From 3bb14bfe637ae5ca08f7ae7b549742e441894d9d Mon Sep 17 00:00:00 2001
From: Jean-Paul Smets <jp@nexedi.com>
Date: Sun, 17 Sep 2006 12:43:43 +0000
Subject: [PATCH] Added much comments related to the support of Owner local
role and optimisation of security table.
git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@10055 20353a03-c40f-0410-a6d1-a30d3c3de9de
---
product/ERP5Catalog/CatalogTool.py | 13 +++++++++++--
1 file changed, 11 insertions(+), 2 deletions(-)
diff --git a/product/ERP5Catalog/CatalogTool.py b/product/ERP5Catalog/CatalogTool.py
index a178734b06..c40bb7a070 100644
--- a/product/ERP5Catalog/CatalogTool.py
+++ b/product/ERP5Catalog/CatalogTool.py
@@ -128,7 +128,11 @@ class IndexableObjectWrapper(CMFCoreIndexableObjectWrapper):
else:
allowed['user:' + user] = 1
# Added for ERP5 project by JP Smets
- if role != 'Owner':
+ # The reason why we do not want to keep Owner is because we are
+ # trying to reduce the number of security definitions
+ # However, this could be a bad idea if we start to use Owner role
+ # as a kind of Assignee and if we need it for worklists.
+ if role != 'Owner':
if withnuxgroups:
allowed[user + ':' + role] = 1
else:
@@ -393,7 +397,12 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
# Local roles now has precedence (since it comes from a WorkList)
for user_or_group in allowedRolesAndUsers:
for role in local_roles:
- new_allowedRolesAndUsers.append('%s:%s' % (user_or_group, role))
+ if role == "Owner":
+ # This is for now only a placeholder to handle the case of Owner
+ # which may not be supported (see above comment arround line 135
+ new_allowedRolesAndUsers.append('%s:%s' % (user_or_group, role))
+ else:
+ new_allowedRolesAndUsers.append('%s:%s' % (user_or_group, role))
allowedRolesAndUsers = new_allowedRolesAndUsers
return allowedRolesAndUsers
--
2.30.9