Mercurial > hg > documentViewer
comparison documentViewer.py @ 42:fbc7258e4b5c
changed default access to deny if no access information
author | casties |
---|---|
date | Fri, 14 Jul 2006 18:22:36 +0200 |
parents | 0c8ee8fcfd76 |
children | f3bc59cf64d9 |
comparison
equal
deleted
inserted
replaced
41:0c8ee8fcfd76 | 42:fbc7258e4b5c |
---|---|
143 """returns if access to the resource is granted""" | 143 """returns if access to the resource is granted""" |
144 access = docinfo.get('accessType', None) | 144 access = docinfo.get('accessType', None) |
145 zLOG.LOG("documentViewer (accessOK)", zLOG.INFO, "access type %s"%access) | 145 zLOG.LOG("documentViewer (accessOK)", zLOG.INFO, "access type %s"%access) |
146 if access is None: | 146 if access is None: |
147 # no information - no access | 147 # no information - no access |
148 #TODO: check | 148 return False |
149 return True | |
150 elif access == 'free': | 149 elif access == 'free': |
151 zLOG.LOG("documentViewer (accessOK)", zLOG.INFO, "access is free") | 150 zLOG.LOG("documentViewer (accessOK)", zLOG.INFO, "access is free") |
152 return True | 151 return True |
153 elif access in self.authgroups: | 152 elif access in self.authgroups: |
154 # only local access -- only logged in users | 153 # only local access -- only logged in users |
155 user = getSecurityManager().getUser() | 154 user = getSecurityManager().getUser() |
156 if user is not None: | 155 if user is not None: |