From 64ac1b0f46cb38a4dbe5692939e00757dd235645 Mon Sep 17 00:00:00 2001
From: Olivier Dony <odo@openerp.com>
Date: Fri, 4 Jul 2014 16:53:26 +0200
Subject: [PATCH] [FIX] document: replace raw SQL constraint with bad parameter
 passing with builtin check_recursion

This instance was not actually exploitable for
SQL injection as it is not callable directly
via RPC and guarded by other queries when indirectly
called. Still plain awful.
---
 addons/document/document.py | 12 +-----------
 1 file changed, 1 insertion(+), 11 deletions(-)

diff --git a/addons/document/document.py b/addons/document/document.py
index bf37018afa8..5384ee0fb18 100644
--- a/addons/document/document.py
+++ b/addons/document/document.py
@@ -236,18 +236,8 @@ class document_directory(osv.osv):
         _parent(dir_id, path)
         return path
 
-    def _check_recursion(self, cr, uid, ids, context=None):
-        level = 100
-        while len(ids):
-            cr.execute('select distinct parent_id from document_directory where id in ('+','.join(map(str,ids))+')')
-            ids = filter(None, map(lambda x:x[0], cr.fetchall()))
-            if not level:
-                return False
-            level -= 1
-        return True
-
     _constraints = [
-        (_check_recursion, 'Error! You cannot create recursive directories.', ['parent_id'])
+        (osv.osv._check_recursion, 'Error! You cannot create recursive directories.', ['parent_id'])
     ]
 
     def onchange_content_id(self, cr, uid, ids, ressource_type_id):