[Erp5-report] r17133 - in /erp5/trunk/products: ERP5Catalog/CatalogTool.py ERP5Type/Base.py

nobody at svn.erp5.org nobody at svn.erp5.org
Tue Oct 23 16:22:19 CEST 2007 

Author: jerome
Date: Tue Oct 23 16:22:19 2007
New Revision: 17133

URL: http://svn.erp5.org?rev=17133&view=rev
Log:
r16497 was bad, because it indexed a random Owner local roles from the acquisition context.


Modified:
    erp5/trunk/products/ERP5Catalog/CatalogTool.py
    erp5/trunk/products/ERP5Type/Base.py

Modified: erp5/trunk/products/ERP5Catalog/CatalogTool.py
URL: http://svn.erp5.org/erp5/trunk/products/ERP5Catalog/CatalogTool.py?rev=17133&r1=17132&r2=17133&view=diff
==============================================================================
--- erp5/trunk/products/ERP5Catalog/CatalogTool.py (original)
+++ erp5/trunk/products/ERP5Catalog/CatalogTool.py Tue Oct 23 16:22:19 2007
@@ -161,13 +161,8 @@
                 allowed[user + ':' + role] = 1
               else:
                 allowed['user:' + user + ':' + role] = 1
-            elif 'Owner' in allowed:
-              ob._v_view_permission_owner = user
-
         if allowed.has_key('Owner'):
           del allowed['Owner']
-        else:
-          ob._v_view_permission_owner = None
         return list(allowed.keys())
 
 class RelatedBaseCategory(Method):

Modified: erp5/trunk/products/ERP5Type/Base.py
URL: http://svn.erp5.org/erp5/trunk/products/ERP5Type/Base.py?rev=17133&r1=17132&r2=17133&view=diff
==============================================================================
--- erp5/trunk/products/ERP5Type/Base.py (original)
+++ erp5/trunk/products/ERP5Type/Base.py Tue Oct 23 16:22:19 2007
@@ -1698,17 +1698,12 @@
   security.declareProtected( Permissions.AccessContentsInformation, 'getViewPermissionOwner' )
   def getViewPermissionOwner(self):
     """
-      Returns the user ID of the owner if Owner role
-      has View permission. Returns None else.
-    """
-    marker = []
-    if getattr(aq_base(self), '_v_view_permission_owner', marker) is not marker:
-      return self._v_view_permission_owner
-
-    path, user_id = self.getOwnerTuple()
-    if 'Owner' in rolesForPermissionOn(Permissions.View, self):
-      path, user_id = self.getOwnerTuple()
-      return user_id
+      Returns the user ID of the owner if this user has View permission,
+      otherwise returns None.
+    """
+    owner = self.getWrappedOwner()
+    if owner is not None and owner.has_permission(Permissions.View, self):
+      return str(owner)
     return None
 
   # Private accessors for the implementation of relations based on

More information about the Erp5-report mailing list