Commit 84151ada authored by Jérome Perrin's avatar Jérome Perrin

install unrestricted security manager before getting person role, as it may be...

install unrestricted security manager before getting person role, as it may be set on subordination Organisation, which we will not be able to access with Anonymous User's security manager

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@6346 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent 07f20256
......@@ -90,9 +90,15 @@ class ERP5UserManager(BasePlugin):
user = user_list[0]
if pw_validate(user.getPassword(), password) and\
user.getCareerRole() == 'internal':
return login, login # use same for user_id and login
sm = getSecurityManager()
if sm.getUser() != SUPER_USER:
newSecurityManager(self, self.getUser(SUPER_USER))
try:
if pw_validate(user.getPassword(), password) and\
user.getCareerRole() == 'internal':
return login, login # use same for user_id and login
finally:
setSecurityManager(sm)
return None
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment