Commit 3bb14bfe authored by Jean-Paul Smets's avatar Jean-Paul Smets

Added much comments related to the support of Owner local role and optimisation of security table.

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@10055 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent 27d8fbc0
...@@ -128,7 +128,11 @@ class IndexableObjectWrapper(CMFCoreIndexableObjectWrapper): ...@@ -128,7 +128,11 @@ class IndexableObjectWrapper(CMFCoreIndexableObjectWrapper):
else: else:
allowed['user:' + user] = 1 allowed['user:' + user] = 1
# Added for ERP5 project by JP Smets # Added for ERP5 project by JP Smets
if role != 'Owner': # The reason why we do not want to keep Owner is because we are
# trying to reduce the number of security definitions
# However, this could be a bad idea if we start to use Owner role
# as a kind of Assignee and if we need it for worklists.
if role != 'Owner':
if withnuxgroups: if withnuxgroups:
allowed[user + ':' + role] = 1 allowed[user + ':' + role] = 1
else: else:
...@@ -393,7 +397,12 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject): ...@@ -393,7 +397,12 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
# Local roles now has precedence (since it comes from a WorkList) # Local roles now has precedence (since it comes from a WorkList)
for user_or_group in allowedRolesAndUsers: for user_or_group in allowedRolesAndUsers:
for role in local_roles: for role in local_roles:
new_allowedRolesAndUsers.append('%s:%s' % (user_or_group, role)) if role == "Owner":
# This is for now only a placeholder to handle the case of Owner
# which may not be supported (see above comment arround line 135
new_allowedRolesAndUsers.append('%s:%s' % (user_or_group, role))
else:
new_allowedRolesAndUsers.append('%s:%s' % (user_or_group, role))
allowedRolesAndUsers = new_allowedRolesAndUsers allowedRolesAndUsers = new_allowedRolesAndUsers
return allowedRolesAndUsers return allowedRolesAndUsers
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment