[Erp5-report] r19285 - /erp5/trunk/products/ERP5Catalog/CatalogTool.py
nobody at svn.erp5.org
nobody at svn.erp5.org
Tue Feb 12 18:10:53 CET 2008
Author: vincent
Date: Tue Feb 12 18:10:52 2008
New Revision: 19285
URL: http://svn.erp5.org?rev=19285&view=rev
Log:
Do not create any security table entry when role is "Owner".
Modified:
erp5/trunk/products/ERP5Catalog/CatalogTool.py
Modified: erp5/trunk/products/ERP5Catalog/CatalogTool.py
URL: http://svn.erp5.org/erp5/trunk/products/ERP5Catalog/CatalogTool.py?rev=19285&r1=19284&r2=19285&view=diff
==============================================================================
--- erp5/trunk/products/ERP5Catalog/CatalogTool.py (original)
+++ erp5/trunk/products/ERP5Catalog/CatalogTool.py Tue Feb 12 18:10:52 2008
@@ -118,6 +118,8 @@
allowed = {}
for r in rolesForPermissionOn('View', ob):
allowed[r] = 1
+ if 'Owner' in allowed:
+ del allowed['Owner']
if withnuxgroups:
localroles = mergedLocalRoles(ob, withgroups=1)
elif withpas:
@@ -154,9 +156,11 @@
# we may sometimes catalog the owner user ID whenever the Owner
# has view permission (see getAllowedRolesAndUsers bellow
# as well as getViewPermissionOwner method in Base)
- view_role_list = [role for role in user_role_list if allowed.has_key(role) and role != 'Owner']
+ view_role_list = [role for role in user_role_list if allowed.has_key(role)]
for user, roles in localroles.items():
for role in roles:
+ if role == 'Owner':
+ continue
if allowed.has_key(role):
if withnuxgroups:
allowed[user] = 1
@@ -168,8 +172,6 @@
allowed[user + ':' + role] = 1
else:
allowed['user:' + user + ':' + role] = 1
- if allowed.has_key('Owner'):
- del allowed['Owner']
return list(allowed.keys())
class RelatedBaseCategory(Method):
More information about the Erp5-report
mailing list