[Erp5-report] r32275 yo - /erp5/trunk/products/ERP5Catalog/CatalogTool.py

[nobody at svn.erp5.org]

Author: yo
Date: Fri Feb  5 06:56:18 2010
New Revision: 32275

URL: http://svn.erp5.org?rev=32275&view=rev
Log:
Prevent indexing _View_Permission in roles_and_users.

Modified:
    erp5/trunk/products/ERP5Catalog/CatalogTool.py

Modified: erp5/trunk/products/ERP5Catalog/CatalogTool.py
URL: http://svn.erp5.org/erp5/trunk/products/ERP5Catalog/CatalogTool.py?rev=32275&r1=32274&r2=32275&view=diff
==============================================================================
--- erp5/trunk/products/ERP5Catalog/CatalogTool.py [utf8] (original)
+++ erp5/trunk/products/ERP5Catalog/CatalogTool.py [utf8] Fri Feb  5 06:56:18 2010
@@ -110,6 +110,12 @@
         #   user:<user_id>:<role_id>
         # A line must not be present twice in final result.
         allowed = set(rolesForPermissionOn('View', ob))
+        # XXX the permission name is included by default for verbose
+        # logging of security errors, but the catalog does not need to
+        # index it. Unfortunately, rolesForPermissionOn does not have
+        # an option to disable this behavior at calling time, so
+        # discard it explicitly.
+        allowed.discard('_View_Permission')
         # XXX Owner is hardcoded, in order to prevent searching for user on the
         # site root.
         allowed.discard('Owner')