1. 01 May, 2017 1 commit
    • Jérome Perrin's avatar
      Enable erp5 login user manager in post_upgrade · 8a27134c
      Jérome Perrin authored
      I just simulated an upgrade for an ERP5 running a version from before !185,  `ERP5UserManager Non Existence_constraint` properly disabled old `acl_users/erp5_users` and migrated all persons, but  `ERP5UserLoginManager Existence_constraint` did not activate `acl_users/erp5_login_users`.
      
      This is because  `ERP5UserLoginManager Existence_constraint` is registered as a **pre-upgrade** constraint, but with my upgrade scenario, pre-upgrade constraint are installed too late. 
      
      The upgrade scenario was:
      
       1. install new ERP5 SR on slapos
       2. manually install new versions of  erp5_upgrader and customer_configuration_upgrader business template
       3. run upgrade ( sense then fix on portal_alarms/promise_check_upgrade )
      
      During step 3, when pre-upgrade constraints are executed, erp5_base is not installed yet, so  `ERP5UserLoginManager Existence_constraint` can not run because it's not installed yet. 
      
      My suggestion is to change it to a post-upgrade constraint.
      
      If I understand correctly and my upgrade scenario is really the supported one, it means we can only have pre-upgrade constraints in erp5_upgrader.
      
      ( I also fix a meaningless typo in the same code)
      
      /cc @kazuhiko  @vpelletier @seb @gabriel 
      
      /reviewed-on nexedi/erp5!262
      8a27134c
  2. 28 Apr, 2017 2 commits
  3. 27 Apr, 2017 1 commit
  4. 25 Apr, 2017 2 commits
  5. 24 Apr, 2017 1 commit
    • Vincent Pelletier's avatar
      ERP5Security.ERP5UserLoginManager: Special-case user_id='System Processes' · 17d3df41
      Vincent Pelletier authored
      Because of ERP5Type.UnrestrictedMethod, 'System Processes' can own objects.
      Such objects can be proxy-role'd scripts, and proxy-role mechanism
      triggers many users look-ups (each time security is evaluated, which is
      virtually every getattr). Each such lookup will do a query for 'System
      Processes' user, which will (hopefully) find nothing anyway.
      So special-case 'System Processes' when looking by user_id by skipping
      the search altogether (enforcing the inability to locate this user,
      consistently with Zope assumptions, and consistently with previous
      behaviour).
      17d3df41
  6. 21 Apr, 2017 4 commits
  7. 20 Apr, 2017 14 commits
  8. 19 Apr, 2017 2 commits
  9. 18 Apr, 2017 12 commits
  10. 17 Apr, 2017 1 commit