CMFPlone/tests/testPloneTool.py
-
-b'diff --git a/Products/CMFPlone/PloneTool.py b/Products/CMFPlone/PloneTool.py\nindex 0c549327a2..3f4e12da1c 100644\n--- a/Products/CMFPlone/PloneTool.py\n+++ b/Products/CMFPlone/PloneTool.py\n@@ -142,6 +142,10 @@ def validateSingleNormalizedEmailAddress(self, address):\n             # Address contains two newlines (possible spammer relay attack)\n             return False\n \n+        # address can be empty if getaddresses has parsing errors (returns [("", "")])\n+        if address == "":\n+            return False\n+\n         # sub is an empty string if the address is valid\n         sub = EMAIL_RE.sub("", address)\n         if sub == "":\ndiff --git a/Products/CMFPlone/tests/testPloneTool.py b/Products/CMFPlone/tests/testPloneTool.py\nindex 3e3be2c3ea..23a9120794 100644\n--- a/Products/CMFPlone/tests/testPloneTool.py\n+++ b/Products/CMFPlone/tests/testPloneTool.py\n@@ -74,7 +74,6 @@ def testvalidateEmailAddresses(self):\n         validInputs = (\n             "user@example.org",\n             "user@example.org,\\n user2@example.org",\n-            "user@example.org\\n user2@example.org",  # omitting comma is ok\n             "USER@EXAMPLE.ORG,\\n User2@Example.Org",\n         )\n         invalidInputs = (\n'
-
-Repository: Products.CMFPlone
-
-
-Branch: refs/heads/master
-Date: 2024-10-09T09:14:34+02:00
-Author: Peter Mathis (petschki) <peter.mathis@kombinat.at>
-Commit: https://github.com/plone/Products.CMFPlone/commit/ad9586997d91e06e7be57b300bbe46950f0b7365
-
-changenote
-
-Files changed:
-A news/4020.bugfix
-
-b'diff --git a/news/4020.bugfix b/news/4020.bugfix\nnew file mode 100644\nindex 0000000000..e9cc73c207\n--- /dev/null\n+++ b/news/4020.bugfix\n@@ -0,0 +1,2 @@\n+Update for strict parsing in `email.utils.getaddresses` newest versions.\n+[petschki]\n'
-
-Repository: Products.CMFPlone
-
-
-Branch: refs/heads/master
-Date: 2024-10-09T10:35:35+02:00
-Author: Peter Mathis (petschki) <peter.mathis@kombinat.at>
-Commit: https://github.com/plone/Products.CMFPlone/commit/7de69a11006053849916f290c26e0db0cd1d28b9
-
-cleanup address and check early for empty value
-
-Files changed:
-M Products/CMFPlone/PloneTool.py
-
-b'diff --git a/Products/CMFPlone/PloneTool.py b/Products/CMFPlone/PloneTool.py\nindex 3f4e12da1c..85f28e820e 100644\n--- a/Products/CMFPlone/PloneTool.py\n+++ b/Products/CMFPlone/PloneTool.py\n@@ -137,15 +137,17 @@ def validateSingleNormalizedEmailAddress(self, address):\n         if not isinstance(address, str):\n             return False\n \n-        sub = EMAIL_CUTOFF_RE.match(address)\n-        if sub is not None:\n-            # Address contains two newlines (possible spammer relay attack)\n-            return False\n+        address = address.strip()\n \n         # address can be empty if getaddresses has parsing errors (returns [("", "")])\n         if address == "":\n             return False\n \n+        sub = EMAIL_CUTOFF_RE.match(address)\n+        if sub is not None:\n+            # Address contains two newlines (possible spammer relay attack)\n+            return False\n+\n         # sub is an empty string if the address is valid\n         sub = EMAIL_RE.sub("", address)\n         if sub == "":\n'
-
-Repository: Products.CMFPlone
-
-
-Branch: refs/heads/master
-Date: 2024-10-14T14:25:26+02:00
-Author: Peter Mathis (petschki) <petschki@users.noreply.github.com>
-Commit: https://github.com/plone/Products.CMFPlone/commit/1d45a8de120c713e8793fb5f66ac59adb9e2e0ff
-
-Merge branch 'master' into getaddresses_strict_parsing_fix
-
-Files changed:
-A news/4022.bugfix
-A news/4028.bugfix
-M Products/CMFPlone/controlpanel/browser/configure.zcml
-M Products/CMFPlone/controlpanel/permissions.zcml
-M Products/CMFPlone/resources/utils.py
-M Products/CMFPlone/tests/testResourceRegistries.py
-
-b'diff --git a/Products/CMFPlone/controlpanel/browser/configure.zcml b/Products/CMFPlone/controlpanel/browser/configure.zcml\nindex 1a8231c590..7cca9f0b3a 100644\n--- a/Products/CMFPlone/controlpanel/browser/configure.zcml\n+++ b/Products/CMFPlone/controlpanel/browser/configure.zcml\n@@ -4,18 +4,6 @@\n     xmlns:zcml="http://namespaces.zope.org/zcml"\n     >\n \n-  <permission\n-      id="plone.app.controlpanel.Imaging"\n-      title="Plone Site Setup: Imaging"\n-      />\n-\n-  <permission\n-      id="plone.app.controlpanel.TinyMCE"\n-      title="Plone Site Setup: TinyMCE"\n-      >\n-    <role name="Manager" />\n-  </permission>\n-\n   <!-- Control Panel Main Template -->\n   <browser:page\n       name="prefs_main_template"\n@@ -325,16 +313,6 @@\n       permission="cmf.ManagePortal"\n       />\n \n-  <permission\n-      id="Products.CMFPlone.ManagePortalAliases"\n-      title="Manage Portal Aliases"\n-      />\n-\n-  <permission\n-      id="Products.CMFPlone.ManageContextAliases"\n-      title="Manage Context Aliases"\n-      />\n-\n   <browser:page\n       name="redirection-controlpanel"\n       for="plone.base.interfaces.IPloneSiteRoot"\ndiff --git a/Products/CMFPlone/controlpanel/permissions.zcml b/Products/CMFPlone/controlpanel/permissions.zcml\nindex be7eda7479..a701cf634b 100644\n--- a/Products/CMFPlone/controlpanel/permissions.zcml\n+++ b/Products/CMFPlone/controlpanel/permissions.zcml\n@@ -67,4 +67,26 @@\n     <role name="Manager" />\n   </permission>\n \n+  <permission\n+    id="plone.app.controlpanel.Imaging"\n+    title="Plone Site Setup: Imaging"\n+    />\n+\n+  <permission\n+      id="plone.app.controlpanel.TinyMCE"\n+      title="Plone Site Setup: TinyMCE"\n+      >\n+    <role name="Manager" />\n+  </permission>\n+\n+  <permission\n+    id="Products.CMFPlone.ManagePortalAliases"\n+    title="Manage Portal Aliases"\n+    />\n+\n+  <permission\n+      id="Products.CMFPlone.ManageContextAliases"\n+      title="Manage Context Aliases"\n+      />\n+\n </configure>\ndiff --git a/Products/CMFPlone/resources/utils.py b/Products/CMFPlone/resources/utils.py\nindex a0632ec8dc..4cbb8bbf67 100644\n--- a/Products/CMFPlone/resources/utils.py\n+++ b/Products/CMFPlone/resources/utils.py\n@@ -1,6 +1,7 @@\n from Acquisition import aq_base\n from Acquisition import aq_inner\n from Acquisition import aq_parent\n+from OFS.Image import File\n from plone.base.interfaces.resources import OVERRIDE_RESOURCE_DIRECTORY_NAME\n from plone.resource.file import FilesystemFile\n from plone.resource.interfaces import IResourceDirectory\n@@ -75,9 +76,15 @@ def get_resource(context, path):\n     if hasattr(aq_base(resource), "GET"):\n         # for FileResource\n         result = resource.GET()\n-    else:\n+    elif isinstance(resource, File):\n+        # An OFS.Image.File object\n+        result = resource.data\n+    elif callable(resource):\n         # any BrowserView\n         result = resource()\n+    else:\n+        logger.info("Cannot get data from resource %r", resource)\n+        result = b""\n     context.REQUEST.response = response_before\n     return result\n \ndiff --git a/Products/CMFPlone/tests/testResourceRegistries.py b/Products/CMFPlone/tests/testResourceRegistries.py\nindex 12021ceb0a..235ba8cf87 100644\n--- a/Products/CMFPlone/tests/testResourceRegistries.py\n+++ b/Products/CMFPlone/tests/testResourceRegistries.py\n@@ -1,3 +1,4 @@\n+from OFS.Image import File\n from plone.app.testing import logout\n from plone.app.testing import setRoles\n from plone.app.testing import SITE_OWNER_NAME\n@@ -13,6 +14,7 @@\n from Products.CMFPlone.resources.browser.resource import REQUEST_CACHE_KEY\n from Products.CMFPlone.resources.browser.resource import ScriptsView\n from Products.CMFPlone.resources.browser.resource import StylesView\n+from Products.CMFPlone.resources.webresource import PloneScriptResource\n from Products.CMFPlone.tests import PloneTestCase\n from zope.component import getUtility\n \n@@ -180,6 +182,30 @@ def test_bundle_depends_on_missing(self):\n         # bundle should be skipped when rendering\n         self.assertNotIn("http://foo.bar/foobar.js", results)\n \n+    def test_resource_browser_static_resource(self):\n+        resource = PloneScriptResource(self.portal, resource="++resource++plone-admin-ui.js")\n+        self.assertIn(\n+            b"window.onload", resource.file_data,\n+        )\n+\n+    def test_resource_ofs_file(self):\n+        self.portal["foo.js"] = File("foo.js", "Title", b\'console.log()\')\n+        resource = PloneScriptResource(self.portal, resource="foo.js")\n+        self.assertEqual(\n+            resource.file_data, b\'console.log()\',\n+        )\n+\n+    def test_resource_view(self):\n+        resource = PloneScriptResource(self.portal, resource="@@ok")\n+        self.assertEqual(\n+            resource.file_data, b\'OK\',\n+        )\n+\n+    def test_resource_bogus(self):\n+        resource = PloneScriptResource(self.portal, resource="I_do_not_exist")\n+        self.assertEqual(\n+            resource.file_data, b\'I_do_not_exist\',\n+        )\n \n class TestStylesViewlet(PloneTestCase.PloneTestCase):\n     def test_styles_viewlet(self):\ndiff --git a/news/4022.bugfix b/news/4022.bugfix\nnew file mode 100644\nindex 0000000000..292aac9553\n--- /dev/null\n+++ b/news/4022.bugfix\n@@ -0,0 +1,2 @@\n+Resource registry: Support OFS.Image.File objects.\n+[ale-rt, thet]\ndiff --git a/news/4028.bugfix b/news/4028.bugfix\nnew file mode 100644\nindex 0000000000..d0916ccdf0\n--- /dev/null\n+++ b/news/4028.bugfix\n@@ -0,0 +1,2 @@\n+move all permission definitions for controlpanels to unifed file from controlpanel directory\n+[jackahl]\n'
-
-Repository: Products.CMFPlone
-
-
-Branch: refs/heads/master
-Date: 2024-10-16T08:29:26+02:00
-Author: Peter Mathis (petschki) <petschki@users.noreply.github.com>
-Commit: https://github.com/plone/Products.CMFPlone/commit/53a22d299a41f44fe6546098e670c7cfe84b3be4
-
-Merge branch 'master' into getaddresses_strict_parsing_fix
-
-Files changed:
-A news/4026.bugfix
-M Products/CMFPlone/Portal.py
-
-b'diff --git a/Products/CMFPlone/Portal.py b/Products/CMFPlone/Portal.py\nindex cbf4c91149..878872e666 100644\n--- a/Products/CMFPlone/Portal.py\n+++ b/Products/CMFPlone/Portal.py\n@@ -61,7 +61,7 @@ def __getattr__(self, name):\n \n     def __setattr__(self, name, obj):\n         # handle re setting an item as an attribute\n-        if self._tree is not None and name in self:\n+        if not name.startswith("_") and self._tree is not None and name in self:\n             del self[name]\n             self[name] = obj\n         else:\ndiff --git a/news/4026.bugfix b/news/4026.bugfix\nnew file mode 100644\nindex 0000000000..a51ab29b2e\n--- /dev/null\n+++ b/news/4026.bugfix\n@@ -0,0 +1 @@\n+Avoid POSKeyError when commit occurs and we have savepoint that involves Plone Site. @wesleybl\n'
-
-Repository: Products.CMFPlone
-
-
-Branch: refs/heads/master
-Date: 2024-10-16T16:20:15+02:00
-Author: Peter Mathis (petschki) <petschki@users.noreply.github.com>
-Commit: https://github.com/plone/Products.CMFPlone/commit/abd111b8b67b8c3c73ed9fd36f3b6cfb60dff81b
-
-Merge pull request #4023 from plone/getaddresses_strict_parsing_fix
-
-Respect new strict parsing of `email.utils.getaddresses`
+* Use exisitng aliases controlpanel permissions for aliases endpoint
+
+* Use ManagePortalAliases for alias delete endpoint on siteroot
+
+Co-authored-by: David Glick &lt;david@glicksoftware.com&gt;
+
+* Update news/1820.bugfix
+
+---------
+
+Co-authored-by: David Glick &lt;david@glicksoftware.com&gt;
 
 Files changed:
-A news/4020.bugfix
-M Products/CMFPlone/PloneTool.py
-M Products/CMFPlone/tests/testPloneTool.py
+A news/1820.bugfix
+M src/plone/restapi/services/aliases/configure.zcml
 
-b'diff --git a/Products/CMFPlone/PloneTool.py b/Products/CMFPlone/PloneTool.py\nindex 0c549327a2..85f28e820e 100644\n--- a/Products/CMFPlone/PloneTool.py\n+++ b/Products/CMFPlone/PloneTool.py\n@@ -137,6 +137,12 @@ def validateSingleNormalizedEmailAddress(self, address):\n         if not isinstance(address, str):\n             return False\n \n+        address = address.strip()\n+\n+        # address can be empty if getaddresses has parsing errors (returns [("", "")])\n+        if address == "":\n+            return False\n+\n         sub = EMAIL_CUTOFF_RE.match(address)\n         if sub is not None:\n             # Address contains two newlines (possible spammer relay attack)\ndiff --git a/Products/CMFPlone/tests/testPloneTool.py b/Products/CMFPlone/tests/testPloneTool.py\nindex 3e3be2c3ea..23a9120794 100644\n--- a/Products/CMFPlone/tests/testPloneTool.py\n+++ b/Products/CMFPlone/tests/testPloneTool.py\n@@ -74,7 +74,6 @@ def testvalidateEmailAddresses(self):\n         validInputs = (\n             "user@example.org",\n             "user@example.org,\\n user2@example.org",\n-            "user@example.org\\n user2@example.org",  # omitting comma is ok\n             "USER@EXAMPLE.ORG,\\n User2@Example.Org",\n         )\n         invalidInputs = (\ndiff --git a/news/4020.bugfix b/news/4020.bugfix\nnew file mode 100644\nindex 0000000000..e9cc73c207\n--- /dev/null\n+++ b/news/4020.bugfix\n@@ -0,0 +1,2 @@\n+Update for strict parsing in `email.utils.getaddresses` newest versions.\n+[petschki]\n'
+b'diff --git a/news/1820.bugfix b/news/1820.bugfix\nnew file mode 100644\nindex 000000000..8f2aeaaf4\n--- /dev/null\n+++ b/news/1820.bugfix\n@@ -0,0 +1 @@\n+Aliases endpoint: Use "Manage Portal Aliases" and "Manage Content Aliases" permissions. @jackahl\ndiff --git a/src/plone/restapi/services/aliases/configure.zcml b/src/plone/restapi/services/aliases/configure.zcml\nindex c6499d117..b68d1050c 100644\n--- a/src/plone/restapi/services/aliases/configure.zcml\n+++ b/src/plone/restapi/services/aliases/configure.zcml\n@@ -8,7 +8,7 @@\n       accept="application/json,application/schema+json"\n       factory=".get.AliasesGet"\n       for="Products.CMFPlone.interfaces.IPloneSiteRoot"\n-      permission="zope2.View"\n+      permission="Products.CMFPlone.ManagePortalAliases"\n       name="@aliases"\n       />\n \n@@ -17,7 +17,7 @@\n       accept="text/csv"\n       factory=".get.AliasesGet"\n       for="Products.CMFPlone.interfaces.IPloneSiteRoot"\n-      permission="zope2.View"\n+      permission="Products.CMFPlone.ManagePortalAliases"\n       name="@aliases"\n       />\n \n@@ -26,7 +26,7 @@\n       accept="application/json,application/schema+json"\n       factory=".get.AliasesGet"\n       for="Products.CMFCore.interfaces.IContentish"\n-      permission="zope2.View"\n+      permission="Products.CMFPlone.ManageContextAliases"\n       name="@aliases"\n       />\n \n@@ -34,7 +34,7 @@\n       method="POST"\n       factory=".add.AliasesPost"\n       for="*"\n-      permission="cmf.ModifyPortalContent"\n+      permission="Products.CMFPlone.ManageContextAliases"\n       name="@aliases"\n       />\n \n@@ -42,7 +42,7 @@\n       method="POST"\n       factory=".add.AliasesRootPost"\n       for="Products.CMFPlone.interfaces.IPloneSiteRoot"\n-      permission="cmf.ModifyPortalContent"\n+      permission="Products.CMFPlone.ManagePortalAliases"\n       name="@aliases"\n       />\n \n@@ -50,7 +50,7 @@\n       method="DELETE"\n       factory=".delete.AliasesDelete"\n       for="*"\n-      permission="cmf.ModifyPortalContent"\n+      permission="Products.CMFPlone.ManageContextAliases"\n       name="@aliases"\n       />\n \n@@ -58,7 +58,7 @@\n       method="DELETE"\n       factory=".delete.AliasesDelete"\n       for="Products.CMFPlone.interfaces.IPloneSiteRoot"\n-      permission="cmf.ModifyPortalContent"\n+      permission="Products.CMFPlone.ManagePortalAliases"\n       name="@aliases"\n       />\n \n'