[Erp5-report] r27227 - in /erp5/trunk/bt5/erp5_accounting: SkinTemplateItem/portal_skins/er...

nobody at svn.erp5.org nobody at svn.erp5.org
Thu May 28 10:32:07 CEST 2009 

Author: seb
Date: Thu May 28 10:32:06 2009
New Revision: 27227

URL: http://svn.erp5.org?rev=27227&view=rev
Log:
2009-05-28 Seb
* We might think about usage of ERP5Accounting_getParams with people that can not see the account_module, so fix security error when getting currency precision

Modified:
    erp5/trunk/bt5/erp5_accounting/SkinTemplateItem/portal_skins/erp5_accounting/ERP5Accounting_getParams.xml
    erp5/trunk/bt5/erp5_accounting/bt/revision

Modified: erp5/trunk/bt5/erp5_accounting/SkinTemplateItem/portal_skins/erp5_accounting/ERP5Accounting_getParams.xml
URL: http://svn.erp5.org/erp5/trunk/bt5/erp5_accounting/SkinTemplateItem/portal_skins/erp5_accounting/ERP5Accounting_getParams.xml?rev=27227&r1=27226&r2=27227&view=diff
==============================================================================
--- erp5/trunk/bt5/erp5_accounting/SkinTemplateItem/portal_skins/erp5_accounting/ERP5Accounting_getParams.xml [utf8] (original)
+++ erp5/trunk/bt5/erp5_accounting/SkinTemplateItem/portal_skins/erp5_accounting/ERP5Accounting_getParams.xml [utf8] Thu May 28 10:32:06 2009
@@ -103,8 +103,9 @@
   params[\'section_uid\'] = context.Base_getSectionUidListForSectionCategory(section_category)\n
   currency = context.Base_getCurrencyForSection(section_category)\n
   # getQuantityPrecisionFromResource is defined on Base, but the portal is not \n
-  # an instance of Base, so we call it on account_module.\n
-  params[\'precision\'] = context.account_module\\\n
+  # an instance of Base, so we call it on portal_simulation because it is\n
+  # accessible to everyone.\n
+  params[\'precision\'] = context.portal_simulation\\\n
                             .getQuantityPrecisionFromResource(currency)\n
 \n
   # calculate the period_start_date for this section\n

Modified: erp5/trunk/bt5/erp5_accounting/bt/revision
URL: http://svn.erp5.org/erp5/trunk/bt5/erp5_accounting/bt/revision?rev=27227&r1=27226&r2=27227&view=diff
==============================================================================
--- erp5/trunk/bt5/erp5_accounting/bt/revision [utf8] (original)
+++ erp5/trunk/bt5/erp5_accounting/bt/revision [utf8] Thu May 28 10:32:06 2009
@@ -1,1 +1,1 @@
-927
+928

More information about the Erp5-report mailing list