Commit 27c4b628 authored by Rafael Monnerat's avatar Rafael Monnerat

Treat user with Manager role as superuser.

parent 062f4840
......@@ -627,6 +627,8 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
if isinstance(user_str, six.text_type):
user_str = user_str.encode('utf-8')
user_is_superuser = (user == system_user) or (user_str == ERP5Security.SUPER_USER)
user_is_superuser = (user == system_user) or (user_str == ERP5Security.SUPER_USER) or \
('Manager' in user.getRoles())
allowedRolesAndUsers = self._listAllowedRolesAndUsers(user)
role_column_dict = {}
local_role_column_dict = {}
......@@ -751,7 +753,8 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
"""
user = _getAuthenticatedUser(self)
user_str = user.getIdOrUserName()
user_is_superuser = (user == system_user) or (user_str == ERP5Security.SUPER_USER)
user_is_superuser = (user == system_user) or (user_str == ERP5Security.SUPER_USER) or \
('Manager' in user.getRoles())
if user_is_superuser:
# We need no security check for super user.
return
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment