[Zope-Checkins] CVS: Zope/lib/python/AccessControl - cAccessControl.c:1.20.2.4

Brian Lloyd brian at zope.com
Wed Jan 14 13:51:32 EST 2004


Update of /cvs-repository/Zope/lib/python/AccessControl
In directory cvs.zope.org:/tmp/cvs-serv29202

Modified Files:
      Tag: Zope-2_7-branch
	cAccessControl.c 
Log Message:
merge fixes


=== Zope/lib/python/AccessControl/cAccessControl.c 1.20.2.3 => 1.20.2.4 ===
--- Zope/lib/python/AccessControl/cAccessControl.c:1.20.2.3	Thu Jan  8 18:33:43 2004
+++ Zope/lib/python/AccessControl/cAccessControl.c	Wed Jan 14 13:51:31 2004
@@ -1078,17 +1078,17 @@
 	**|                # access
 	**|                raise Unauthorized(name, value)
 	**|
-	**|       for r in proxy_roles:
+	**|        for r in proxy_roles:
 	**|          if r in roles: return 1
 	**|
-	**|       # proxy roles actually limit access!
-	**|	  raise Unauthorized, ('You are not authorized to access'
-	**|	      '<em>%s</em>.' % cleanupName(name, value))
+	**|        raise Unauthorized, ('You are not authorized to access'
+	**|	     '<em>%s</em>.' % cleanupName(name, value))
 	*/
 		proxy_roles = PyObject_GetAttr(eo, _proxy_roles_str);
-                Py_DECREF(eo);
+
 		if (proxy_roles == NULL) 
                   {
+		    Py_DECREF(eo);
                     PyErr_Clear();
                   }
                 else if (PyObject_IsTrue(proxy_roles)) 
@@ -1098,25 +1098,43 @@
 
 		    method = PyObject_GetAttr(eo, getOwner_str);
 		    if (method == NULL) {
+		      Py_DECREF(eo);
+		      Py_DECREF(proxy_roles);
 		      goto err;
 		    }
 
 		    owner = PyObject_CallObject(method, NULL);
 		    Py_DECREF(method);
-
 		    if (owner == NULL) {
+		      Py_DECREF(eo);
+		      Py_DECREF(proxy_roles);
 		      goto err;
 		    }
 
-
 		    if (PyObject_IsTrue(owner)) {
 		      if (!PyObject_HasAttr(owner, aq_parent_str)) {
 			item = PyInt_FromLong(1);
+			if (item == NULL) {
+			  Py_DECREF(eo);
+			  Py_DECREF(proxy_roles);
+			  Py_DECREF(owner);
+			  goto err;
+			}
+
 		        tmp = callmethod1(eo, getOwner_str, item);
-			Py_XDECREF(item);
+			Py_DECREF(item);
+			if (tmp == NULL) (
+			  Py_DECREF(eo);
+			  Py_DECREF(proxy_roles);
+			  Py_DECREF(owner);
+			  goto err;
+			}
+
 			udb = PySequence_GetItem(tmp, 0);
 			Py_XDECREF(tmp);
 			if (udb == NULL) {
+			  Py_DECREF(eo);
+		          Py_DECREF(proxy_roles);
 			  Py_DECREF(owner);
 			  goto err;
 			}
@@ -1124,44 +1142,65 @@
 			method = PyObject_GetAttr(container, 
 						  getPhysicalRoot_str);
 			if (method == NULL) {
+			  Py_DECREF(eo);
+		          Py_DECREF(proxy_roles);
 			  Py_DECREF(owner);
 			  Py_DECREF(udb);
+			  goto err;
 			}
+
 			root = PyObject_CallObject(method, NULL);
 			Py_DECREF(method);
-			
+			if (root == NULL) {
+			  Py_DECREF(eo);
+		          Py_DECREF(proxy_roles);
+			  Py_DECREF(owner);
+			  Py_DECREF(udb);
+			  goto err;
+			}
+
 			ASSIGN(udb, callmethod1(root, unrestrictedTraverse_str,
 						udb)); 
+			Py_DECREF(root);
 			if (udb == NULL) {
+			  Py_DECREF(eo);
+		          Py_DECREF(proxy_roles);
 			  Py_DECREF(owner);
-			  Py_DECREF(udb);
+			  goto err;
 			}
 
 			ASSIGN(owner, callmethod1(owner, __of__, udb));
 			Py_DECREF(udb);
-
+			if (owner == NULL) {
+			  Py_DECREF(eo);
+		          Py_DECREF(proxy_roles);
+			  goto err;
+			}
 
 		      }
 		    }
 
+		    Py_DECREF(eo);
 
 		    if (owner != Py_None) {
-		      PyObject *tmp = callmethod1(owner, 
-						  _check_context_str,
-						  container
-						  );
+		      tmp = callmethod1(owner,_check_context_str,
+					container
+					);
 		      if (tmp == NULL) {
+		        Py_DECREF(proxy_roles);
 			Py_DECREF(owner);
 			goto err;
 		      }
 
 		      if (!PyObject_IsTrue(tmp)) {
+	                Py_DECREF(proxy_roles);
 			Py_DECREF(owner);
 			Py_DECREF(tmp);
 			unauthErr(name, value);
 			goto err;
 		      }
 		      Py_DECREF(owner);
+		      Py_DECREF(tmp);
 		    }
 		    		    
 		    /* ------------------------------------------- */
@@ -1199,9 +1238,9 @@
                     Py_DECREF(proxy_roles);
 
                     if (contains > 0)
-                      rval = PyInt_FromLong(1);
+                      rval = PyInt_FromLong(contains);
                     else if (contains == 0) {
-                      unauthErr(name, value);
+		      unauthErr(name, value);
                     }
                     goto err;
                   }




More information about the Zope-Checkins mailing list