Commit 70cd4b01 authored by Kazuhiko Shiozaki's avatar Kazuhiko Shiozaki

category testing API should be protected by...

category testing API should be protected by Permissions.AccessContentsInformation not Permissions.View.
XXX we need more review for other getter methods in Base.py.


git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@31601 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent 7fb3218d
......@@ -689,7 +689,7 @@ class Category(Folder):
"""
return '/'.join(self.portal_url.getRelativeContentPath(self)[1:])
security.declareProtected( Permissions.View, 'isMemberOf' )
security.declareProtected( Permissions.AccessContentsInformation, 'isMemberOf' )
def isMemberOf(self, category, **kw):
"""
Tests if an object if member of a given category
......
......@@ -2405,14 +2405,14 @@ class Base( CopyContainer,
self._getCategoryTool()._cleanupCategories()
# Category testing
security.declareProtected( Permissions.View, 'isMemberOf' )
security.declareProtected( Permissions.AccessContentsInformation, 'isMemberOf' )
def isMemberOf(self, category, **kw):
"""
Tests if an object if member of a given category
"""
return self._getCategoryTool().isMemberOf(self, category, **kw)
security.declareProtected( Permissions.View, 'isAcquiredMemberOf' )
security.declareProtected( Permissions.AccessContentsInformation, 'isAcquiredMemberOf' )
def isAcquiredMemberOf(self, category):
"""
Tests if an object if member of a given category
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment