Commit 12e717d1 authored by Kazuhiko Shiozaki's avatar Kazuhiko Shiozaki

Security should be handled by the target document not by the mapped property document.


git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@33501 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent e219c994
......@@ -49,8 +49,9 @@ class MappedProperty(XMLObject):
PropertySheet.CategoryCore,
PropertySheet.MappedProperty)
security.declareProtected(Permissions.AccessContentsInformation,
'getMappedProperty')
# Security should be handled by the target document not by the mapped
# property document.
security.declarePublic('getMappedProperty')
def getMappedProperty(self, document, property):
if property.endswith('_list'):
property = property[:-5]
......@@ -65,8 +66,9 @@ class MappedProperty(XMLObject):
else:
return getProperty(mapped_property)
security.declareProtected(Permissions.AccessContentsInformation,
'setMappedProperty')
# Security should be handled by the target document not by the mapped
# property document.
security.declarePublic('setMappedProperty')
def setMappedProperty(self, document, property, value):
if property.endswith('_list'):
property = property[:-5]
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment