Use and create view_role_list outside loop (which contains all roles with View...

Use and create view_role_list outside loop (which contains all roles with View permission) as boolean git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@19184 20353a03-c40f-0410-a6d1-a30d3c3de9de

Use and create view_role_list outside loop (which contains all roles with View...
Use and create view_role_list outside loop (which contains all roles with View permission) as boolean git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@19184 20353a03-c40f-0410-a6d1-a30d3c3de9de
60b69112 · Nicolas Delaby · acaee214 · 60b69112
Commit 60b69112 authored Feb 08, 2008 by Nicolas Delaby
Hide whitespace changes
Inline Side-by-side

Showing with 13 additions and 10 deletions

product/ERP5Catalog/CatalogTool.py product/ERP5Catalog/CatalogTool.py +13 -10

No files found.
--- a/product/ERP5Catalog/CatalogTool.py
+++ b/product/ERP5Catalog/CatalogTool.py
@@ -143,23 +143,26 @@ class IndexableObjectWrapper(CMFCoreIndexableObjectWrapper):
          if len(new_list)>0:
            new_dict[key] = new_list
        localroles = new_dict
+        user_role_list = []
+        for role_list in localroles.values():
+          user_role_list.extend([role for role in role_list if role not in user_role_list])
+        # Added for ERP5 project by JP Smets
+        # The reason why we do not want to keep Owner is because we are
+        # trying to reduce the number of security definitions
+        # However, this is a bad idea if we start to use Owner role
+        # as a kind of bamed Assignee and if we need it for worklists. Therefore
+        # we may sometimes catalog the owner user ID whenever the Owner
+        # has view permission (see getAllowedRolesAndUsers bellow
+        # as well as getViewPermissionOwner method in Base)
+        view_role_list = [role for role in user_role_list if allowed.has_key(role) and role != 'Owner']
        for user, roles in localroles.items():
-          # Added for ERP5 project by JP Smets
-          # The reason why we do not want to keep Owner is because we are
-          # trying to reduce the number of security definitions
-          # However, this is a bad idea if we start to use Owner role
-          # as a kind of bamed Assignee and if we need it for worklists. Therefore
-          # we may sometimes catalog the owner user ID whenever the Owner
-          # has view permission (see getAllowedRolesAndUsers bellow
-          # as well as getViewPermissionOwner method in Base)
-          view_role_list = [role for role in roles if allowed.has_key(role) and role != 'Owner']
          for role in roles:
            if allowed.has_key(role):
              if withnuxgroups:
                allowed[user] = 1
              else:
                allowed['user:' + user] = 1
-            if view_role_list:
+            if len(view_role_list):
              #One of Roles has view Permission.
              if withnuxgroups:
                allowed[user + ':' + role] = 1