Fix getSingleCategoryMembershipList in order to handle checked_permission

parameter. git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@16542 20353a03-c40f-0410-a6d1-a30d3c3de9de

Fix getSingleCategoryMembershipList in order to handle checked_permission
parameter. git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@16542 20353a03-c40f-0410-a6d1-a30d3c3de9de
d76a30cf · Romain Courteaud · be15c414 · d76a30cf
Commit d76a30cf authored Sep 21, 2007 by Romain Courteaud
Hide whitespace changes
Inline Side-by-side

Showing with 46 additions and 37 deletions

product/CMFCategory/CategoryTool.py product/CMFCategory/CategoryTool.py +46 -37

No files found.
--- a/product/CMFCategory/CategoryTool.py
+++ b/product/CMFCategory/CategoryTool.py
@@ -678,7 +678,9 @@ class CategoryTool( UniqueObject, Folder, Base ):

    security.declareProtected( Permissions.AccessContentsInformation, 'setDefaultCategoryMembership' )
    def setDefaultCategoryMembership(self, context, base_category, default_category,
-                                              spec=(), filter=None, portal_type=(), base=0 ):
+                                              spec=(), filter=None,
+                                              portal_type=(), base=0,
+                                              checked_permission=None ):
      """
        Sets the membership of the context on the specified base_category
        list and for the specified portal_type spec
@@ -711,10 +713,11 @@ class CategoryTool( UniqueObject, Folder, Base ):
      self.setCategoryMembership(context, base_category, new_category_list,
           spec=spec, filter=filter, portal_type=portal_type, base=base, keep_default = 0)

-    security.declareProtected( Permissions.AccessContentsInformation,
-                                                        'getSingleCategoryMembershipList' )
+    security.declareProtected(Permissions.AccessContentsInformation,
+                              'getSingleCategoryMembershipList')
    def getSingleCategoryMembershipList(self, context, base_category, base=0,
-                                          spec=(), filter=None, checked_permission=None, **kw):
+                                         spec=(), filter=None, 
+                                         checked_permission=None, **kw):
      """
        Returns the local membership of the context for a single base category
        represented as a list of relative URLs
@@ -727,47 +730,51 @@ class CategoryTool( UniqueObject, Folder, Base ):

        base          --    if set to 1, returns relative URLs to portal_categories
                            if set to 0, returns relative URLs to the base category
+
+        checked_permission        --    a string which defined the permission 
+                                        to filter the object on
      """
      # XXX We must use filters in the future
      # where_expression = self._buildQuery(spec, filter, kw)
-      portal_type = kw.get('portal_type', ())
-      if spec is (): spec = portal_type
+      if spec is (): 
+        spec = kw.get('portal_type', ())

      # Build the ckecked_permission filter
-      if checked_permission is None:
-        permissionFilter = lambda x: x
-      else:
-        def permissionFilter(category_list):
-          filtered_category_list = []
-          checkPermission = self.portal_membership.checkPermission
-          for category in category_list:
-            object = self.unrestrictedTraverse(category)
-            if object is not None and checkPermission(checked_permission, object):
-              filtered_category_list.append(category)
-          return filtered_category_list
+      if checked_permission is not None:
+        checkPermission = self.portal_membership.checkPermission
+        def permissionFilter(category):
+          object = self.unrestrictedTraverse(category)
+          if object is not None and checkPermission(checked_permission, object):
+            return category
+          else:
+            return None
+            

      # We must treat parent in a different way
      #LOG('getSingleCategoryMembershipList', 0, 'base_category = %s, spec = %s, base = %s, context = %s, context.aq_inner.aq_parent = %s' % (repr(base_category), repr(spec), repr(base), repr(context), repr(context.aq_inner.aq_parent)))
      if base_category == 'parent':
        parent = context.aq_inner.aq_parent # aq_inner is required to make sure we use containment
        if parent.portal_type in spec:
-          if base:
-            return permissionFilter(['parent/' + parent.getRelativeUrl()])
-          else:
-            return permissionFilter([parent.getRelativeUrl()])
+          parent_relative_url = parent.getRelativeUrl()
+          if (checked_permission is None) or \
+            (permissionFilter(parent_relative_url) is not None):
+            if base:
+              return 'parent/%s' % parent_relative_url
+            else:
+              return parent_relative_url
        #LOG('getSingleCategoryMembershipList', 0, 'not in spec: parent.portal_type = %s, spec = %s' % (repr(parent.portal_type), repr(spec)))
        return []

-      result = []
-      append = result.append
      # XXX We must use filters in the future
      # where_expression = self._buildQuery(spec, filter, kw)
-      spec = kw.get('portal_type', ())
+      result = []
+      append = result.append
      # Make sure spec is a list or tuple
      if isinstance(spec, str):
        spec = [spec]
      # Filter categories
      if getattr(aq_base(context), 'categories', _marker) is not _marker:
+
        for category_url in self._getCategoryList(context):
          try:
            index = category_url.index('/')
@@ -777,20 +784,22 @@ class CategoryTool( UniqueObject, Folder, Base ):
          if my_base_category == base_category:
            #LOG("getSingleCategoryMembershipList",0,"%s %s %s %s" % (context.getRelativeUrl(),
            #                  my_base_category, base_category, category_url))
-            if spec is ():
-              if base:
-                append(category_url)
+            if (checked_permission is None) or \
+                (permissionFilter(category_url) is not None):
+              if spec is ():
+                if base:
+                  append(category_url)
+                else:
+                  append(category_url[len(my_base_category)+1:])
              else:
-                append(category_url[len(my_base_category)+1:])
-            else:
-              my_reference = self.unrestrictedTraverse(category_url, None)
-              if my_reference is not None:
-                if my_reference.portal_type in spec:
-                  if base:
-                    append(category_url)
-                  else:
-                    append(category_url[len(my_base_category)+1:])
-      return permissionFilter(result)
+                my_reference = self.unrestrictedTraverse(category_url, None)
+                if my_reference is not None:
+                  if my_reference.portal_type in spec:
+                    if base:
+                      append(category_url)
+                    else:
+                      append(category_url[len(my_base_category)+1:])
+      return result

    security.declareProtected( Permissions.AccessContentsInformation,
                                      'getSingleCategoryAcquiredMembershipList' )