Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
erp5
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
alecs_myu
erp5
Commits
77259dea
Commit
77259dea
authored
Sep 06, 2017
by
Xiaowu Zhang
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
erp5_web_renderjs_ui: user can login even has no access permission on it's person document
parent
87584248
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
10 additions
and
4 deletions
+10
-4
bt5/erp5_hal_json_style/SkinTemplateItem/portal_skins/erp5_hal_json_style/ERP5Document_getHateoas.py
...rtal_skins/erp5_hal_json_style/ERP5Document_getHateoas.py
+1
-1
bt5/erp5_web_renderjs_ui/SkinTemplateItem/portal_skins/erp5_web_renderjs_ui/WebSite_login.py
...teItem/portal_skins/erp5_web_renderjs_ui/WebSite_login.py
+1
-1
bt5/erp5_web_renderjs_ui_test/PathTemplateItem/portal_tests/renderjs_ui_zuite/testRenderjsRecoverPassword.zpt
...l_tests/renderjs_ui_zuite/testRenderjsRecoverPassword.zpt
+8
-2
No files found.
bt5/erp5_hal_json_style/SkinTemplateItem/portal_skins/erp5_hal_json_style/ERP5Document_getHateoas.py
View file @
77259dea
...
...
@@ -917,7 +917,7 @@ def calculateHateoas(is_portal=None, is_site_root=None, traversed_document=None,
# Handle also other kind of users: instance, computer, master
person
=
portal
.
portal_membership
.
getAuthenticatedMember
().
getUserValue
()
if
person
is
not
None
:
if
person
is
not
None
and
portal
.
portal_membership
.
checkPermission
(
'View'
,
person
)
:
result_dict
[
'_links'
][
'me'
]
=
{
"href"
:
default_document_uri_template
%
{
"root_url"
:
site_root
.
absolute_url
(),
...
...
bt5/erp5_web_renderjs_ui/SkinTemplateItem/portal_skins/erp5_web_renderjs_ui/WebSite_login.py
View file @
77259dea
...
...
@@ -40,7 +40,7 @@ else:
person
=
portal
.
portal_membership
.
getAuthenticatedMember
().
getUserValue
()
url_parameter
=
"n.me"
pattern
=
'{[&|?]%s}'
%
url_parameter
if
(
person
is
None
):
if
(
person
is
None
or
not
portal
.
portal_membership
.
checkPermission
(
'View'
,
person
)
):
came_from
=
re
.
sub
(
pattern
,
''
,
came_from
)
else
:
prefix
=
"&"
if
"&%s"
%
url_parameter
in
came_from
else
"?"
...
...
bt5/erp5_web_renderjs_ui_test/PathTemplateItem/portal_tests/renderjs_ui_zuite/testRenderjsRecoverPassword.zpt
View file @
77259dea
...
...
@@ -227,12 +227,18 @@
<td>
//input[@value='Login']
</td>
<td></td>
</tr>
<!--
As the user don't have access to anything(no assignment), he come back to login page
-->
<!--
User can access even has no access to it's person document
-->
<tr>
<td>
waitForElementPresent
</td>
<td>
waitForElement
Not
Present
</td>
<td>
//input[@name='__ac_name']
</td>
<td></td>
</tr>
<tr>
<td>
waitForElementPresent
</td>
<td>
//span[@data-i18n='Worklist']
</td>
<td></td>
</tr>
</tbody></table>
</body>
</html>
\ No newline at end of file
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment