slapos_erp5: Allow user to see events from shared via Project/Organisation

   Since an Support Request is updated by moving an Item to a project/organisation, its related Events should have their security updated too.

master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Acknowledgement.xml

@@ -21,4 +21,22 @@
    <multi_property id='category'>group/company</multi_property>
    <multi_property id='base_category'>group</multi_property>
   </role>
+  <role id='Auditor'>
+   <property id='title'>Organisation Member (Computer)</property>
+   <property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateComputerDestinationSection</property>
+   <multi_property id='categories'>local_role_group/organisation</multi_property>
+   <multi_property id='base_category'>destination_section</multi_property>
+  </role>
+  <role id='Auditor'>
+   <property id='title'>Organisation Member (HS)</property>
+   <property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateDestination</property>
+   <multi_property id='categories'>local_role_group/organisation</multi_property>
+   <multi_property id='base_category'>destination</multi_property>
+  </role>
+  <role id='Auditor'>
+   <property id='title'>Project Member</property>
+   <property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateDestinationProject</property>
+   <multi_property id='categories'>local_role_group/project</multi_property>
+   <multi_property id='base_category'>destination_project</multi_property>
+  </role>
 </type_roles>
\ No newline at end of file

master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Fax%20Message.xml

@@ -2,18 +2,18 @@
   <role id='Auditor'>
    <property id='title'>Customer</property>
    <property id='description'>Monovalued role</property>
-   <property id='condition'>python: here.getSourceValue(portal_type='Person') is not None</property>
+   <property id='condition'>python: here.getDestinationValue(portal_type='Person') is not None</property>
    <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
    <multi_property id='categories'>local_role_group/user</multi_property>
-   <multi_property id='base_category'>source</multi_property>
+   <multi_property id='base_category'>destination</multi_property>
   </role>
   <role id='Auditor'>
-   <property id='title'>Customer Destination</property>
+   <property id='title'>Customer</property>
    <property id='description'>Monovalued role</property>
-   <property id='condition'>python: here.getDestinationValue(portal_type='Person') is not None</property>
+   <property id='condition'>python: here.getSourceValue(portal_type='Person') is not None</property>
    <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
    <multi_property id='categories'>local_role_group/user</multi_property>
-   <multi_property id='base_category'>destination</multi_property>
+   <multi_property id='base_category'>source</multi_property>
   </role>
   <role id='Assignor'>
    <property id='title'>Group company</property>
@@ -21,4 +21,22 @@
    <multi_property id='category'>group/company</multi_property>
    <multi_property id='base_category'>group</multi_property>
   </role>
+  <role id='Auditor'>
+   <property id='title'>Organisation Member (Computer)</property>
+   <property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateComputerDestinationSection</property>
+   <multi_property id='categories'>local_role_group/organisation</multi_property>
+   <multi_property id='base_category'>destination_section</multi_property>
+  </role>
+  <role id='Auditor'>
+   <property id='title'>Organisation Member (HS)</property>
+   <property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateDestination</property>
+   <multi_property id='categories'>local_role_group/organisation</multi_property>
+   <multi_property id='base_category'>destination</multi_property>
+  </role>
+  <role id='Auditor'>
+   <property id='title'>Project Member</property>
+   <property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateDestinationProject</property>
+   <multi_property id='categories'>local_role_group/project</multi_property>
+   <multi_property id='base_category'>destination_project</multi_property>
+  </role>
 </type_roles>
\ No newline at end of file

master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Letter.xml

@@ -2,18 +2,18 @@
   <role id='Auditor'>
    <property id='title'>Customer</property>
    <property id='description'>Monovalued role</property>
-   <property id='condition'>python: here.getSourceValue(portal_type='Person') is not None</property>
+   <property id='condition'>python: here.getDestinationValue(portal_type='Person') is not None</property>
    <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
    <multi_property id='categories'>local_role_group/user</multi_property>
-   <multi_property id='base_category'>source</multi_property>
+   <multi_property id='base_category'>destination</multi_property>
   </role>
   <role id='Auditor'>
-   <property id='title'>Customer Destination</property>
+   <property id='title'>Customer</property>
    <property id='description'>Monovalued role</property>
-   <property id='condition'>python: here.getDestinationValue(portal_type='Person') is not None</property>
+   <property id='condition'>python: here.getSourceValue(portal_type='Person') is not None</property>
    <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
    <multi_property id='categories'>local_role_group/user</multi_property>
-   <multi_property id='base_category'>destination</multi_property>
+   <multi_property id='base_category'>source</multi_property>
   </role>
   <role id='Assignor'>
    <property id='title'>Group company</property>
@@ -21,4 +21,22 @@
    <multi_property id='category'>group/company</multi_property>
    <multi_property id='base_category'>group</multi_property>
   </role>
+  <role id='Auditor'>
+   <property id='title'>Organisation Member (Computer)</property>
+   <property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateComputerDestinationSection</property>
+   <multi_property id='categories'>local_role_group/organisation</multi_property>
+   <multi_property id='base_category'>destination_section</multi_property>
+  </role>
+  <role id='Auditor'>
+   <property id='title'>Organisation Member (HS)</property>
+   <property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateDestination</property>
+   <multi_property id='categories'>local_role_group/organisation</multi_property>
+   <multi_property id='base_category'>destination</multi_property>
+  </role>
+  <role id='Auditor'>
+   <property id='title'>Project Member</property>
+   <property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateDestinationProject</property>
+   <multi_property id='categories'>local_role_group/project</multi_property>
+   <multi_property id='base_category'>destination_project</multi_property>
+  </role>
 </type_roles>
\ No newline at end of file

master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Mail%20Message.xml

@@ -21,4 +21,22 @@
    <multi_property id='category'>group/company</multi_property>
    <multi_property id='base_category'>group</multi_property>
   </role>
+  <role id='Auditor'>
+   <property id='title'>Organisation Member (Computer)</property>
+   <property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateComputerDestinationSection</property>
+   <multi_property id='categories'>local_role_group/organisation</multi_property>
+   <multi_property id='base_category'>destination_section</multi_property>
+  </role>
+  <role id='Auditor'>
+   <property id='title'>Organisation Member (HS)</property>
+   <property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateDestination</property>
+   <multi_property id='categories'>local_role_group/organisation</multi_property>
+   <multi_property id='base_category'>destination</multi_property>
+  </role>
+  <role id='Auditor'>
+   <property id='title'>Project Member</property>
+   <property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateDestinationProject</property>
+   <multi_property id='categories'>local_role_group/project</multi_property>
+   <multi_property id='base_category'>destination_project</multi_property>
+  </role>
 </type_roles>
\ No newline at end of file

master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Note.xml

@@ -2,18 +2,18 @@
   <role id='Auditor'>
    <property id='title'>Customer</property>
    <property id='description'>Monovalued role</property>
-   <property id='condition'>python: here.getSourceValue(portal_type='Person') is not None</property>
+   <property id='condition'>python: here.getDestinationValue(portal_type='Person') is not None</property>
    <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
    <multi_property id='categories'>local_role_group/user</multi_property>
-   <multi_property id='base_category'>source</multi_property>
+   <multi_property id='base_category'>destination</multi_property>
   </role>
   <role id='Auditor'>
-   <property id='title'>Customer Destination</property>
+   <property id='title'>Customer</property>
    <property id='description'>Monovalued role</property>
-   <property id='condition'>python: here.getDestinationValue(portal_type='Person') is not None</property>
+   <property id='condition'>python: here.getSourceValue(portal_type='Person') is not None</property>
    <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
    <multi_property id='categories'>local_role_group/user</multi_property>
-   <multi_property id='base_category'>destination</multi_property>
+   <multi_property id='base_category'>source</multi_property>
   </role>
   <role id='Assignor'>
    <property id='title'>Group company</property>
@@ -21,4 +21,22 @@
    <multi_property id='category'>group/company</multi_property>
    <multi_property id='base_category'>group</multi_property>
   </role>
+  <role id='Auditor'>
+   <property id='title'>Organisation Member (Computer)</property>
+   <property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateComputerDestinationSection</property>
+   <multi_property id='categories'>local_role_group/organisation</multi_property>
+   <multi_property id='base_category'>destination_section</multi_property>
+  </role>
+  <role id='Auditor'>
+   <property id='title'>Organisation Member (HS)</property>
+   <property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateDestination</property>
+   <multi_property id='categories'>local_role_group/organisation</multi_property>
+   <multi_property id='base_category'>destination</multi_property>
+  </role>
+  <role id='Auditor'>
+   <property id='title'>Project Member</property>
+   <property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateDestinationProject</property>
+   <multi_property id='categories'>local_role_group/project</multi_property>
+   <multi_property id='base_category'>destination_project</multi_property>
+  </role>
 </type_roles>
\ No newline at end of file

master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Phone%20Call.xml

@@ -2,18 +2,18 @@
   <role id='Auditor'>
    <property id='title'>Customer</property>
    <property id='description'>Monovalued role</property>
-   <property id='condition'>python: here.getSourceValue(portal_type='Person') is not None</property>
+   <property id='condition'>python: here.getDestinationValue(portal_type='Person') is not None</property>
    <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
    <multi_property id='categories'>local_role_group/user</multi_property>
-   <multi_property id='base_category'>source</multi_property>
+   <multi_property id='base_category'>destination</multi_property>
   </role>
   <role id='Auditor'>
-   <property id='title'>Customer Destination</property>
+   <property id='title'>Customer</property>
    <property id='description'>Monovalued role</property>
-   <property id='condition'>python: here.getDestinationValue(portal_type='Person') is not None</property>
+   <property id='condition'>python: here.getSourceValue(portal_type='Person') is not None</property>
    <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
    <multi_property id='categories'>local_role_group/user</multi_property>
-   <multi_property id='base_category'>destination</multi_property>
+   <multi_property id='base_category'>source</multi_property>
   </role>
   <role id='Assignor'>
    <property id='title'>Group company</property>
@@ -21,4 +21,22 @@
    <multi_property id='category'>group/company</multi_property>
    <multi_property id='base_category'>group</multi_property>
   </role>
+  <role id='Auditor'>
+   <property id='title'>Organisation Member (Computer)</property>
+   <property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateComputerDestinationSection</property>
+   <multi_property id='categories'>local_role_group/organisation</multi_property>
+   <multi_property id='base_category'>destination_section</multi_property>
+  </role>
+  <role id='Auditor'>
+   <property id='title'>Organisation Member (HS)</property>
+   <property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateDestination</property>
+   <multi_property id='categories'>local_role_group/organisation</multi_property>
+   <multi_property id='base_category'>destination</multi_property>
+  </role>
+  <role id='Auditor'>
+   <property id='title'>Project Member</property>
+   <property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateDestinationProject</property>
+   <multi_property id='categories'>local_role_group/project</multi_property>
+   <multi_property id='base_category'>destination_project</multi_property>
+  </role>
 </type_roles>
\ No newline at end of file

master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Short%20Message.xml

@@ -2,18 +2,18 @@
   <role id='Auditor'>
    <property id='title'>Customer</property>
    <property id='description'>Monovalued role</property>
-   <property id='condition'>python: here.getSourceValue(portal_type='Person') is not None</property>
+   <property id='condition'>python: here.getDestinationValue(portal_type='Person') is not None</property>
    <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
    <multi_property id='categories'>local_role_group/user</multi_property>
-   <multi_property id='base_category'>source</multi_property>
+   <multi_property id='base_category'>destination</multi_property>
   </role>
   <role id='Auditor'>
-   <property id='title'>Customer Destination</property>
+   <property id='title'>Customer</property>
    <property id='description'>Monovalued role</property>
-   <property id='condition'>python: here.getDestinationValue(portal_type='Person') is not None</property>
+   <property id='condition'>python: here.getSourceValue(portal_type='Person') is not None</property>
    <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
    <multi_property id='categories'>local_role_group/user</multi_property>
-   <multi_property id='base_category'>destination</multi_property>
+   <multi_property id='base_category'>source</multi_property>
   </role>
   <role id='Assignor'>
    <property id='title'>Group company</property>
@@ -21,4 +21,22 @@
    <multi_property id='category'>group/company</multi_property>
    <multi_property id='base_category'>group</multi_property>
   </role>
+  <role id='Auditor'>
+   <property id='title'>Organisation Member (Computer)</property>
+   <property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateComputerDestinationSection</property>
+   <multi_property id='categories'>local_role_group/organisation</multi_property>
+   <multi_property id='base_category'>destination_section</multi_property>
+  </role>
+  <role id='Auditor'>
+   <property id='title'>Organisation Member (HS)</property>
+   <property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateDestination</property>
+   <multi_property id='categories'>local_role_group/organisation</multi_property>
+   <multi_property id='base_category'>destination</multi_property>
+  </role>
+  <role id='Auditor'>
+   <property id='title'>Project Member</property>
+   <property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateDestinationProject</property>
+   <multi_property id='categories'>local_role_group/project</multi_property>
+   <multi_property id='base_category'>destination_project</multi_property>
+  </role>
 </type_roles>
\ No newline at end of file

master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Site%20Message.xml

@@ -21,4 +21,22 @@
    <multi_property id='category'>group/company</multi_property>
    <multi_property id='base_category'>group</multi_property>
   </role>
+  <role id='Auditor'>
+   <property id='title'>Organisation Member (Computer)</property>
+   <property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateComputerDestinationSection</property>
+   <multi_property id='categories'>local_role_group/organisation</multi_property>
+   <multi_property id='base_category'>destination_section</multi_property>
+  </role>
+  <role id='Auditor'>
+   <property id='title'>Organisation Member (HS)</property>
+   <property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateDestination</property>
+   <multi_property id='categories'>local_role_group/organisation</multi_property>
+   <multi_property id='base_category'>destination</multi_property>
+  </role>
+  <role id='Auditor'>
+   <property id='title'>Project Member</property>
+   <property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateDestinationProject</property>
+   <multi_property id='categories'>local_role_group/project</multi_property>
+   <multi_property id='base_category'>destination_project</multi_property>
+  </role>
 </type_roles>
\ No newline at end of file

master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Visit.xml

@@ -2,18 +2,18 @@
   <role id='Auditor'>
    <property id='title'>Customer</property>
    <property id='description'>Monovalued role</property>
-   <property id='condition'>python: here.getSourceValue(portal_type='Person') is not None</property>
+   <property id='condition'>python: here.getDestinationValue(portal_type='Person') is not None</property>
    <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
    <multi_property id='categories'>local_role_group/user</multi_property>
-   <multi_property id='base_category'>source</multi_property>
+   <multi_property id='base_category'>destination</multi_property>
   </role>
   <role id='Auditor'>
-   <property id='title'>Customer Destination</property>
+   <property id='title'>Customer</property>
    <property id='description'>Monovalued role</property>
-   <property id='condition'>python: here.getDestinationValue(portal_type='Person') is not None</property>
+   <property id='condition'>python: here.getSourceValue(portal_type='Person') is not None</property>
    <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
    <multi_property id='categories'>local_role_group/user</multi_property>
-   <multi_property id='base_category'>destination</multi_property>
+   <multi_property id='base_category'>source</multi_property>
   </role>
   <role id='Assignor'>
    <property id='title'>Group company</property>
@@ -21,4 +21,22 @@
    <multi_property id='category'>group/company</multi_property>
    <multi_property id='base_category'>group</multi_property>
   </role>
+  <role id='Auditor'>
+   <property id='title'>Organisation Member (Computer)</property>
+   <property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateComputerDestinationSection</property>
+   <multi_property id='categories'>local_role_group/organisation</multi_property>
+   <multi_property id='base_category'>destination_section</multi_property>
+  </role>
+  <role id='Auditor'>
+   <property id='title'>Organisation Member (HS)</property>
+   <property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateDestination</property>
+   <multi_property id='categories'>local_role_group/organisation</multi_property>
+   <multi_property id='base_category'>destination</multi_property>
+  </role>
+  <role id='Auditor'>
+   <property id='title'>Project Member</property>
+   <property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateDestinationProject</property>
+   <multi_property id='categories'>local_role_group/project</multi_property>
+   <multi_property id='base_category'>destination_project</multi_property>
+  </role>
 </type_roles>
\ No newline at end of file

master/bt5/slapos_erp5/PortalTypeRolesTemplateItem/Web%20Message.xml

@@ -2,18 +2,18 @@
   <role id='Auditor'>
    <property id='title'>Customer</property>
    <property id='description'>Monovalued role</property>
-   <property id='condition'>python: here.getSourceValue(portal_type='Person') is not None</property>
+   <property id='condition'>python: here.getDestinationValue(portal_type='Person') is not None</property>
    <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
    <multi_property id='categories'>local_role_group/user</multi_property>
-   <multi_property id='base_category'>source</multi_property>
+   <multi_property id='base_category'>destination</multi_property>
   </role>
   <role id='Auditor'>
-   <property id='title'>Customer (Destination)</property>
+   <property id='title'>Customer</property>
    <property id='description'>Monovalued role</property>
-   <property id='condition'>python: here.getDestinationValue(portal_type='Person') is not None</property>
+   <property id='condition'>python: here.getSourceValue(portal_type='Person') is not None</property>
    <property id='base_category_script'>ERP5Type_getSecurityCategoryFromContent</property>
    <multi_property id='categories'>local_role_group/user</multi_property>
-   <multi_property id='base_category'>destination</multi_property>
+   <multi_property id='base_category'>source</multi_property>
   </role>
   <role id='Assignor'>
    <property id='title'>Group company</property>
@@ -22,10 +22,21 @@
    <multi_property id='base_category'>group</multi_property>
   </role>
   <role id='Auditor'>
-   <property id='title'>Member can see template</property>
-   <property id='condition'>python: here.getRelativeUrl() == here.getPortalObject().portal_preferences.getPreferredWebMessageTemplate()</property>
-   <multi_property id='categories'>local_role_group/user</multi_property>
-   <multi_property id='category'>role/member</multi_property>
-   <multi_property id='base_category'>role</multi_property>
+   <property id='title'>Organisation Member (Computer)</property>
+   <property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateComputerDestinationSection</property>
+   <multi_property id='categories'>local_role_group/organisation</multi_property>
+   <multi_property id='base_category'>destination_section</multi_property>
+  </role>
+  <role id='Auditor'>
+   <property id='title'>Organisation Member (HS)</property>
+   <property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateDestination</property>
+   <multi_property id='categories'>local_role_group/organisation</multi_property>
+   <multi_property id='base_category'>destination</multi_property>
+  </role>
+  <role id='Auditor'>
+   <property id='title'>Project Member</property>
+   <property id='base_category_script'>Event_getSecurityCategoryFromMovementFollowUpAggregateDestinationProject</property>
+   <multi_property id='categories'>local_role_group/project</multi_property>
+   <multi_property id='base_category'>destination_project</multi_property>
   </role>
 </type_roles>
\ No newline at end of file

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/Base_updateSlapOSLocalRolesOnSecurityGroups.py

+from zExceptions import Unauthorized
+if REQUEST is not None:
+  raise Unauthorized
+  
+context.updateLocalRolesOnSecurityGroups()
+
+if context.getPortalType() in ['Support Request', 'Upgrade Decision']:
+  portal = context.getPortalObject()
+
+  if activate_kw is None:
+    activate_kw = {}
+
+  portal.portal_catalog.searchAndActivate(
+    portal_type=portal.getPortalEventTypeList(),
+    follow_up__uid=context.getUid(),
+    method_id="updateLocalRolesOnSecurityGroups",
+    activate_kw=activate_kw
+  )

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/Base_updateSlapOSLocalRolesOnSecurityGroups.xml

+<?xml version="1.0"?>
+<ZopeData>
+  <record id="1" aka="AAAAAAAAAAE=">
+    <pickle>
+      <global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>Script_magic</string> </key>
+            <value> <int>3</int> </value>
+        </item>
+        <item>
+            <key> <string>_bind_names</string> </key>
+            <value>
+              <object>
+                <klass>
+                  <global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
+                </klass>
+                <tuple/>
+                <state>
+                  <dictionary>
+                    <item>
+                        <key> <string>_asgns</string> </key>
+                        <value>
+                          <dictionary>
+                            <item>
+                                <key> <string>name_container</string> </key>
+                                <value> <string>container</string> </value>
+                            </item>
+                            <item>
+                                <key> <string>name_context</string> </key>
+                                <value> <string>context</string> </value>
+                            </item>
+                            <item>
+                                <key> <string>name_m_self</string> </key>
+                                <value> <string>script</string> </value>
+                            </item>
+                            <item>
+                                <key> <string>name_subpath</string> </key>
+                                <value> <string>traverse_subpath</string> </value>
+                            </item>
+                          </dictionary>
+                        </value>
+                    </item>
+                  </dictionary>
+                </state>
+              </object>
+            </value>
+        </item>
+        <item>
+            <key> <string>_params</string> </key>
+            <value> <string>activate_kw=None, REQUEST=None, **kw</string> </value>
+        </item>
+        <item>
+            <key> <string>_proxy_roles</string> </key>
+            <value>
+              <tuple>
+                <string>Manager</string>
+              </tuple>
+            </value>
+        </item>
+        <item>
+            <key> <string>id</string> </key>
+            <value> <string>Base_updateSlapOSLocalRolesOnSecurityGroups</string> </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+</ZopeData>

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/Event_getSecurityCategoryFromMovementFollowUpAggregateComputerDestinationSection.py

+"""
+This script returns a list of dictionaries which represent
+the security groups which a person is member of. It extracts
+the categories from the current content. It is useful in the
+following cases:
+
+- calculate a security group based on a given
+  category of the current object (ex. group). This
+  is used for example in ERP5 DMS to calculate
+  document security.
+
+- assign local roles to a document based on
+  the person which the object related to through
+  a given base category (ex. destination). This
+  is used for example in ERP5 Project to calculate
+  Task / Task Report security.
+
+The parameters are
+
+  base_category_list -- list of category values we need to retrieve
+  user_name          -- string obtained from getSecurityManager().getUser().getId()
+  object             -- object which we want to assign roles to
+  portal_type        -- portal type of object
+
+NOTE: for now, this script requires proxy manager
+"""
+
+category_list = []
+
+if obj is None:
+  return []
+
+# Object here is a event
+ticket = obj.getFollowUpValue()
+if ticket is None:
+  return []
+
+aggregate_value = ticket.getAggregateValue()
+if aggregate_value is None:
+  return []
+
+# Only proceed if aggregate is a Computer
+if aggregate_value.getPortalType() != "Computer":
+  return []
+
+# Object on this case can be Hosting Subscription, Computer, or Computer Network
+organisation = aggregate_value.Item_getCurrentOwnerValue()
+if organisation is not None and \
+  organisation.getPortalType() == "Organisation":
+  category_list.append({'destination_section': [organisation.getRelativeUrl()]})
+
+return category_list

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/Event_getSecurityCategoryFromMovementFollowUpAggregateComputerDestinationSection.xml

+<?xml version="1.0"?>
+<ZopeData>
+  <record id="1" aka="AAAAAAAAAAE=">
+    <pickle>
+      <global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>Script_magic</string> </key>
+            <value> <int>3</int> </value>
+        </item>
+        <item>
+            <key> <string>_bind_names</string> </key>
+            <value>
+              <object>
+                <klass>
+                  <global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
+                </klass>
+                <tuple/>
+                <state>
+                  <dictionary>
+                    <item>
+                        <key> <string>_asgns</string> </key>
+                        <value>
+                          <dictionary>
+                            <item>
+                                <key> <string>name_container</string> </key>
+                                <value> <string>container</string> </value>
+                            </item>
+                            <item>
+                                <key> <string>name_context</string> </key>
+                                <value> <string>context</string> </value>
+                            </item>
+                            <item>
+                                <key> <string>name_m_self</string> </key>
+                                <value> <string>script</string> </value>
+                            </item>
+                            <item>
+                                <key> <string>name_subpath</string> </key>
+                                <value> <string>traverse_subpath</string> </value>
+                            </item>
+                          </dictionary>
+                        </value>
+                    </item>
+                  </dictionary>
+                </state>
+              </object>
+            </value>
+        </item>
+        <item>
+            <key> <string>_params</string> </key>
+            <value> <string>base_category_list, user_name, obj, portal_type</string> </value>
+        </item>
+        <item>
+            <key> <string>_proxy_roles</string> </key>
+            <value>
+              <tuple>
+                <string>Manager</string>
+              </tuple>
+            </value>
+        </item>
+        <item>
+            <key> <string>id</string> </key>
+            <value> <string>Event_getSecurityCategoryFromMovementFollowUpAggregateComputerDestinationSection</string> </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+</ZopeData>

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/Event_getSecurityCategoryFromMovementFollowUpAggregateDestination.py

+"""
+This script returns a list of dictionaries which represent
+the security groups which a person is member of. It extracts
+the categories from the current content. It is useful in the
+following cases:
+
+- calculate a security group based on a given
+  category of the current object (ex. group). This
+  is used for example in ERP5 DMS to calculate
+  document security.
+
+- assign local roles to a document based on
+  the person which the object related to through
+  a given base category (ex. destination). This
+  is used for example in ERP5 Project to calculate
+  Task / Task Report security.
+
+The parameters are
+
+  base_category_list -- list of category values we need to retrieve
+  user_name          -- string obtained from getSecurityManager().getUser().getId()
+  object             -- object which we want to assign roles to
+  portal_type        -- portal type of object
+
+NOTE: for now, this script requires proxy manager
+"""
+
+category_list = []
+
+if obj is None:
+  return []
+
+# Object here is a event
+ticket = obj.getFollowUpValue()
+if ticket is None:
+  return []
+
+aggregate_value = ticket.getAggregateValue()
+if aggregate_value is None:
+  return []
+
+# Limit the scope arround Hosting subscription otherwise we
+# Leak security on the Computers placed on the same site.
+if aggregate_value.getPortalType() != "Hosting Subscription":
+  return []
+
+organisation = aggregate_value.Item_getCurrentSiteValue()
+if organisation is not None and \
+  organisation.getPortalType() == "Organisation":
+  category_list.append({'destination': [organisation.getRelativeUrl()]})
+
+return category_list

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/Event_getSecurityCategoryFromMovementFollowUpAggregateDestination.xml

+<?xml version="1.0"?>
+<ZopeData>
+  <record id="1" aka="AAAAAAAAAAE=">
+    <pickle>
+      <global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>Script_magic</string> </key>
+            <value> <int>3</int> </value>
+        </item>
+        <item>
+            <key> <string>_bind_names</string> </key>
+            <value>
+              <object>
+                <klass>
+                  <global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
+                </klass>
+                <tuple/>
+                <state>
+                  <dictionary>
+                    <item>
+                        <key> <string>_asgns</string> </key>
+                        <value>
+                          <dictionary>
+                            <item>
+                                <key> <string>name_container</string> </key>
+                                <value> <string>container</string> </value>
+                            </item>
+                            <item>
+                                <key> <string>name_context</string> </key>
+                                <value> <string>context</string> </value>
+                            </item>
+                            <item>
+                                <key> <string>name_m_self</string> </key>
+                                <value> <string>script</string> </value>
+                            </item>
+                            <item>
+                                <key> <string>name_subpath</string> </key>
+                                <value> <string>traverse_subpath</string> </value>
+                            </item>
+                          </dictionary>
+                        </value>
+                    </item>
+                  </dictionary>
+                </state>
+              </object>
+            </value>
+        </item>
+        <item>
+            <key> <string>_params</string> </key>
+            <value> <string>base_category_list, user_name, obj, portal_type</string> </value>
+        </item>
+        <item>
+            <key> <string>_proxy_roles</string> </key>
+            <value>
+              <tuple>
+                <string>Manager</string>
+              </tuple>
+            </value>
+        </item>
+        <item>
+            <key> <string>id</string> </key>
+            <value> <string>Event_getSecurityCategoryFromMovementFollowUpAggregateDestination</string> </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+</ZopeData>

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/Event_getSecurityCategoryFromMovementFollowUpAggregateDestinationProject.py

+"""
+This script returns a list of dictionaries which represent
+the security groups which a person is member of. It extracts
+the categories from the current content. It is useful in the
+following cases:
+
+- calculate a security group based on a given
+  category of the current object (ex. group). This
+  is used for example in ERP5 DMS to calculate
+  document security.
+
+- assign local roles to a document based on
+  the person which the object related to through
+  a given base category (ex. destination). This
+  is used for example in ERP5 Project to calculate
+  Task / Task Report security.
+
+The parameters are
+
+  base_category_list -- list of category values we need to retrieve
+  user_name          -- string obtained from getSecurityManager().getUser().getId()
+  object             -- object which we want to assign roles to
+  portal_type        -- portal type of object
+
+NOTE: for now, this script requires proxy manager
+"""
+
+category_list = []
+
+if obj is None:
+  return []
+
+# Object here is a event
+ticket = obj.getFollowUpValue()
+if ticket is None:
+  return []
+
+aggregate_value = ticket.getAggregateValue()
+if aggregate_value is None:
+  return []
+
+# Object on this case can be Hosting Subscription, Computer, or Computer Network
+project = aggregate_value.Item_getCurrentProjectValue()
+if project is not None:
+  category_list.append({'destination_project': [project.getRelativeUrl()]})
+
+return category_list

master/bt5/slapos_erp5/SkinTemplateItem/portal_skins/slapos_core/Event_getSecurityCategoryFromMovementFollowUpAggregateDestinationProject.xml

+<?xml version="1.0"?>
+<ZopeData>
+  <record id="1" aka="AAAAAAAAAAE=">
+    <pickle>
+      <global name="PythonScript" module="Products.PythonScripts.PythonScript"/>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>Script_magic</string> </key>
+            <value> <int>3</int> </value>
+        </item>
+        <item>
+            <key> <string>_bind_names</string> </key>
+            <value>
+              <object>
+                <klass>
+                  <global name="NameAssignments" module="Shared.DC.Scripts.Bindings"/>
+                </klass>
+                <tuple/>
+                <state>
+                  <dictionary>
+                    <item>
+                        <key> <string>_asgns</string> </key>
+                        <value>
+                          <dictionary>
+                            <item>
+                                <key> <string>name_container</string> </key>
+                                <value> <string>container</string> </value>
+                            </item>
+                            <item>
+                                <key> <string>name_context</string> </key>
+                                <value> <string>context</string> </value>
+                            </item>
+                            <item>
+                                <key> <string>name_m_self</string> </key>
+                                <value> <string>script</string> </value>
+                            </item>
+                            <item>
+                                <key> <string>name_subpath</string> </key>
+                                <value> <string>traverse_subpath</string> </value>
+                            </item>
+                          </dictionary>
+                        </value>
+                    </item>
+                  </dictionary>
+                </state>
+              </object>
+            </value>
+        </item>
+        <item>
+            <key> <string>_params</string> </key>
+            <value> <string>base_category_list, user_name, obj, portal_type</string> </value>
+        </item>
+        <item>
+            <key> <string>_proxy_roles</string> </key>
+            <value>
+              <tuple>
+                <string>Manager</string>
+              </tuple>
+            </value>
+        </item>
+        <item>
+            <key> <string>id</string> </key>
+            <value> <string>Event_getSecurityCategoryFromMovementFollowUpAggregateDestinationProject</string> </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+</ZopeData>

master/bt5/slapos_erp5/WorkflowTemplateItem/portal_workflow/local_permission_slapos_interaction_workflow/scripts/InternalPackingListLine_updateAggregateLocalRoles.py

@@ -11,7 +11,8 @@ for object_ in internal_packing_list_line.getAggregateValueList(portal_type=port
     portal.portal_catalog.searchAndActivate(
       portal_type=["Software Installation", "Support Request","Upgrade Decision"],
       default_or_child_aggregate_uid=object_.getUid(),
-      method_id="updateLocalRolesOnSecurityGroups",
+      method_id="Base_updateSlapOSLocalRolesOnSecurityGroups",
+      method_kw=dict(activate_kw={"after_path_and_method_id": after_tag}),
       activate_kw={"after_path_and_method_id": after_tag}
     )
     
@@ -29,6 +30,7 @@ for object_ in internal_packing_list_line.getAggregateValueList(portal_type=port
     )
     portal.portal_catalog.searchAndActivate(
       query=query,
-      method_id="updateLocalRolesOnSecurityGroups",
+      method_id="Base_updateSlapOSLocalRolesOnSecurityGroups",
+      method_kw=dict(activate_kw={"after_path_and_method_id": after_tag}),
       activate_kw={"after_path_and_method_id": after_tag}
     )