Commit 5e91f068 authored by Jérome Perrin's avatar Jérome Perrin

Don't take into account the owner when called by a script with proxy roles,

because roles from the proxy roles might be less than the user's roles.



git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@15747 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent f2049b2d
...@@ -454,10 +454,13 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject): ...@@ -454,10 +454,13 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
# which was not indexed # which was not indexed
if 'owner' in column_map: if 'owner' in column_map:
if not user_is_superuser: if not user_is_superuser:
try:
# if called by an executable with proxy roles, we don't use
# owner, but only roles from the proxy.
eo = getSecurityManager()._context.stack[-1]
proxy_roles = getattr(eo, '_proxy_roles',None)
except IndexError:
role_column_dict['owner'] = user_str role_column_dict['owner'] = user_str
# XXX this is inconsistent withe "check for proxy role in stack"
# in _listAllowedRolesAndUsers. We should use the proxy user
# to be consistent
return allowedRolesAndUsers, role_column_dict return allowedRolesAndUsers, role_column_dict
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment