Back to index

plone3  3.1.7
csrf.py
Go to the documentation of this file.
00001 from plone.protect import protect, CheckAuthenticator
00002 
00003 # apply csrf-protection decorator to the given callable
00004 patch = protect(CheckAuthenticator)
00005 
00006 
00007 def applyPatches():
00008     """ apply csrf-protection decorator to all relevant methods """
00009 
00010     from Products.CMFPlone.PloneTool import PloneTool as PT
00011     PT.setMemberProperties = patch(PT.setMemberProperties)
00012     PT.changeOwnershipOf = patch(PT.changeOwnershipOf)
00013     PT.acquireLocalRoles = patch(PT.acquireLocalRoles)
00014     PT.deleteObjectsByPaths = patch(PT.deleteObjectsByPaths)
00015     PT.transitionObjectsByPaths = patch(PT.transitionObjectsByPaths)
00016     PT.renameObjectsByPaths = patch(PT.renameObjectsByPaths)
00017 
00018     from plone.session.plugins.session import SessionPlugin as SP
00019     SP.manage_clearSecrets = patch(SP.manage_clearSecrets)
00020     SP.manage_createNewSecret = patch(SP.manage_createNewSecret)
00021 
00022     from Products.CMFCore.RegistrationTool import RegistrationTool
00023     RegistrationTool.addMember = patch(RegistrationTool.addMember)
00024 
00025     from Products.CMFCore.MembershipTool import MembershipTool as MT
00026     from Products.CMFPlone.MembershipTool import MembershipTool as PMT
00027     MT.setPassword = patch(MT.setPassword)
00028     PMT.setPassword = patch(PMT.setPassword)
00029     MT.setRoleMapping = patch(MT.setRoleMapping)
00030     MT.deleteMemberArea = patch(MT.deleteMemberArea)
00031     MT.setLocalRoles = patch(MT.setLocalRoles)
00032     MT.deleteLocalRoles = patch(MT.deleteLocalRoles)
00033     MT.deleteMembers = patch(MT.deleteMembers)
00034 
00035     from Products.CMFCore.MemberDataTool import MemberData as MD
00036     original_setProperties = MD.setProperties
00037     def setProperties(self, properties=None, REQUEST=None, **kw):
00038         return original_setProperties(self, properties, **kw)
00039     setProperties.__doc__ = original_setProperties.__doc__
00040     MD.setProperties = patch(setProperties)
00041 
00042     from Products.CMFDefault.RegistrationTool import RegistrationTool
00043     RegistrationTool.editMember = patch(RegistrationTool.editMember)
00044 
00045     from Products.PlonePAS.tools.groupdata import GroupData
00046     GroupData.addMember = patch(GroupData.addMember)
00047     GroupData.removeMember = patch(GroupData.removeMember)
00048 
00049     from Products.PluggableAuthService.PluggableAuthService import \
00050          PluggableAuthService as PAS
00051     PAS.userFolderAddUser = patch(PAS.userFolderAddUser)
00052     PAS.userFolderEditUser = patch(PAS.userFolderEditUser)
00053     PAS.userFolderDelUsers = patch(PAS.userFolderDelUsers)
00054