Added comments to explain that some user local roles which generated should...

Added comments to explain that some user local roles which generated should not. Fixed syntax. Added comments to explain the inconsistency in the way proxy roles are handled (ex. for owner) git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@14385 20353a03-c40f-0410-a6d1-a30d3c3de9de

Added comments to explain that some user local roles which generated should...
Added comments to explain that some user local roles which generated should not. Fixed syntax. Added comments to explain the inconsistency in the way proxy roles are handled (ex. for owner) git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@14385 20353a03-c40f-0410-a6d1-a30d3c3de9de
29b5b990 · Jean-Paul Smets · b0f5aa77 · 29b5b990
Commit 29b5b990 authored May 05, 2007 by Jean-Paul Smets
Hide whitespace changes
Inline Side-by-side

Showing with 12 additions and 4 deletions

product/ERP5Catalog/CatalogTool.py product/ERP5Catalog/CatalogTool.py +12 -4

No files found.
--- a/product/ERP5Catalog/CatalogTool.py
+++ b/product/ERP5Catalog/CatalogTool.py
@@ -93,9 +93,14 @@ class IndexableObjectWrapper(CMFCoreIndexableObjectWrapper):

    def allowedRolesAndUsers(self):
        """
-        Return a list of roles and users with
-        View permission.
-        Used by PortalCatalog to filter out items you're not allowed to see.
+        Return a list of roles and users with View permission.
+        Used by Portal Catalog to filter out items you're not allowed to see.
+
+        WARNING (XXX): some user base local role association is currently
+        being stored (ex. to be determined). This should be prevented or it will
+        make the table explode. To analyse the symptoms, look at the
+        user_and_roles table. You will find some user:foo values
+        which are not necessary.
        """
        ob = self.__ob
        security_product = getSecurityProduct(ob.acl_users)
@@ -301,7 +306,7 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
        try:
          # check for proxy role in stack
          eo = getSecurityManager()._context.stack[-1]
-          proxy_roles = getattr(eo,'_proxy_roles',None)
+          proxy_roles = getattr(eo, '_proxy_roles',None)
        except IndexError:
          proxy_roles = None
        if proxy_roles:
@@ -446,6 +451,9 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
        if self.getSQLCatalog().getColumnMap().has_key('owner'):
          if user != SUPER_USER:
            role_column_dict['owner'] = str(user)
+            # XXX this is inconsistent withe "check for proxy role in stack"
+            # in _listAllowedRolesAndUsers. We should use the proxy user
+            # to be consistent

      return allowedRolesAndUsers, role_column_dict