[erp5_core] Fetch user name from __ac_name cookie

This restore the previous behaviour which has been dropped by nexedi/erp5@63c3da2b Because getSecurityManager().getUser() always returns "Anonymous User" when Base_getAutoLogoutSessionKey is called (from CookieCrumbler.modifyRequest), all users were sharing the same session which leads to user being all the time logged out.

[erp5_core] Fetch user name from __ac_name cookie
This restore the previous behaviour which has been dropped by nexedi/erp5@63c3da2b Because getSecurityManager().getUser() always returns "Anonymous User" when Base_getAutoLogoutSessionKey is called (from CookieCrumbler.modifyRequest), all users were sharing the same session which leads to user being all the time logged out.
abfe2f41 · Romain Courteaud · 71e5790f · abfe2f41
Commit abfe2f41 authored May 20, 2016 by Romain Courteaud
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 1 deletion

product/ERP5/bootstrap/erp5_core/SkinTemplateItem/portal_skins/erp5_auto_logout/Base_getAutoLogoutSessionKey.py ...al_skins/erp5_auto_logout/Base_getAutoLogoutSessionKey.py +1 -1

No files found.
--- a/product/ERP5/bootstrap/erp5_core/SkinTemplateItem/portal_skins/erp5_auto_logout/Base_getAutoLogoutSessionKey.py
+++ b/product/ERP5/bootstrap/erp5_core/SkinTemplateItem/portal_skins/erp5_auto_logout/Base_getAutoLogoutSessionKey.py
@@ -2,4 +2,4 @@ from AccessControl import getSecurityManager
 from zExceptions import Unauthorized
 if REQUEST is not None: # Cheap "do not call from URL" protection - not that the session key is secret
  raise Unauthorized
-return 'ac_cookie_' + str(getSecurityManager().getUser())
+return 'ac_cookie_%s' % context.REQUEST.get('__ac_name', 'Anonymous User')