[Erp5-report] r13056 - /erp5/trunk/products/ERP5Catalog/CatalogTool.py
nobody at svn.erp5.org
nobody at svn.erp5.org
Mon Feb 26 22:57:25 CET 2007
Author: jp
Date: Mon Feb 26 22:57:23 2007
New Revision: 13056
URL: http://svn.erp5.org?rev=13056&view=rev
Log:
First working implementation of optimised Owner support.
Modified:
erp5/trunk/products/ERP5Catalog/CatalogTool.py
Modified: erp5/trunk/products/ERP5Catalog/CatalogTool.py
URL: http://svn.erp5.org/erp5/trunk/products/ERP5Catalog/CatalogTool.py?rev=13056&r1=13055&r2=13056&view=diff
==============================================================================
--- erp5/trunk/products/ERP5Catalog/CatalogTool.py (original)
+++ erp5/trunk/products/ERP5Catalog/CatalogTool.py Mon Feb 26 22:57:23 2007
@@ -45,6 +45,8 @@
from Products.CMFCore.Expression import Expression
from Products.PageTemplates.Expressions import getEngine
from MethodObject import Method
+
+from Products.ERP5Security.ERP5UserManager import SUPER_USER
import os, time, urllib, warnings
from zLOG import LOG
@@ -140,8 +142,11 @@
# Added for ERP5 project by JP Smets
# The reason why we do not want to keep Owner is because we are
# trying to reduce the number of security definitions
- # However, this could be a bad idea if we start to use Owner role
- # as a kind of Assignee and if we need it for worklists.
+ # However, this is a bad idea if we start to use Owner role
+ # as a kind of bamed Assignee and if we need it for worklists. Therefore
+ # we may sometimes catalog the owner user ID whenever the Owner
+ # has view permission (see getAllowedRolesAndUsers bellow
+ # as well as getViewPermissionOwner method in Base)
if role != 'Owner':
if withnuxgroups:
allowed[user + ':' + role] = 1
@@ -427,12 +432,20 @@
# If a given role exists as a column in the catalog,
# then it is considered as single valued and indexed
# through the catalog.
- role_column_dict[lower_role] = user # XXX This should be a list
- # which also includes all user groups
+ if user != SUPER_USER:
+ role_column_dict[lower_role] = str(user) # XXX This should be a list
+ # which also includes all user groups
else:
# Else, we use the standard approach
new_allowedRolesAndUsers.append('%s:%s' % (user_or_group, role))
allowedRolesAndUsers = new_allowedRolesAndUsers
+ else:
+ # We only consider here the Owner role (since it was not indexed)
+ # since some objects may only be visible by their owner
+ # which was not indexed
+ if self.getSQLCatalog().getColumnMap().has_key('owner'):
+ if user != SUPER_USER:
+ role_column_dict['owner'] = str(user)
return allowedRolesAndUsers, role_column_dict
@@ -455,7 +468,7 @@
if role_column_dict:
query_list = []
for key, value in role_column_dict.items():
- new_query = Query(key=value)
+ new_query = Query(**{key : value})
query_list.append(new_query)
operator_kw = {'operator': 'AND'}
query = ComplexQuery(*query_list, **operator_kw)
@@ -471,11 +484,11 @@
if role_column_dict:
query_list = []
for key, value in role_column_dict.items():
- new_query = Query(key=value)
+ new_query = Query(**{key : value})
query_list.append(new_query)
operator_kw = {'operator': 'AND'}
query = ComplexQuery(*query_list, **operator_kw)
- if allowedRolesAndUsers:
+ if allowedRolesAndUsers and security_uid_list:
query = ComplexQuery(Query(security_uid=security_uid_list),
query, operator='OR')
else:
More information about the Erp5-report
mailing list