Do not create any security table entry when role is "Owner".

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@19285 20353a03-c40f-0410-a6d1-a30d3c3de9de

Do not create any security table entry when role is "Owner".
git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@19285 20353a03-c40f-0410-a6d1-a30d3c3de9de
5fbdcc5f · Vincent Pelletier · 59c51ebf · 5fbdcc5f
Commit 5fbdcc5f authored Feb 12, 2008 by Vincent Pelletier
Hide whitespace changes
Inline Side-by-side

Showing with 5 additions and 3 deletions

product/ERP5Catalog/CatalogTool.py product/ERP5Catalog/CatalogTool.py +5 -3

No files found.
--- a/product/ERP5Catalog/CatalogTool.py
+++ b/product/ERP5Catalog/CatalogTool.py
@@ -118,6 +118,8 @@ class IndexableObjectWrapper(CMFCoreIndexableObjectWrapper):
        allowed = {}
        for r in rolesForPermissionOn('View', ob):
          allowed[r] = 1
+        if 'Owner' in allowed:
+          del allowed['Owner']
        if withnuxgroups:
          localroles = mergedLocalRoles(ob, withgroups=1)
        elif withpas:
@@ -154,9 +156,11 @@ class IndexableObjectWrapper(CMFCoreIndexableObjectWrapper):
        # we may sometimes catalog the owner user ID whenever the Owner
        # has view permission (see getAllowedRolesAndUsers bellow
        # as well as getViewPermissionOwner method in Base)
-        view_role_list = [role for role in user_role_list if allowed.has_key(role) and role != 'Owner']
+        view_role_list = [role for role in user_role_list if allowed.has_key(role)]
        for user, roles in localroles.items():
          for role in roles:
+            if role == 'Owner':
+              continue
            if allowed.has_key(role):
              if withnuxgroups:
                allowed[user] = 1
@@ -168,8 +172,6 @@ class IndexableObjectWrapper(CMFCoreIndexableObjectWrapper):
                allowed[user + ':' + role] = 1
              else:
                allowed['user:' + user + ':' + role] = 1
-        if allowed.has_key('Owner'):
-          del allowed['Owner']
        return list(allowed.keys())
 class RelatedBaseCategory(Method):