Don't take into account the owner when called by a script with proxy roles,

because roles from the proxy roles might be less than the user's roles. git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@15747 20353a03-c40f-0410-a6d1-a30d3c3de9de

Don't take into account the owner when called by a script with proxy roles,
because roles from the proxy roles might be less than the user's roles. git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@15747 20353a03-c40f-0410-a6d1-a30d3c3de9de
5e91f068 · Jérome Perrin · f2049b2d · 5e91f068
Commit 5e91f068 authored Aug 20, 2007 by Jérome Perrin
Hide whitespace changes
Inline Side-by-side

Showing with 7 additions and 4 deletions

product/ERP5Catalog/CatalogTool.py product/ERP5Catalog/CatalogTool.py +7 -4

No files found.
--- a/product/ERP5Catalog/CatalogTool.py
+++ b/product/ERP5Catalog/CatalogTool.py
@@ -454,10 +454,13 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
        # which was not indexed
        if 'owner' in column_map:
          if not user_is_superuser:
-            role_column_dict['owner'] = user_str
-            # XXX this is inconsistent withe "check for proxy role in stack"
-            # in _listAllowedRolesAndUsers. We should use the proxy user
-            # to be consistent
+            try:
+              # if called by an executable with proxy roles, we don't use
+              # owner, but only roles from the proxy.
+              eo = getSecurityManager()._context.stack[-1]
+              proxy_roles = getattr(eo, '_proxy_roles',None)
+            except IndexError:
+              role_column_dict['owner'] = user_str

      return allowedRolesAndUsers, role_column_dict