fix security for manual validation

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@18912 20353a03-c40f-0410-a6d1-a30d3c3de9de

fix security for manual validation
git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@18912 20353a03-c40f-0410-a6d1-a30d3c3de9de
72d94702 · Aurel · ba66bf51 · 72d94702 · 72d94702 · 72d94702
Commit 72d94702 authored Jan 30, 2008 by Aurel
7 changed files
--- a/bt5/erp5_banking_check/SkinTemplateItem/portal_skins/erp5_banking_check_operation/CheckDepositLine_init.xml
+++ b/bt5/erp5_banking_check/SkinTemplateItem/portal_skins/erp5_banking_check_operation/CheckDepositLine_init.xml
@@ -93,6 +93,14 @@
            <key> <string>_params</string> </key>
            <value> <string>*args, **kw</string> </value>
        </item>
+        <item>
+            <key> <string>_proxy_roles</string> </key>
+            <value>
+              <tuple>
+                <string>Manager</string>
+              </tuple>
+            </value>
+        </item>
        <item>
            <key> <string>errors</string> </key>
            <value>

--- a/bt5/erp5_banking_check/SkinTemplateItem/portal_skins/erp5_banking_check_operation/Delivery_saveCheckbookFastInputLine.xml
+++ b/bt5/erp5_banking_check/SkinTemplateItem/portal_skins/erp5_banking_check_operation/Delivery_saveCheckbookFastInputLine.xml
@@ -72,6 +72,8 @@ result = []\n
 resultContainer = {}\n
 result_line = []\n
 \n
+if listbox is None:\n
+  listbox = []\n
 \n
 # remove existing lines\n
 old_line = [x.getObject() for x in context.objectValues(portal_type=[\'Checkbook Delivery Line\'])]\n
@@ -166,6 +168,7 @@ request[ \'RESPONSE\' ].redirect( redirect_url )\n
                            <string>result</string>
                            <string>resultContainer</string>
                            <string>result_line</string>
+                            <string>None</string>
                            <string>append</string>
                            <string>$append0</string>
                            <string>_getiter_</string>
@@ -181,7 +184,6 @@ request[ \'RESPONSE\' ].redirect( redirect_url )\n
                            <string>item</string>
                            <string>delivery_line</string>
                            <string>item_dict</string>
-                            <string>None</string>
                            <string>reference_range_min</string>
                            <string>reference_range_max</string>
                            <string>_write_</string>

--- a/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_deposit_workflow/scripts/createCheckDepositLine.xml
+++ b/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_deposit_workflow/scripts/createCheckDepositLine.xml
@@ -119,7 +119,9 @@ line.setDestinationPaymentValue(transaction.getDestinationPaymentValue())\n
        <item>
            <key> <string>_proxy_roles</string> </key>
            <value>
-              <tuple/>
+              <tuple>
+                <string>Manager</string>
+              </tuple>
            </value>
        </item>
        <item>

--- a/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_deposit_workflow/scripts/updateBankingOperation.xml
+++ b/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_deposit_workflow/scripts/updateBankingOperation.xml
@@ -107,7 +107,9 @@ for check_operation_line in transaction.contentValues(filter = {\'portal_type\'
        <item>
            <key> <string>_proxy_roles</string> </key>
            <value>
-              <tuple/>
+              <tuple>
+                <string>Manager</string>
+              </tuple>
            </value>
        </item>
        <item>

--- a/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_deposit_workflow/states/planned.xml
+++ b/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_deposit_workflow/states/planned.xml
@@ -78,6 +78,7 @@
                      <tuple>
                        <string>Assignee</string>
                        <string>Assignor</string>
+                        <string>DestinationAssignee</string>
                        <string>Manager</string>
                        <string>Owner</string>
                        <string>Reviewer</string>
@@ -106,6 +107,7 @@
                      <tuple>
                        <string>Assignee</string>
                        <string>Assignor</string>
+                        <string>DestinationAssignee</string>
                        <string>Manager</string>
                        <string>Owner</string>
                        <string>Reviewer</string>

--- a/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_deposit_workflow/states/waiting.xml
+++ b/bt5/erp5_banking_check/WorkflowTemplateItem/portal_workflow/check_deposit_workflow/states/waiting.xml
@@ -86,13 +86,17 @@
                <item>
                    <key> <string>Add portal content</string> </key>
                    <value>
-                      <tuple/>
+                      <tuple>
+                        <string>Manager</string>
+                      </tuple>
                    </value>
                </item>
                <item>
                    <key> <string>Modify portal content</string> </key>
                    <value>
-                      <tuple/>
+                      <tuple>
+                        <string>Manager</string>
+                      </tuple>
                    </value>
                </item>
                <item>

--- a/bt5/erp5_banking_check/bt/revision
+++ b/bt5/erp5_banking_check/bt/revision
-364
+365
\ No newline at end of file