Treat user with Manager role as superuser.

1678063a · Rafael Monnerat · bfdcec37 · 1678063a
Commit 1678063a authored Jul 27, 2017 by Rafael Monnerat
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 1 deletion

product/ERP5Catalog/CatalogTool.py product/ERP5Catalog/CatalogTool.py +4 -1

No files found.
--- a/product/ERP5Catalog/CatalogTool.py
+++ b/product/ERP5Catalog/CatalogTool.py
@@ -503,6 +503,8 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
      user = _getAuthenticatedUser(self)
      user_str = user.getIdOrUserName()
      user_is_superuser = (user == system_user) or (user_str == ERP5Security.SUPER_USER)
+      user_is_superuser = (user == system_user) or (user_str == ERP5Security.SUPER_USER) or \
+          ('Manager' in user.getRoles())
      allowedRolesAndUsers = self._listAllowedRolesAndUsers(user)
      role_column_dict = {}
      local_role_column_dict = {}
@@ -628,7 +630,8 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
      """
      user = _getAuthenticatedUser(self)
      user_str = user.getIdOrUserName()
-      user_is_superuser = (user == system_user) or (user_str == ERP5Security.SUPER_USER)
+      user_is_superuser = (user == system_user) or (user_str == ERP5Security.SUPER_USER) or \
+          ('Manager' in user.getRoles())
      if user_is_superuser:
        # We need no security check for super user.
        return