From feeef104036e0ff4ffb107d91872c8c775db13df Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Aur=C3=A9lien=20Calonne?= <aurel@nexedi.com>
Date: Tue, 26 Jun 2007 13:52:03 +0000
Subject: [PATCH] * change security for manual validation * better message when
 validation failed

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@14980 20353a03-c40f-0410-a6d1-a30d3c3de9de
---
 .../scripts/validateConsistency.xml           | 16 +++-
 .../check_deposit_workflow/states/ordered.xml |  2 -
 .../check_deposit_workflow/states/waiting.xml |  4 +-
 .../transitions/accept_action.xml             |  1 -
 .../transitions/refuse_action.xml             | 94 +++++++++++++++++++
 .../transitions/reject_action.xml             |  1 -
 bt5/erp5_banking_check/bt/revision            |  2 +-
 7 files changed, 107 insertions(+), 13 deletions(-)
 create mode 100644 bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_deposit_workflow/transitions/refuse_action.xml

diff --git a/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_deposit_workflow/scripts/validateConsistency.xml b/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_deposit_workflow/scripts/validateConsistency.xml
index 97ec78c2dd..35555088b2 100644
--- a/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_deposit_workflow/scripts/validateConsistency.xml
+++ b/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_deposit_workflow/scripts/validateConsistency.xml
@@ -101,27 +101,32 @@ if transaction.getTotalPrice(portal_type = \'Check Operation Line\') != transact
 for check_operation_line in transaction.contentValues(filter = {\'portal_type\' : \'Check Operation Line\'}):\n
   check_number = check_operation_line.getAggregateFreeText()\n
   if not check_number:\n
-    msg = Message(domain=\'ui\', message=\'Check is not defined.\')\n
+    msg = Message(domain=\'ui\', message=\'Check is not defined on line $line.\'\n
+                  , mapping={"line" : line.getId()})\n
     raise ValidationFailed, (msg,)\n
 \n
   check_type = check_operation_line.getAggregateResource()\n
   if check_type is None:\n
-    msg = Message(domain=\'ui\', message=\'Check type is not defined.\')\n
+    msg = Message(domain=\'ui\', message=\'Check type is not defined on line $line.\'\n
+                  , mapping={"line" : line.getId()})\n
     raise ValidationFailed, (msg,)\n
 \n
   \n
   source_bank_account = check_operation_line.getSourcePaymentValue()\n
   if source_bank_account is None:\n
-    msg = Message(domain=\'ui\', message=\'Source bank account not defined.\')\n
+    msg = Message(domain=\'ui\', message=\'Bank account not defined on line $line.\'\n
+                  , mapping={"line" : line.getId()})\n
     raise ValidationFailed, (msg,)\n
 \n
   # Test if the account balance is sufficient.\n
   error = context.BankAccount_checkBalance(source_bank_account.getRelativeUrl(), check_operation_line.getPrice())\n
   if error[\'error_code\'] == 1:\n
-    msg = Message(domain=\'ui\', message="Source bank account is not sufficient.")\n
+    msg = Message(domain=\'ui\', message="Bank account $account is not sufficient on line $line.",\n
+                  mapping={"account": source_bank_account.getInternalBankAccountNumber, "line" : line.getId()})\n
     raise ValidationFailed, (msg,)\n
   elif error[\'error_code\'] == 2:\n
-    msg = Message(domain=\'ui\', message="source bank account is not valid.")\n
+    msg = Message(domain=\'ui\', message="Bank account $account is not valid on $line.",\n
+                  mapping={"account": source_bank_account.getInternalBankAccountNumber, "line" : line.getId()})\n
     raise ValidationFailed, (msg,)\n
   elif error[\'error_code\'] != 0:\n
     msg = Message(domain=\'ui\', message="Unknown error code.")\n
@@ -209,6 +214,7 @@ if transaction.getSimulationState() == "draft":\n
                             <string>_getiter_</string>
                             <string>check_operation_line</string>
                             <string>check_number</string>
+                            <string>line</string>
                             <string>check_type</string>
                             <string>source_bank_account</string>
                             <string>context</string>
diff --git a/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_deposit_workflow/states/ordered.xml b/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_deposit_workflow/states/ordered.xml
index a0a73af9df..207778c327 100644
--- a/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_deposit_workflow/states/ordered.xml
+++ b/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_deposit_workflow/states/ordered.xml
@@ -43,8 +43,6 @@
             <key> <string>transitions</string> </key>
             <value>
               <tuple>
-                <string>cancel</string>
-                <string>cancel_action</string>
                 <string>deliver</string>
                 <string>deliver_action</string>
                 <string>reject</string>
diff --git a/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_deposit_workflow/states/waiting.xml b/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_deposit_workflow/states/waiting.xml
index f108af0f10..ffba1b7501 100644
--- a/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_deposit_workflow/states/waiting.xml
+++ b/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_deposit_workflow/states/waiting.xml
@@ -45,10 +45,8 @@
               <tuple>
                 <string>accept</string>
                 <string>accept_action</string>
-                <string>cancel</string>
-                <string>cancel_action</string>
+                <string>refuse_action</string>
                 <string>reject</string>
-                <string>reject_action</string>
               </tuple>
             </value>
         </item>
diff --git a/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_deposit_workflow/transitions/accept_action.xml b/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_deposit_workflow/transitions/accept_action.xml
index 91499f986f..4e846f6c5e 100644
--- a/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_deposit_workflow/transitions/accept_action.xml
+++ b/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_deposit_workflow/transitions/accept_action.xml
@@ -84,7 +84,6 @@
             <value>
               <tuple>
                 <string>Manager</string>
-                <string>DestinationAssignor</string>
                 <string>DestinationAssignee</string>
               </tuple>
             </value>
diff --git a/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_deposit_workflow/transitions/refuse_action.xml b/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_deposit_workflow/transitions/refuse_action.xml
new file mode 100644
index 0000000000..2e8e7b00b7
--- /dev/null
+++ b/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_deposit_workflow/transitions/refuse_action.xml
@@ -0,0 +1,94 @@
+<?xml version="1.0"?>
+<ZopeData>
+  <record id="1" aka="AAAAAAAAAAE=">
+    <pickle>
+      <tuple>
+        <global name="TransitionDefinition" module="Products.DCWorkflow.Transitions"/>
+        <tuple/>
+      </tuple>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>__ac_local_roles__</string> </key>
+            <value>
+              <none/>
+            </value>
+        </item>
+        <item>
+            <key> <string>_owner</string> </key>
+            <value>
+              <none/>
+            </value>
+        </item>
+        <item>
+            <key> <string>actbox_category</string> </key>
+            <value> <string>workflow</string> </value>
+        </item>
+        <item>
+            <key> <string>actbox_name</string> </key>
+            <value> <string>Reject</string> </value>
+        </item>
+        <item>
+            <key> <string>actbox_url</string> </key>
+            <value> <string>%(content_url)s/BaseWorkflow_viewWorkflowActionDialog?field_my_workflow_action=refuse_action</string> </value>
+        </item>
+        <item>
+            <key> <string>after_script_name</string> </key>
+            <value> <string>reject</string> </value>
+        </item>
+        <item>
+            <key> <string>description</string> </key>
+            <value> <string></string> </value>
+        </item>
+        <item>
+            <key> <string>guard</string> </key>
+            <value>
+              <persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent>
+            </value>
+        </item>
+        <item>
+            <key> <string>id</string> </key>
+            <value> <string>refuse_action</string> </value>
+        </item>
+        <item>
+            <key> <string>new_state_id</string> </key>
+            <value> <string></string> </value>
+        </item>
+        <item>
+            <key> <string>script_name</string> </key>
+            <value> <string></string> </value>
+        </item>
+        <item>
+            <key> <string>title</string> </key>
+            <value> <string>Refuse Action</string> </value>
+        </item>
+        <item>
+            <key> <string>trigger_type</string> </key>
+            <value> <int>1</int> </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+  <record id="2" aka="AAAAAAAAAAI=">
+    <pickle>
+      <tuple>
+        <global name="Guard" module="Products.DCWorkflow.Guard"/>
+        <tuple/>
+      </tuple>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>roles</string> </key>
+            <value>
+              <tuple>
+                <string>Manager</string>
+                <string>DestinationAssignee</string>
+              </tuple>
+            </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+</ZopeData>
diff --git a/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_deposit_workflow/transitions/reject_action.xml b/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_deposit_workflow/transitions/reject_action.xml
index 68310c5da4..61096e6b8e 100644
--- a/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_deposit_workflow/transitions/reject_action.xml
+++ b/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_deposit_workflow/transitions/reject_action.xml
@@ -80,7 +80,6 @@
                 <string>Manager</string>
                 <string>Assignee</string>
                 <string>DestinationAssignor</string>
-                <string>DestinationAssignee</string>
               </tuple>
             </value>
         </item>
diff --git a/bt5/erp5_banking_check/bt/revision b/bt5/erp5_banking_check/bt/revision
index 27b4d6e6ba..2d828461b6 100644
--- a/bt5/erp5_banking_check/bt/revision
+++ b/bt5/erp5_banking_check/bt/revision
@@ -1 +1 @@
-287
\ No newline at end of file
+289
\ No newline at end of file
-- 
2.30.9