ERP5Security: make login_list empty for SUPER_USER who has no login.

product/ERP5Security/ERP5LoginUserManager.py

@@ -193,11 +193,6 @@ class ERP5LoginUserManager(BasePlugin):
           login_dict.setdefault(login['parent_uid'], []).append(login)
       if has_super_user:
         user_list.append({'uid': None, 'path': None, 'reference': SUPER_USER})
-        login_dict[None] = [{
-          'reference': SUPER_USER,
-          'path': None,
-          'uid': None,
-        }]
     else:
       if isinstance(login, str):
         login = (login, )

product/ERP5Security/ERP5UserManager.py

@@ -271,13 +271,13 @@ class ERP5UserManager(BasePlugin):
 
         # Extra properties, specific to ERP5
         'path': user['path'],
-        'login_list': [
+        'login_list': user['path'] and [
           {
             'reference': user['reference'],
             'path': user['path'],
             'uid': user['uid'],
           }
-        ],
+        ] or [],
       }
       for user in user_list
     ])

[Kazuhiko Shiozaki]

@vpelletier can you confirm if the following result with this change is fine ? See also 92bf4a58.

ipdb> pp self.portal.acl_users.searchUsers(id=SUPER_USER)
({'id': '__erp5security-=__',
  'login': None,
  'login_list': [],
  'path': None,
  'pluginid': 'erp5_login_users',
  'principal_type': 'user',
  'title': None,
  'userid': '__erp5security-=__'},
 {'id': '__erp5security-=__',
  'login': '__erp5security-=__',
  'login_list': [],
  'path': None,
  'pluginid': 'erp5_users',
  'principal_type': 'user',
  'title': '__erp5security-=__',
  'userid': '__erp5security-=__'})

[Vincent Pelletier]

Looks good to me, yes.

Of course, ideally erp5_users should be disabled, but that's another question.