Some categories can have different security, so getCategoryChildItemList cache

should take username into account when caching categories.
For optimisation, do this only when checked_permission is passed.



git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@21613 20353a03-c40f-0410-a6d1-a30d3c3de9de

product/CMFCategory/Category.py

@@ -30,6 +30,7 @@ import string
 
 from Globals import InitializeClass, DTMLFile
 from AccessControl import ClassSecurityInfo
+from AccessControl import getSecurityManager
 from Acquisition import aq_base, aq_inner, aq_parent
 from Products.CMFCore.utils import getToolByName
 
@@ -528,13 +529,20 @@ class Category(Folder):
       if not cache:
         return _renderCategoryChildItemList(
                       recursive=recursive, base=base, **kw)
-
+      
+      # If checked_permission is specified, we include the username in the
+      # cache key
+      username = None
+      if 'checked_permission' in kw:
+        username = str(getSecurityManager().getUser())
+        
       # Some methods are language dependent so we include the language in the
       # key
       localizer = getToolByName(self, 'Localizer')
       language = localizer.get_selected_language()
       m = CachingMethod(_renderCategoryChildItemList,
-            ('Category_getCategoryChildItemList', language, self.getPath()),
+            ('Category_getCategoryChildItemList', language,
+              self.getPath(), username),
             cache_factory=cache)
 
       return m(recursive=recursive, base=base, **kw)

product/CMFCategory/tests/testCMFCategory.py

@@ -30,6 +30,7 @@ import unittest
 
 from Testing import ZopeTestCase
 from Products.ERP5Type.tests.ERP5TypeTestCase import ERP5TypeTestCase
+from Testing.ZopeTestCase.PortalTestCase import PortalTestCase
 from AccessControl.SecurityManagement import newSecurityManager
 from AccessControl.SecurityManagement import noSecurityManager
 from Products.ERP5Type.Base import _aq_reset
@@ -1043,6 +1044,35 @@ class TestCMFCategory(ERP5TypeTestCase):
       bc.getCategoryChildTitleItemList(checked_permission=checked_permission,
                                        cache=0))
 
+  def test_28b_getCategoryChildItemList_checked_permission_cache(self):
+    # getCategoryChildTitleItemList take into account user 
+    pc = self.getCategoriesTool()
+
+    bc_id = 'barfoo'
+    bc = pc.newContent(portal_type='Base Category', id=bc_id)
+    a = bc.newContent(portal_type='Category', id='1', title='A')
+    b = bc.newContent(portal_type='Category', id='2', title='B')
+    b1 = b.newContent(portal_type='Category', id='21', title='B1')
+
+    uf = self.getPortal().acl_users
+    uf._doAddUser('alice', '', ['Member', 'Manager', 'Assignor'], [])
+    uf._doAddUser('bob', '', ['Member'], [])
+    login = PortalTestCase.login
+
+    checked_permission = 'View'
+    
+    b.manage_permission(checked_permission, roles=['Assignor'], acquire=0)
+    login(self, 'alice')
+    self.assertEquals(
+      [['', ''], ['A', '1'], ['B', '2'], ['B1', '2/21']],
+      bc.getCategoryChildTitleItemList(checked_permission=checked_permission,))
+    
+    login(self, 'bob')
+    self.assertEquals(
+      [['', ''], ['A', '1']],
+      bc.getCategoryChildTitleItemList(checked_permission=checked_permission,))
+
+
   def test_29_renameBaseCategory(self):
     bc = self.portal.portal_categories.newContent(
                           portal_type='Base Category',