From 3e5293c6bd407b7e40300e54bcbbb0668f45db1d Mon Sep 17 00:00:00 2001 From: Vincent Pelletier <vincent@nexedi.com> Date: Thu, 2 Aug 2007 17:06:31 +0000 Subject: [PATCH] Extend security API to be able to return a list of security uid. Update WorkflowTool patch since it requires it. git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@15430 20353a03-c40f-0410-a6d1-a30d3c3de9de --- product/ERP5Catalog/CatalogTool.py | 15 +++++++++++++++ product/ERP5Type/patches/WorkflowTool.py | 11 ++++------- 2 files changed, 19 insertions(+), 7 deletions(-) diff --git a/product/ERP5Catalog/CatalogTool.py b/product/ERP5Catalog/CatalogTool.py index 59c0a4308c..59c53d26e1 100644 --- a/product/ERP5Catalog/CatalogTool.py +++ b/product/ERP5Catalog/CatalogTool.py @@ -460,12 +460,27 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject): return allowedRolesAndUsers, role_column_dict + def getSecurityUidList(self, **kw): + """ + Return a list of security Uids. + TODO: Add a cache. + """ + allowedRolesAndUsers, role_column_dict = self.getAllowedRolesAndUsers(**kw) + catalog = self.getSQLCatalog() + method = getattr(catalog, catalog.sql_search_security) + allowedRolesAndUsers = ["'%s'" % (role, ) for role in allowedRolesAndUsers] + security_uid_list = [x.uid for x in method(security_roles_list = allowedRolesAndUsers)] + return security_uid_list + security.declarePublic( 'getSecurityQuery' ) def getSecurityQuery(self, query=None, **kw): """ Build a query based on allowed roles or on a list of security_uid values. The query takes into account the fact that some roles are catalogued with columns. + + TODO: use getSecurityUidList and drop compatibility with old + security system. """ allowedRolesAndUsers, role_column_dict = self.getAllowedRolesAndUsers(**kw) catalog = self.getSQLCatalog() diff --git a/product/ERP5Type/patches/WorkflowTool.py b/product/ERP5Type/patches/WorkflowTool.py index 58997ac9e3..6b4348ab9b 100644 --- a/product/ERP5Type/patches/WorkflowTool.py +++ b/product/ERP5Type/patches/WorkflowTool.py @@ -113,7 +113,7 @@ SECURITY_COLUMN_ID = 'security_uid' COUNT_COLUMN_TITLE = 'count' INTERNAL_CRITERION_KEY_LIST = (WORKLIST_METADATA_KEY, SECURITY_PARAMETER_ID) -def groupWorklistListByCondition(worklist_dict, acceptable_key_dict, getSecurityQuery): +def groupWorklistListByCondition(worklist_dict, acceptable_key_dict, getSecurityUidList): """ Get a list of dict of WorklistVariableMatchDict grouped by compatible conditions. Strip any variable which is not a catalog column. @@ -151,9 +151,6 @@ def groupWorklistListByCondition(worklist_dict, acceptable_key_dict, getSecurity if criterion_id in acceptable_key_dict or criterion_id in WORKLIST_METADATA_KEY: valid_criterion_dict[criterion_id] = criterion_value elif criterion_id == SECURITY_PARAMETER_ID: - # XXX: Only call getSecurityQuery to get the security uid list from - # generated query. The security API should be extended to allow - # access to those intermediate values. # Caching is done at this level to be as fast as possible. security_cache_key = list(criterion_value) security_cache_key.sort() @@ -161,7 +158,7 @@ def groupWorklistListByCondition(worklist_dict, acceptable_key_dict, getSecurity if security_cache_key in security_cache: criterion_value = security_cache[security_cache_key] else: - security_query = getSecurityQuery(**{criterion_id: criterion_value}) + security_query = getSecurityUidList(**{criterion_id: criterion_value}) criterion_value = security_query.getValue() security_cache[security_cache_key] = criterion_value criterion_id = SECURITY_COLUMN_ID @@ -390,10 +387,10 @@ def WorkflowTool_listActions(self, info=None, object=None): def _getWorklistActionList(): portal_url = getToolByName(self, 'portal_url')() portal_catalog = getToolByName(self, 'portal_catalog') - getSecurityQuery = portal_catalog.getSecurityQuery + getSecurityUidList = portal_catalog.getSecurityUidList acceptable_key_dict = portal_catalog.getSQLCatalog().getColumnMap() # Get a list of dict of WorklistVariableMatchDict grouped by compatible conditions - worklist_list_grouped_by_condition = groupWorklistListByCondition(worklist_dict=worklist_dict, acceptable_key_dict=acceptable_key_dict, getSecurityQuery=getSecurityQuery) + worklist_list_grouped_by_condition = groupWorklistListByCondition(worklist_dict=worklist_dict, acceptable_key_dict=acceptable_key_dict, getSecurityUidList=getSecurityUidList) LOG('WorklistGeneration', BLATHER, 'Will grab worklists in %s passes.' % (len(worklist_list_grouped_by_condition), )) for grouped_worklist_dict in worklist_list_grouped_by_condition: LOG('WorklistGeneration', BLATHER, 'Grabbing %s worklists...' % (len(grouped_worklist_dict), )) -- 2.30.9