From 251596213c1c46ca97c28fafcfc4e532f1404f57 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Aur=C3=A9lien=20Calonne?= <aurel@nexedi.com>
Date: Tue, 5 Feb 2008 14:53:15 +0000
Subject: [PATCH] fix transition security on check payment, fix control when
 doing manual validation

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@19057 20353a03-c40f-0410-a6d1-a30d3c3de9de
---
 .../transitions/order.xml                     | 23 +------------------
 .../checkAccountIsOverdraftFacility.xml       |  2 +-
 .../scripts/validateConsistency.xml           | 12 +++++++---
 .../scripts/validatePositionAccounting.xml    |  2 +-
 .../transitions/order.xml                     | 23 +------------------
 bt5/erp5_banking_check/bt/revision            |  2 +-
 6 files changed, 14 insertions(+), 50 deletions(-)

diff --git a/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_deposit_workflow/transitions/order.xml b/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_deposit_workflow/transitions/order.xml
index 62a4d59de7..9f352b2009 100644
--- a/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_deposit_workflow/transitions/order.xml
+++ b/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_deposit_workflow/transitions/order.xml
@@ -44,7 +44,7 @@
         <item>
             <key> <string>guard</string> </key>
             <value>
-              <persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
+              <none/>
             </value>
         </item>
         <item>
@@ -70,25 +70,4 @@
       </dictionary>
     </pickle>
   </record>
-  <record id="2" aka="AAAAAAAAAAI=">
-    <pickle>
-      <tuple>
-        <global name="Guard" module="Products.DCWorkflow.Guard"/>
-        <tuple/>
-      </tuple>
-    </pickle>
-    <pickle>
-      <dictionary>
-        <item>
-            <key> <string>roles</string> </key>
-            <value>
-              <tuple>
-                <string>Manager</string>
-                <string>Assignee</string>
-              </tuple>
-            </value>
-        </item>
-      </dictionary>
-    </pickle>
-  </record>
 </ZopeData>
diff --git a/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_payment_workflow/scripts/checkAccountIsOverdraftFacility.xml b/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_payment_workflow/scripts/checkAccountIsOverdraftFacility.xml
index da4a6bbd00..e88cfd7914 100644
--- a/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_payment_workflow/scripts/checkAccountIsOverdraftFacility.xml
+++ b/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_payment_workflow/scripts/checkAccountIsOverdraftFacility.xml
@@ -81,7 +81,7 @@ transaction.Baobab_checkCounterDateOpen(site=source, date=date)\n
 site = transaction.getSourceValue()\n
 \n
 # For safety, check the consistency again.\n
-context.validateConsistency(state_change)\n
+context.validateConsistency(state_change, no_balance_check=1)\n
 \n
 line = transaction.movement\n
 bank_account = transaction.getDestinationPaymentValue()\n
diff --git a/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_payment_workflow/scripts/validateConsistency.xml b/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_payment_workflow/scripts/validateConsistency.xml
index 7198f0f0f4..a773b6e54c 100644
--- a/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_payment_workflow/scripts/validateConsistency.xml
+++ b/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_payment_workflow/scripts/validateConsistency.xml
@@ -140,6 +140,9 @@ transaction.edit(aggregate=check.getRelativeUrl())\n
 \n
 context.updateBankingOperation(state_change)\n
 \n
+if no_balance_check == 1:\n
+  return\n
+\n
 # Test if the account balance is sufficient.\n
 # We do not need to serialize here because we do not make\n
 # reservation yet\n
@@ -171,7 +174,7 @@ elif error[\'error_code\'] != 0:\n
         </item>
         <item>
             <key> <string>_params</string> </key>
-            <value> <string>state_change, **kw</string> </value>
+            <value> <string>state_change, no_balance_check=0, **kw</string> </value>
         </item>
         <item>
             <key> <string>_proxy_roles</string> </key>
@@ -199,13 +202,14 @@ elif error[\'error_code\'] != 0:\n
                   <dictionary>
                     <item>
                         <key> <string>co_argcount</string> </key>
-                        <value> <int>1</int> </value>
+                        <value> <int>2</int> </value>
                     </item>
                     <item>
                         <key> <string>co_varnames</string> </key>
                         <value>
                           <tuple>
                             <string>state_change</string>
+                            <string>no_balance_check</string>
                             <string>kw</string>
                             <string>Products.DCWorkflow.DCWorkflow</string>
                             <string>ValidationFailed</string>
@@ -242,7 +246,9 @@ elif error[\'error_code\'] != 0:\n
         <item>
             <key> <string>func_defaults</string> </key>
             <value>
-              <none/>
+              <tuple>
+                <int>0</int>
+              </tuple>
             </value>
         </item>
         <item>
diff --git a/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_payment_workflow/scripts/validatePositionAccounting.xml b/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_payment_workflow/scripts/validatePositionAccounting.xml
index 47f9f2be82..bf481c9b6b 100644
--- a/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_payment_workflow/scripts/validatePositionAccounting.xml
+++ b/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_payment_workflow/scripts/validatePositionAccounting.xml
@@ -83,7 +83,7 @@ site = transaction.getSourceValue()\n
 transaction.Baobab_checkCounterOpened(site)\n
 \n
 # For safety, check the consistency again.\n
-context.validateConsistency(state_change)\n
+context.validateConsistency(state_change, no_balance_check=1)\n
 \n
 line = transaction.movement\n
 bank_account = transaction.getDestinationPaymentValue()\n
diff --git a/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_payment_workflow/transitions/order.xml b/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_payment_workflow/transitions/order.xml
index fb843fe124..ecd3bc59dc 100644
--- a/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_payment_workflow/transitions/order.xml
+++ b/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_payment_workflow/transitions/order.xml
@@ -38,7 +38,7 @@
         <item>
             <key> <string>guard</string> </key>
             <value>
-              <persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
+              <none/>
             </value>
         </item>
         <item>
@@ -64,25 +64,4 @@
       </dictionary>
     </pickle>
   </record>
-  <record id="2" aka="AAAAAAAAAAI=">
-    <pickle>
-      <tuple>
-        <global name="Guard" module="Products.DCWorkflow.Guard"/>
-        <tuple/>
-      </tuple>
-    </pickle>
-    <pickle>
-      <dictionary>
-        <item>
-            <key> <string>roles</string> </key>
-            <value>
-              <tuple>
-                <string>Manager</string>
-                <string>Assignee</string>
-              </tuple>
-            </value>
-        </item>
-      </dictionary>
-    </pickle>
-  </record>
 </ZopeData>
diff --git a/bt5/erp5_banking_check/bt/revision b/bt5/erp5_banking_check/bt/revision
index 5f5d9b11ac..9361cf7165 100644
--- a/bt5/erp5_banking_check/bt/revision
+++ b/bt5/erp5_banking_check/bt/revision
@@ -1 +1 @@
-375
\ No newline at end of file
+376
\ No newline at end of file
-- 
2.30.9