From a70f986a70b8f25fc464aca1206f70fe5b052f36 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=A9rome=20Perrin?= <jerome@nexedi.com>
Date: Fri, 7 Apr 2006 09:28:16 +0000
Subject: [PATCH] Set security on assignment workflow (Assignor role is now
 required to open an assignment)

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@6489 20353a03-c40f-0410-a6d1-a30d3c3de9de
---
 .../assignment_workflow/states/open.xml       | 48 +++++++++++++++++++
 .../transitions/cancel_action.xml             | 26 +++++++++-
 .../transitions/open_action.xml               | 26 +++++++++-
 bt5/erp5_base/bt/change_log                   |  3 ++
 4 files changed, 101 insertions(+), 2 deletions(-)

diff --git a/bt5/erp5_base/WorkflowTemplateItem/portal_workflow/assignment_workflow/states/open.xml b/bt5/erp5_base/WorkflowTemplateItem/portal_workflow/assignment_workflow/states/open.xml
index 1a60ad90fe..d493657aa7 100644
--- a/bt5/erp5_base/WorkflowTemplateItem/portal_workflow/assignment_workflow/states/open.xml
+++ b/bt5/erp5_base/WorkflowTemplateItem/portal_workflow/assignment_workflow/states/open.xml
@@ -26,6 +26,12 @@
             <key> <string>id</string> </key>
             <value> <string>open</string> </value>
         </item>
+        <item>
+            <key> <string>permission_roles</string> </key>
+            <value>
+              <persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
+            </value>
+        </item>
         <item>
             <key> <string>title</string> </key>
             <value> <string>Open</string> </value>
@@ -44,4 +50,46 @@
       </dictionary>
     </pickle>
   </record>
+  <record id="2" aka="AAAAAAAAAAI=">
+    <pickle>
+      <tuple>
+        <tuple>
+          <string>Persistence</string>
+          <string>PersistentMapping</string>
+        </tuple>
+        <none/>
+      </tuple>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>_container</string> </key>
+            <value>
+              <dictionary>
+                <item>
+                    <key> <string>Access contents information</string> </key>
+                    <value>
+                      <list/>
+                    </value>
+                </item>
+                <item>
+                    <key> <string>Modify portal content</string> </key>
+                    <value>
+                      <tuple>
+                        <string>Manager</string>
+                      </tuple>
+                    </value>
+                </item>
+                <item>
+                    <key> <string>View</string> </key>
+                    <value>
+                      <list/>
+                    </value>
+                </item>
+              </dictionary>
+            </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
 </ZopeData>
diff --git a/bt5/erp5_base/WorkflowTemplateItem/portal_workflow/assignment_workflow/transitions/cancel_action.xml b/bt5/erp5_base/WorkflowTemplateItem/portal_workflow/assignment_workflow/transitions/cancel_action.xml
index b8d35474fc..c2daae906f 100644
--- a/bt5/erp5_base/WorkflowTemplateItem/portal_workflow/assignment_workflow/transitions/cancel_action.xml
+++ b/bt5/erp5_base/WorkflowTemplateItem/portal_workflow/assignment_workflow/transitions/cancel_action.xml
@@ -41,7 +41,7 @@
         <item>
             <key> <string>guard</string> </key>
             <value>
-              <none/>
+              <persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
             </value>
         </item>
         <item>
@@ -67,4 +67,28 @@
       </dictionary>
     </pickle>
   </record>
+  <record id="2" aka="AAAAAAAAAAI=">
+    <pickle>
+      <tuple>
+        <tuple>
+          <string>Products.DCWorkflow.Guard</string>
+          <string>Guard</string>
+        </tuple>
+        <none/>
+      </tuple>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>roles</string> </key>
+            <value>
+              <tuple>
+                <string>Assignor</string>
+                <string>Manager</string>
+              </tuple>
+            </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
 </ZopeData>
diff --git a/bt5/erp5_base/WorkflowTemplateItem/portal_workflow/assignment_workflow/transitions/open_action.xml b/bt5/erp5_base/WorkflowTemplateItem/portal_workflow/assignment_workflow/transitions/open_action.xml
index b500add2f0..e73bd0bc28 100644
--- a/bt5/erp5_base/WorkflowTemplateItem/portal_workflow/assignment_workflow/transitions/open_action.xml
+++ b/bt5/erp5_base/WorkflowTemplateItem/portal_workflow/assignment_workflow/transitions/open_action.xml
@@ -41,7 +41,7 @@
         <item>
             <key> <string>guard</string> </key>
             <value>
-              <none/>
+              <persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
             </value>
         </item>
         <item>
@@ -67,4 +67,28 @@
       </dictionary>
     </pickle>
   </record>
+  <record id="2" aka="AAAAAAAAAAI=">
+    <pickle>
+      <tuple>
+        <tuple>
+          <string>Products.DCWorkflow.Guard</string>
+          <string>Guard</string>
+        </tuple>
+        <none/>
+      </tuple>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>roles</string> </key>
+            <value>
+              <tuple>
+                <string>Assignor</string>
+                <string>Manager</string>
+              </tuple>
+            </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
 </ZopeData>
diff --git a/bt5/erp5_base/bt/change_log b/bt5/erp5_base/bt/change_log
index 0e52253cc5..3b7876165f 100644
--- a/bt5/erp5_base/bt/change_log
+++ b/bt5/erp5_base/bt/change_log
@@ -1,3 +1,6 @@
+2006-04-07 aurel, jerome
+* Set security on assignment workflow (Assignor role is now required to open an assignment)
+
 2006-03-30 romain
 * fix action priority on credit card.
 
-- 
2.30.9