From 425d821b7b6d35cfd481eb142f98852803ed3d0c Mon Sep 17 00:00:00 2001
From: Ivan Tyagov <ivan@nexedi.com>
Date: Wed, 17 Aug 2011 10:02:25 +0300
Subject: [PATCH] A bit more clever action condition(even though logged in user
 may not modify Person object it can still unblock it if it has access to
 system events).

---
 .../Person/unblock_user_login.xml             | 19 +++++++++++++++++--
 bt5/erp5_authentication_policy/bt/revision    |  2 +-
 2 files changed, 18 insertions(+), 3 deletions(-)

diff --git a/bt5/erp5_authentication_policy/ActionTemplateItem/portal_types/Person/unblock_user_login.xml b/bt5/erp5_authentication_policy/ActionTemplateItem/portal_types/Person/unblock_user_login.xml
index 681f747d0a..f3f49b3728 100644
--- a/bt5/erp5_authentication_policy/ActionTemplateItem/portal_types/Person/unblock_user_login.xml
+++ b/bt5/erp5_authentication_policy/ActionTemplateItem/portal_types/Person/unblock_user_login.xml
@@ -26,7 +26,9 @@
         </item>
         <item>
             <key> <string>condition</string> </key>
-            <value> <string></string> </value>
+            <value>
+              <persistent> <string encoding="base64">AAAAAAAAAAM=</string> </persistent>
+            </value>
         </item>
         <item>
             <key> <string>description</string> </key>
@@ -44,7 +46,7 @@
             <key> <string>permissions</string> </key>
             <value>
               <tuple>
-                <string>Modify portal content</string>
+                <string>View</string>
               </tuple>
             </value>
         </item>
@@ -80,4 +82,17 @@
       </dictionary>
     </pickle>
   </record>
+  <record id="3" aka="AAAAAAAAAAM=">
+    <pickle>
+      <global name="Expression" module="Products.CMFCore.Expression"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>text</string> </key>
+            <value> <string>python: here.portal_membership.checkPermission("Access contents information", here.system_event_module)</string> </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
 </ZopeData>
diff --git a/bt5/erp5_authentication_policy/bt/revision b/bt5/erp5_authentication_policy/bt/revision
index da2d3988d7..3f10ffe7a4 100644
--- a/bt5/erp5_authentication_policy/bt/revision
+++ b/bt5/erp5_authentication_policy/bt/revision
@@ -1 +1 @@
-14
\ No newline at end of file
+15
\ No newline at end of file
-- 
2.30.9