[Erp5-report] r13057 - /erp5/trunk/products/ERP5Security/ERP5GroupManager.py

[nobody at svn.erp5.org]

Author: jp
Date: Mon Feb 26 22:58:16 2007
New Revision: 13057

URL: http://svn.erp5.org?rev=13057&view=rev
Log:
Do not use security for user lookup.

Modified:
    erp5/trunk/products/ERP5Security/ERP5GroupManager.py

Modified: erp5/trunk/products/ERP5Security/ERP5GroupManager.py
URL: http://svn.erp5.org/erp5/trunk/products/ERP5Security/ERP5GroupManager.py?rev=13057&r1=13056&r2=13057&view=diff
==============================================================================
--- erp5/trunk/products/ERP5Security/ERP5GroupManager.py (original)
+++ erp5/trunk/products/ERP5Security/ERP5GroupManager.py Mon Feb 26 22:58:16 2007
@@ -119,8 +119,8 @@
         else:
           security_definition_list = mapping_method()
 
-        # get the person from its reference
-        catalog_result = self.portal_catalog(
+        # get the person from its reference - no security check needed
+        catalog_result = self.portal_catalog.unrestrictedSearchResults(
             portal_type="Person", reference=user_name)
         if len(catalog_result) != 1: # we won't proceed with groups
           if len(catalog_result) > 1: # configuration is screwed
@@ -133,8 +133,7 @@
         person_id = person_object.getId()
 
         # Fetch category values from defined scripts
-        for (method_name, base_category_list) in \
-            security_definition_list:
+        for (method_name, base_category_list) in security_definition_list:
           base_category_list = tuple(base_category_list)
           method = getattr(self, method_name)
           security_category_list = security_category_dict.setdefault(