more tools for migration to Flask

2021-01-10 11:43:17 +01:00 · 2021-01-10 11:43:17 +01:00 · af5b946b46
commit af5b946b46
parent 8018a0b092
4 changed files with 63 additions and 7 deletions
--- a/ZNotes.py
+++ b/ZNotes.py
@ -217,7 +217,16 @@ class ZNotes(ObjectManager, PropertyManager, RoleManager, Item, Persistent, Impl

    def gloups(self, REQUEST):
        "essai gloups"
-        return ""
+        H = [
+            "<p>REQUEST.URL =%s</p>" % REQUEST.URL,
+            "<p>REQUEST.URL0=%s</p>" % REQUEST.URL0,
+            "<p>REQUEST.URL1=%s</p>" % REQUEST.URL1,
+            "<p>REQUEST.BASE0=%s</p>" % REQUEST.BASE0,
+            "<p>REQUEST.QUERY_STRING=%s</p>" % REQUEST.QUERY_STRING,
+            "<p>REQUEST.REQUEST_METHOD=%s (%s)</p>"
+            % (REQUEST.REQUEST_METHOD, type(REQUEST.REQUEST_METHOD)),
+        ]
+        return "\n".join(H)
        # return pdfbulletins.essaipdf(REQUEST)
        # return sendPDFFile(REQUEST, pdfbulletins.pdftrombino(0,0), 'toto.pdf' )

--- a/misc/extract_code_strings.py
+++ b/misc/extract_code_strings.py
@ -0,0 +1,27 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+"""Extract all string litterals from our code base.
+
+Useful to check if an API function is used in a generated web page !
+
+Usage:
+    extract_code_strings.py source.py ...
+
+(replace RT by an existing departement id)
+
+E. Viennet 2021-01-09
+"""
+from __future__ import print_function
+
+import sys
+import ast
+
+L = []
+for srcfilename in sys.argv[1:]:
+    print("processing %s" % srcfilename, file=sys.stderr)
+    with open(srcfilename) as f:
+        p = ast.parse(f.read())
+        L.extend(x.s.strip() for x in ast.walk(p) if x.__class__ == ast.Str)
+
+L = sorted(set(L))  # uniq | sort
+print("\n".join(L))
--- a/misc/zopelistmethods.py
+++ b/misc/zopelistmethods.py
@ -3,11 +3,10 @@

 """List Zope published methods (helps redesign ScoDoc's API).

-Launch ScoDoc as follows: (as root)
+Usage:
+    scotests/scointeractive.sh RT misc/zopelistmethods.py 

- /opt/scodoc/bin/zopectl debug 
-
-Then run this file
+(replace RT by an existing departement id)

 E. Viennet 2020-01-26
 """
@ -23,6 +22,8 @@ from ZAbsences import ZAbsences
 from ZScoUsers import ZScoUsers
 from ZEntreprises import ZEntreprises

+RESFILENAME = "publishedmethods.csv"
+

 def get_methods_description(klass):
    D = klass.__dict__
@ -63,4 +64,6 @@ for module_name in published_by_module:

 print("Total: \t ", N)

-open("publishedmethods.csv", "w").write("\n".join(["\t".join(l) for l in lines]))
+print("Writing %s" % RESFILENAME)
+with open(RESFILENAME, "w") as f:
+    f.write("\n".join(["\t".join(l) for l in lines]))
--- a/sco_zope.py
+++ b/sco_zope.py
@ -38,7 +38,7 @@ from OFS.ObjectManager import ObjectManager
 from AccessControl.Role import RoleManager  # provide the 'Ownership' tab with

 # the 'manage_owner' method
-from AccessControl import ClassSecurityInfo
+from AccessControl import ClassSecurityInfo as ZopeClassSecurityInfo
 import Globals
 from Globals import DTMLFile  # can use DTML files
 from Globals import Persistent
@ -47,3 +47,20 @@ from Acquisition import Implicit

 # where we exist on the file system
 file_path = Globals.package_home(globals())
+
+# Collect all security declarations (Zope2Flask)
+
+import inspect
+
+LOG_SECURITY=False # use for dev
+
+class ClassSecurityInfo(ZopeClassSecurityInfo):
+    def declareProtected(self, perm, funcname):
+        if LOG_SECURITY:
+            frame = inspect.currentframe()
+            module = frame.f_back.f_locals["__module__"]
+            if str(module).strip() == "ZAbsences":
+                raise Exception()
+            with open("/tmp/protected_methods.txt", "a") as f:
+                f.write("%s\t%s\n" % (module, funcname))
+        super(ClassSecurityInfo, self).declareProtected(perm, funcname)