[Erp5-report] r13057 - /erp5/trunk/products/ERP5Security/ERP5GroupManager.py
nobody at svn.erp5.org
nobody at svn.erp5.org
Mon Feb 26 22:58:17 CET 2007
Author: jp
Date: Mon Feb 26 22:58:16 2007
New Revision: 13057
URL: http://svn.erp5.org?rev=13057&view=rev
Log:
Do not use security for user lookup.
Modified:
erp5/trunk/products/ERP5Security/ERP5GroupManager.py
Modified: erp5/trunk/products/ERP5Security/ERP5GroupManager.py
URL: http://svn.erp5.org/erp5/trunk/products/ERP5Security/ERP5GroupManager.py?rev=13057&r1=13056&r2=13057&view=diff
==============================================================================
--- erp5/trunk/products/ERP5Security/ERP5GroupManager.py (original)
+++ erp5/trunk/products/ERP5Security/ERP5GroupManager.py Mon Feb 26 22:58:16 2007
@@ -119,8 +119,8 @@
else:
security_definition_list = mapping_method()
- # get the person from its reference
- catalog_result = self.portal_catalog(
+ # get the person from its reference - no security check needed
+ catalog_result = self.portal_catalog.unrestrictedSearchResults(
portal_type="Person", reference=user_name)
if len(catalog_result) != 1: # we won't proceed with groups
if len(catalog_result) > 1: # configuration is screwed
@@ -133,8 +133,7 @@
person_id = person_object.getId()
# Fetch category values from defined scripts
- for (method_name, base_category_list) in \
- security_definition_list:
+ for (method_name, base_category_list) in security_definition_list:
base_category_list = tuple(base_category_list)
method = getattr(self, method_name)
security_category_list = security_category_dict.setdefault(
More information about the Erp5-report
mailing list