Commit 24ce164d authored by Kazuhiko Shiozaki's avatar Kazuhiko Shiozaki

core: cleanup Base_setDefaultSecurity.

parent 5a94f5fd
......@@ -52,11 +52,8 @@
<key> <string>_body</string> </key>
<value> <string>permission_list = context.possible_permissions()\n
\n
# First, remove all permissions (very secure by default)\n
# We should keep only Manager, or we will not be able to\n
# do the end of the script\n
for permission in permission_list:\n
context.manage_permission(permission, [\'Manager\'], 0)\n
# First, only Manager has the permission by default\n
manager_permission_list = permission_list\n
\n
# Then, define default ERP5 permissions\n
common_permission_list = [p for p in [\n
......@@ -91,7 +88,7 @@ erp5_role_dict = {\n
\'Associate\': common_permission_list + auditor_permission_list,\n
\'Auditor\' : common_permission_list + auditor_permission_list,\n
\'Author\': common_permission_list + author_permission_list,\n
\'Manager\': permission_list\n
\'Manager\': manager_permission_list\n
}\n
\n
# Add ERP5 permissions\n
......@@ -102,7 +99,11 @@ for role,permission_list in erp5_role_dict.items():\n
erp5_permission_dict[permission] = []\n
erp5_permission_dict[permission].append(role)\n
\n
for permission,role_list in erp5_permission_dict.items():\n
for permission,role_list in sorted(erp5_permission_dict.items()):\n
# Acquire permission if the role list is same as parent\n
if sorted([x[\'name\'] for x in context.aq_parent.rolesOfPermission(permission) if x[\'selected\']]) == sorted(role_list):\n
context.manage_permission(permission, [], 1)\n
else:\n
context.manage_permission(permission,role_list, 0)\n
\n
return "finished"\n
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment