fix security in transition and workflow state for cash_sorting_incident, plus some xml change

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@14798 20353a03-c40f-0410-a6d1-a30d3c3de9de

bt5/erp5_banking_cash/ActionTemplateItem/portal_types/Cash%20Sorting%20Incident%20Module/list_ui.xml

@@ -67,11 +67,8 @@
   <record id="2" aka="AAAAAAAAAAI=">
     <pickle>
       <tuple>
-        <tuple>
-          <string>Products.CMFCore.Expression</string>
-          <string>Expression</string>
-        </tuple>
-        <none/>
+        <global name="Expression" module="Products.CMFCore.Expression"/>
+        <tuple/>
       </tuple>
     </pickle>
     <pickle>

bt5/erp5_banking_cash/ActionTemplateItem/portal_types/Cash%20Sorting%20Incident%20Module/sort_on.xml

@@ -67,11 +67,8 @@
   <record id="2" aka="AAAAAAAAAAI=">
     <pickle>
       <tuple>
-        <tuple>
-          <string>Products.CMFCore.Expression</string>
-          <string>Expression</string>
-        </tuple>
-        <none/>
+        <global name="Expression" module="Products.CMFCore.Expression"/>
+        <tuple/>
       </tuple>
     </pickle>
     <pickle>

bt5/erp5_banking_cash/ActionTemplateItem/portal_types/Cash%20Sorting%20Incident%20Module/view.xml

@@ -67,11 +67,8 @@
   <record id="2" aka="AAAAAAAAAAI=">
     <pickle>
       <tuple>
-        <tuple>
-          <string>Products.CMFCore.Expression</string>
-          <string>Expression</string>
-        </tuple>
-        <none/>
+        <global name="Expression" module="Products.CMFCore.Expression"/>
+        <tuple/>
       </tuple>
     </pickle>
     <pickle>

bt5/erp5_banking_cash/ActionTemplateItem/portal_types/Cash%20Sorting%20Incident/history.xml

@@ -67,11 +67,8 @@
   <record id="2" aka="AAAAAAAAAAI=">
     <pickle>
       <tuple>
-        <tuple>
-          <string>Products.CMFCore.Expression</string>
-          <string>Expression</string>
-        </tuple>
-        <none/>
+        <global name="Expression" module="Products.CMFCore.Expression"/>
+        <tuple/>
       </tuple>
     </pickle>
     <pickle>

bt5/erp5_banking_cash/ActionTemplateItem/portal_types/Cash%20Sorting%20Incident/in_view.xml

@@ -67,11 +67,8 @@
   <record id="2" aka="AAAAAAAAAAI=">
     <pickle>
       <tuple>
-        <tuple>
-          <string>Products.CMFCore.Expression</string>
-          <string>Expression</string>
-        </tuple>
-        <none/>
+        <global name="Expression" module="Products.CMFCore.Expression"/>
+        <tuple/>
       </tuple>
     </pickle>
     <pickle>

bt5/erp5_banking_cash/ActionTemplateItem/portal_types/Cash%20Sorting%20Incident/incoming_input.xml

@@ -69,11 +69,8 @@
   <record id="2" aka="AAAAAAAAAAI=">
     <pickle>
       <tuple>
-        <tuple>
-          <string>Products.CMFCore.Expression</string>
-          <string>Expression</string>
-        </tuple>
-        <none/>
+        <global name="Expression" module="Products.CMFCore.Expression"/>
+        <tuple/>
       </tuple>
     </pickle>
     <pickle>
@@ -88,11 +85,8 @@
   <record id="3" aka="AAAAAAAAAAM=">
     <pickle>
       <tuple>
-        <tuple>
-          <string>Products.CMFCore.Expression</string>
-          <string>Expression</string>
-        </tuple>
-        <none/>
+        <global name="Expression" module="Products.CMFCore.Expression"/>
+        <tuple/>
       </tuple>
     </pickle>
     <pickle>

bt5/erp5_banking_cash/ActionTemplateItem/portal_types/Cash%20Sorting%20Incident/metadata.xml

@@ -67,11 +67,8 @@
   <record id="2" aka="AAAAAAAAAAI=">
     <pickle>
       <tuple>
-        <tuple>
-          <string>Products.CMFCore.Expression</string>
-          <string>Expression</string>
-        </tuple>
-        <none/>
+        <global name="Expression" module="Products.CMFCore.Expression"/>
+        <tuple/>
       </tuple>
     </pickle>
     <pickle>

bt5/erp5_banking_cash/ActionTemplateItem/portal_types/Cash%20Sorting%20Incident/out_view.xml

@@ -67,11 +67,8 @@
   <record id="2" aka="AAAAAAAAAAI=">
     <pickle>
       <tuple>
-        <tuple>
-          <string>Products.CMFCore.Expression</string>
-          <string>Expression</string>
-        </tuple>
-        <none/>
+        <global name="Expression" module="Products.CMFCore.Expression"/>
+        <tuple/>
       </tuple>
     </pickle>
     <pickle>

bt5/erp5_banking_cash/ActionTemplateItem/portal_types/Cash%20Sorting%20Incident/outgoing_input.xml

@@ -69,11 +69,8 @@
   <record id="2" aka="AAAAAAAAAAI=">
     <pickle>
       <tuple>
-        <tuple>
-          <string>Products.CMFCore.Expression</string>
-          <string>Expression</string>
-        </tuple>
-        <none/>
+        <global name="Expression" module="Products.CMFCore.Expression"/>
+        <tuple/>
       </tuple>
     </pickle>
     <pickle>
@@ -88,11 +85,8 @@
   <record id="3" aka="AAAAAAAAAAM=">
     <pickle>
       <tuple>
-        <tuple>
-          <string>Products.CMFCore.Expression</string>
-          <string>Expression</string>
-        </tuple>
-        <none/>
+        <global name="Expression" module="Products.CMFCore.Expression"/>
+        <tuple/>
       </tuple>
     </pickle>
     <pickle>

bt5/erp5_banking_cash/ActionTemplateItem/portal_types/Cash%20Sorting%20Incident/view.xml

@@ -67,11 +67,8 @@
   <record id="2" aka="AAAAAAAAAAI=">
     <pickle>
       <tuple>
-        <tuple>
-          <string>Products.CMFCore.Expression</string>
-          <string>Expression</string>
-        </tuple>
-        <none/>
+        <global name="Expression" module="Products.CMFCore.Expression"/>
+        <tuple/>
       </tuple>
     </pickle>
     <pickle>

bt5/erp5_banking_cash/WorkflowTemplateItem/portal_workflow/cash_sorting_incident_workflow/states/cancelled.xml

@@ -29,6 +29,12 @@
             <key> <string>id</string> </key>
             <value> <string>cancelled</string> </value>
         </item>
+        <item>
+            <key> <string>permission_roles</string> </key>
+            <value>
+              <persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
+            </value>
+        </item>
         <item>
             <key> <string>title</string> </key>
             <value> <string>Cancelled</string> </value>
@@ -48,4 +54,63 @@
       </dictionary>
     </pickle>
   </record>
+  <record id="2" aka="AAAAAAAAAAI=">
+    <pickle>
+      <tuple>
+        <global name="PersistentMapping" module="Persistence.mapping"/>
+        <tuple/>
+      </tuple>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>data</string> </key>
+            <value>
+              <dictionary>
+                <item>
+                    <key> <string>Access contents information</string> </key>
+                    <value>
+                      <tuple>
+                        <string>Assignee</string>
+                        <string>Assignor</string>
+                        <string>DestinationAssignor</string>
+                        <string>Manager</string>
+                        <string>Reviewer</string>
+                      </tuple>
+                    </value>
+                </item>
+                <item>
+                    <key> <string>Add portal content</string> </key>
+                    <value>
+                      <tuple>
+                        <string>Manager</string>
+                      </tuple>
+                    </value>
+                </item>
+                <item>
+                    <key> <string>Modify portal content</string> </key>
+                    <value>
+                      <tuple>
+                        <string>Manager</string>
+                      </tuple>
+                    </value>
+                </item>
+                <item>
+                    <key> <string>View</string> </key>
+                    <value>
+                      <tuple>
+                        <string>Assignee</string>
+                        <string>Assignor</string>
+                        <string>DestinationAssignor</string>
+                        <string>Manager</string>
+                        <string>Reviewer</string>
+                      </tuple>
+                    </value>
+                </item>
+              </dictionary>
+            </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
 </ZopeData>

bt5/erp5_banking_cash/WorkflowTemplateItem/portal_workflow/cash_sorting_incident_workflow/states/confirmed.xml

@@ -72,6 +72,7 @@
                       <tuple>
                         <string>Assignee</string>
                         <string>Assignor</string>
+                        <string>DestinationAssignor</string>
                         <string>Manager</string>
                         <string>Reviewer</string>
                       </tuple>
@@ -99,6 +100,7 @@
                       <tuple>
                         <string>Assignee</string>
                         <string>Assignor</string>
+                        <string>DestinationAssignor</string>
                         <string>Manager</string>
                         <string>Reviewer</string>
                       </tuple>

bt5/erp5_banking_cash/WorkflowTemplateItem/portal_workflow/cash_sorting_incident_workflow/states/delivered.xml

@@ -73,17 +73,41 @@
                 <item>
                     <key> <string>Access contents information</string> </key>
                     <value>
-                      <list>
+                      <tuple>
+                        <string>Assignee</string>
+                        <string>Assignor</string>
+                        <string>DestinationAssignor</string>
+                        <string>Manager</string>
                         <string>Reviewer</string>
-                      </list>
+                      </tuple>
+                    </value>
+                </item>
+                <item>
+                    <key> <string>Add portal content</string> </key>
+                    <value>
+                      <tuple>
+                        <string>Manager</string>
+                      </tuple>
+                    </value>
+                </item>
+                <item>
+                    <key> <string>Modify portal content</string> </key>
+                    <value>
+                      <tuple>
+                        <string>Manager</string>
+                      </tuple>
                     </value>
                 </item>
                 <item>
                     <key> <string>View</string> </key>
                     <value>
-                      <list>
+                      <tuple>
+                        <string>Assignee</string>
+                        <string>Assignor</string>
+                        <string>DestinationAssignor</string>
+                        <string>Manager</string>
                         <string>Reviewer</string>
-                      </list>
+                      </tuple>
                     </value>
                 </item>
               </dictionary>

bt5/erp5_banking_cash/WorkflowTemplateItem/portal_workflow/cash_sorting_incident_workflow/states/draft.xml

@@ -72,7 +72,9 @@
                     <key> <string>Access contents information</string> </key>
                     <value>
                       <tuple>
+                        <string>Assignee</string>
                         <string>Assignor</string>
+                        <string>DestinationAssignor</string>
                         <string>Manager</string>
                         <string>Reviewer</string>
                       </tuple>
@@ -100,7 +102,9 @@
                     <key> <string>View</string> </key>
                     <value>
                       <tuple>
+                        <string>Assignee</string>
                         <string>Assignor</string>
+                        <string>DestinationAssignor</string>
                         <string>Manager</string>
                         <string>Reviewer</string>
                       </tuple>

bt5/erp5_banking_cash/WorkflowTemplateItem/portal_workflow/cash_sorting_incident_workflow/states/planned.xml

@@ -72,6 +72,7 @@
                       <tuple>
                         <string>Assignee</string>
                         <string>Assignor</string>
+                        <string>DestinationAssignor</string>
                         <string>Manager</string>
                         <string>Reviewer</string>
                       </tuple>
@@ -99,6 +100,7 @@
                       <tuple>
                         <string>Assignee</string>
                         <string>Assignor</string>
+                        <string>DestinationAssignor</string>
                         <string>Manager</string>
                         <string>Reviewer</string>
                       </tuple>

bt5/erp5_banking_cash/WorkflowTemplateItem/portal_workflow/cash_sorting_incident_workflow/transitions/cancel.xml

@@ -44,7 +44,7 @@
         <item>
             <key> <string>guard</string> </key>
             <value>
-              <persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
+              <none/>
             </value>
         </item>
         <item>
@@ -70,25 +70,4 @@
       </dictionary>
     </pickle>
   </record>
-  <record id="2" aka="AAAAAAAAAAI=">
-    <pickle>
-      <tuple>
-        <global name="Guard" module="Products.DCWorkflow.Guard"/>
-        <tuple/>
-      </tuple>
-    </pickle>
-    <pickle>
-      <dictionary>
-        <item>
-            <key> <string>roles</string> </key>
-            <value>
-              <tuple>
-                <string>Manager</string>
-                <string>Assignor</string>
-              </tuple>
-            </value>
-        </item>
-      </dictionary>
-    </pickle>
-  </record>
 </ZopeData>

bt5/erp5_banking_cash/WorkflowTemplateItem/portal_workflow/cash_sorting_incident_workflow/transitions/cancel_action.xml

@@ -85,6 +85,7 @@
               <tuple>
                 <string>Manager</string>
                 <string>Assignor</string>
+                <string>DestinationAssignor</string>
               </tuple>
             </value>
         </item>

bt5/erp5_banking_cash/WorkflowTemplateItem/portal_workflow/cash_sorting_incident_workflow/transitions/deliver.xml

@@ -38,7 +38,7 @@
         <item>
             <key> <string>guard</string> </key>
             <value>
-              <persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
+              <none/>
             </value>
         </item>
         <item>
@@ -64,26 +64,4 @@
       </dictionary>
     </pickle>
   </record>
-  <record id="2" aka="AAAAAAAAAAI=">
-    <pickle>
-      <tuple>
-        <global name="Guard" module="Products.DCWorkflow.Guard"/>
-        <tuple/>
-      </tuple>
-    </pickle>
-    <pickle>
-      <dictionary>
-        <item>
-            <key> <string>roles</string> </key>
-            <value>
-              <tuple>
-                <string>Manager</string>
-                <string>Assignee</string>
-                <string>Assignor</string>
-              </tuple>
-            </value>
-        </item>
-      </dictionary>
-    </pickle>
-  </record>
 </ZopeData>

bt5/erp5_banking_cash/WorkflowTemplateItem/portal_workflow/cash_sorting_incident_workflow/transitions/deliver_action.xml

@@ -27,7 +27,7 @@
         </item>
         <item>
             <key> <string>actbox_name</string> </key>
-            <value> <string>deliver</string> </value>
+            <value> <string>Deliver</string> </value>
         </item>
         <item>
             <key> <string>actbox_url</string> </key>
@@ -35,7 +35,7 @@
         </item>
         <item>
             <key> <string>after_script_name</string> </key>
-            <value> <string></string> </value>
+            <value> <string>deliver</string> </value>
         </item>
         <item>
             <key> <string>description</string> </key>
@@ -53,7 +53,7 @@
         </item>
         <item>
             <key> <string>new_state_id</string> </key>
-            <value> <string>delivered</string> </value>
+            <value> <string></string> </value>
         </item>
         <item>
             <key> <string>script_name</string> </key>
@@ -61,7 +61,7 @@
         </item>
         <item>
             <key> <string>title</string> </key>
-            <value> <string>Deliver</string> </value>
+            <value> <string>Deliver Action</string> </value>
         </item>
         <item>
             <key> <string>trigger_type</string> </key>
@@ -84,7 +84,7 @@
             <value>
               <tuple>
                 <string>Manager</string>
-                <string>Assignee</string>
+                <string>DestinationAssignor</string>
               </tuple>
             </value>
         </item>

bt5/erp5_banking_cash/WorkflowTemplateItem/portal_workflow/cash_sorting_incident_workflow/transitions/draft.xml

@@ -61,7 +61,7 @@
         </item>
         <item>
             <key> <string>title</string> </key>
-            <value> <string>Reject</string> </value>
+            <value> <string>Draft</string> </value>
         </item>
         <item>
             <key> <string>trigger_type</string> </key>

bt5/erp5_banking_cash/WorkflowTemplateItem/portal_workflow/cash_sorting_incident_workflow/transitions/draft_action.xml

@@ -61,7 +61,7 @@
         </item>
         <item>
             <key> <string>title</string> </key>
-            <value> <string></string> </value>
+            <value> <string>Draft Action</string> </value>
         </item>
         <item>
             <key> <string>trigger_type</string> </key>
@@ -85,6 +85,7 @@
               <tuple>
                 <string>Manager</string>
                 <string>Assignee</string>
+                <string>DestinationAssignor</string>
               </tuple>
             </value>
         </item>

bt5/erp5_banking_cash/bt/revision

-351
+353
\ No newline at end of file