Skip to content

erp5
erp5
Commit 430f6301 authored by Jean-Paul Smets's avatar Jean-Paul Smets
Browse files
Options

Factored allowedLocalRoles in unique method 


git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@5217 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent 913f3a8c
Hide whitespace changes
Inline Side-by-side
Showing with 6 additions and 37 deletions
product/ERP5Catalog/CatalogTool.py
View file @ 430f6301
......@@ -330,8 +330,12 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
def getAllowedRolesAndUsers(self, **kw):
"""
Return allowed roles and users.
This is supposed to be used with Z SQL Methods to check permissions
when you list up documents.
when you list up documents. It is also able to take into account
a parameter named local_roles so that list documents only include
those documents for which the user (or the group) was
associated one of the given local roles.
"""
user = _getAuthenticatedUser(self)
allowedRolesAndUsers = self._listAllowedRolesAndUsers(user)
......@@ -339,6 +343,7 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
# Patch for ERP5 by JP Smets in order
# to implement worklists and search of local roles
if kw.has_key('local_roles'):
# XXX user is not enough - we should also include groups of the user
# Only consider local_roles if it is not empty
if kw['local_roles'] != '' and kw['local_roles'] != [] and kw['local_roles'] is not None:
local_roles = kw['local_roles']
......@@ -362,24 +367,6 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
"""
kw[ 'allowedRolesAndUsers' ] = self.getAllowedRolesAndUsers(**kw) # XXX allowedRolesAndUsers naming is wrong
# Patch for ERP5 by JP Smets in order
# to implement worklists and search of local roles
# This allows for displaying results based on local roles
# rather than based on view permissions
if kw.has_key('local_roles'):
# XXX user is not enough - we should also include groups of the user
user = _getAuthenticatedUser(self)
# Only consider local_roles if it is not empty
if kw['local_roles'] != '' and kw['local_roles'] != [] and kw['local_roles'] is not None:
local_roles = kw['local_roles']
# Turn it into a list if necessary according to ';' separator
if type(local_roles) == type('a'):
local_roles = local_roles.split(';')
# Local roles now has precedence (since it comes from a WorkList)
kw[ 'allowedRolesAndUsers' ] = []
for role in local_roles:
kw[ 'allowedRolesAndUsers' ].append('user:%s:%s' % (user, role))
if not _checkPermission(
CMFCorePermissions.AccessInactivePortalContent, self ):
base = aq_base( self )
......@@ -402,24 +389,6 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
limit the results to what the user is allowed to see.
"""
kw[ 'allowedRolesAndUsers' ] = self.getAllowedRolesAndUsers(**kw) # XXX allowedRolesAndUsers naming is wrong
# Patch for ERP5 by JP Smets in order
# to implement worklists and search of local roles
# This allows for counting results based on local roles
# rather than based on view permissions
if kw.has_key('local_roles'):
# XXX user is not enough - we should also include groups of the user
user = _getAuthenticatedUser(self)
# Only consider local_roles if it is not empty
if kw['local_roles'] != '' and kw['local_roles'] != [] and kw['local_roles'] is not None:
local_roles = kw['local_roles']
# Turn it into a list if necessary according to ';' separator
if type(local_roles) == type('a'):
local_roles = local_roles.split(';')
# Local roles now has precedence (since it comes from a WorkList)
kw[ 'allowedRolesAndUsers' ] = []
for role in local_roles:
kw[ 'allowedRolesAndUsers' ].append('user:%s:%s' % (user, role))
# Forget about permissions in statistics
# (we should not count lines more than once with statistic expressions)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment
GitLab Nexedi Edition | About GitLab | About Nexedi | 沪ICP备2021021310号-2 | 沪ICP备2021021310号-7