Commit 5fbdcc5f authored by Vincent Pelletier's avatar Vincent Pelletier

Do not create any security table entry when role is "Owner".


git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@19285 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent 59c51ebf
...@@ -118,6 +118,8 @@ class IndexableObjectWrapper(CMFCoreIndexableObjectWrapper): ...@@ -118,6 +118,8 @@ class IndexableObjectWrapper(CMFCoreIndexableObjectWrapper):
allowed = {} allowed = {}
for r in rolesForPermissionOn('View', ob): for r in rolesForPermissionOn('View', ob):
allowed[r] = 1 allowed[r] = 1
if 'Owner' in allowed:
del allowed['Owner']
if withnuxgroups: if withnuxgroups:
localroles = mergedLocalRoles(ob, withgroups=1) localroles = mergedLocalRoles(ob, withgroups=1)
elif withpas: elif withpas:
...@@ -154,9 +156,11 @@ class IndexableObjectWrapper(CMFCoreIndexableObjectWrapper): ...@@ -154,9 +156,11 @@ class IndexableObjectWrapper(CMFCoreIndexableObjectWrapper):
# we may sometimes catalog the owner user ID whenever the Owner # we may sometimes catalog the owner user ID whenever the Owner
# has view permission (see getAllowedRolesAndUsers bellow # has view permission (see getAllowedRolesAndUsers bellow
# as well as getViewPermissionOwner method in Base) # as well as getViewPermissionOwner method in Base)
view_role_list = [role for role in user_role_list if allowed.has_key(role) and role != 'Owner'] view_role_list = [role for role in user_role_list if allowed.has_key(role)]
for user, roles in localroles.items(): for user, roles in localroles.items():
for role in roles: for role in roles:
if role == 'Owner':
continue
if allowed.has_key(role): if allowed.has_key(role):
if withnuxgroups: if withnuxgroups:
allowed[user] = 1 allowed[user] = 1
...@@ -168,8 +172,6 @@ class IndexableObjectWrapper(CMFCoreIndexableObjectWrapper): ...@@ -168,8 +172,6 @@ class IndexableObjectWrapper(CMFCoreIndexableObjectWrapper):
allowed[user + ':' + role] = 1 allowed[user + ':' + role] = 1
else: else:
allowed['user:' + user + ':' + role] = 1 allowed['user:' + user + ':' + role] = 1
if allowed.has_key('Owner'):
del allowed['Owner']
return list(allowed.keys()) return list(allowed.keys())
class RelatedBaseCategory(Method): class RelatedBaseCategory(Method):
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment