[Erp5-report] r6346 - /erp5/trunk/products/ERP5Security/ERP5UserManager.py
nobody at svn.erp5.org
nobody at svn.erp5.org
Wed Mar 29 23:52:57 CEST 2006
Author: jerome
Date: Wed Mar 29 23:52:56 2006
New Revision: 6346
URL: http://svn.erp5.org?rev=6346&view=rev
Log:
install unrestricted security manager before getting person role, as it may be set on subordination Organisation, which we will not be able to access with Anonymous User's security manager
Modified:
erp5/trunk/products/ERP5Security/ERP5UserManager.py
Modified: erp5/trunk/products/ERP5Security/ERP5UserManager.py
URL: http://svn.erp5.org/erp5/trunk/products/ERP5Security/ERP5UserManager.py?rev=6346&r1=6345&r2=6346&view=diff
==============================================================================
--- erp5/trunk/products/ERP5Security/ERP5UserManager.py (original)
+++ erp5/trunk/products/ERP5Security/ERP5UserManager.py Wed Mar 29 23:52:56 2006
@@ -90,9 +90,15 @@
user = user_list[0]
- if pw_validate(user.getPassword(), password) and\
- user.getCareerRole() == 'internal':
- return login, login # use same for user_id and login
+ sm = getSecurityManager()
+ if sm.getUser() != SUPER_USER:
+ newSecurityManager(self, self.getUser(SUPER_USER))
+ try:
+ if pw_validate(user.getPassword(), password) and\
+ user.getCareerRole() == 'internal':
+ return login, login # use same for user_id and login
+ finally:
+ setSecurityManager(sm)
return None
More information about the Erp5-report
mailing list