Commit 430f6301 authored by Jean-Paul Smets's avatar Jean-Paul Smets

Factored allowedLocalRoles in unique method


git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@5217 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent 913f3a8c
...@@ -330,8 +330,12 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject): ...@@ -330,8 +330,12 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
def getAllowedRolesAndUsers(self, **kw): def getAllowedRolesAndUsers(self, **kw):
""" """
Return allowed roles and users. Return allowed roles and users.
This is supposed to be used with Z SQL Methods to check permissions This is supposed to be used with Z SQL Methods to check permissions
when you list up documents. when you list up documents. It is also able to take into account
a parameter named local_roles so that list documents only include
those documents for which the user (or the group) was
associated one of the given local roles.
""" """
user = _getAuthenticatedUser(self) user = _getAuthenticatedUser(self)
allowedRolesAndUsers = self._listAllowedRolesAndUsers(user) allowedRolesAndUsers = self._listAllowedRolesAndUsers(user)
...@@ -339,6 +343,7 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject): ...@@ -339,6 +343,7 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
# Patch for ERP5 by JP Smets in order # Patch for ERP5 by JP Smets in order
# to implement worklists and search of local roles # to implement worklists and search of local roles
if kw.has_key('local_roles'): if kw.has_key('local_roles'):
# XXX user is not enough - we should also include groups of the user
# Only consider local_roles if it is not empty # Only consider local_roles if it is not empty
if kw['local_roles'] != '' and kw['local_roles'] != [] and kw['local_roles'] is not None: if kw['local_roles'] != '' and kw['local_roles'] != [] and kw['local_roles'] is not None:
local_roles = kw['local_roles'] local_roles = kw['local_roles']
...@@ -362,24 +367,6 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject): ...@@ -362,24 +367,6 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
""" """
kw[ 'allowedRolesAndUsers' ] = self.getAllowedRolesAndUsers(**kw) # XXX allowedRolesAndUsers naming is wrong kw[ 'allowedRolesAndUsers' ] = self.getAllowedRolesAndUsers(**kw) # XXX allowedRolesAndUsers naming is wrong
# Patch for ERP5 by JP Smets in order
# to implement worklists and search of local roles
# This allows for displaying results based on local roles
# rather than based on view permissions
if kw.has_key('local_roles'):
# XXX user is not enough - we should also include groups of the user
user = _getAuthenticatedUser(self)
# Only consider local_roles if it is not empty
if kw['local_roles'] != '' and kw['local_roles'] != [] and kw['local_roles'] is not None:
local_roles = kw['local_roles']
# Turn it into a list if necessary according to ';' separator
if type(local_roles) == type('a'):
local_roles = local_roles.split(';')
# Local roles now has precedence (since it comes from a WorkList)
kw[ 'allowedRolesAndUsers' ] = []
for role in local_roles:
kw[ 'allowedRolesAndUsers' ].append('user:%s:%s' % (user, role))
if not _checkPermission( if not _checkPermission(
CMFCorePermissions.AccessInactivePortalContent, self ): CMFCorePermissions.AccessInactivePortalContent, self ):
base = aq_base( self ) base = aq_base( self )
...@@ -403,24 +390,6 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject): ...@@ -403,24 +390,6 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
""" """
kw[ 'allowedRolesAndUsers' ] = self.getAllowedRolesAndUsers(**kw) # XXX allowedRolesAndUsers naming is wrong kw[ 'allowedRolesAndUsers' ] = self.getAllowedRolesAndUsers(**kw) # XXX allowedRolesAndUsers naming is wrong
# Patch for ERP5 by JP Smets in order
# to implement worklists and search of local roles
# This allows for counting results based on local roles
# rather than based on view permissions
if kw.has_key('local_roles'):
# XXX user is not enough - we should also include groups of the user
user = _getAuthenticatedUser(self)
# Only consider local_roles if it is not empty
if kw['local_roles'] != '' and kw['local_roles'] != [] and kw['local_roles'] is not None:
local_roles = kw['local_roles']
# Turn it into a list if necessary according to ';' separator
if type(local_roles) == type('a'):
local_roles = local_roles.split(';')
# Local roles now has precedence (since it comes from a WorkList)
kw[ 'allowedRolesAndUsers' ] = []
for role in local_roles:
kw[ 'allowedRolesAndUsers' ].append('user:%s:%s' % (user, role))
# Forget about permissions in statistics # Forget about permissions in statistics
# (we should not count lines more than once with statistic expressions) # (we should not count lines more than once with statistic expressions)
if kw.has_key('select_expression'): del kw[ 'allowedRolesAndUsers' ] if kw.has_key('select_expression'): del kw[ 'allowedRolesAndUsers' ]
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment