Catalog security is based on the permission on 'View' and not on 'Access...

Catalog security is based on the permission on 'View' and not on 'Access Content Permission', which was a major error. Catalog is designed to be used with the user interface, and every object returned by portal_catalog should be viewable. git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@10394 20353a03-c40f-0410-a6d1-a30d3c3de9de

Catalog security is based on the permission on 'View' and not on 'Access...
Catalog security is based on the permission on 'View' and not on 'Access Content Permission', which was a major error. Catalog is designed to be used with the user interface, and every object returned by portal_catalog should be viewable. git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@10394 20353a03-c40f-0410-a6d1-a30d3c3de9de
fc3ca9ff · Romain Courteaud · 3e452c78 · fc3ca9ff
Commit fc3ca9ff authored Sep 28, 2006 by Romain Courteaud 🐸
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 1 deletion

product/ERP5Catalog/CatalogTool.py product/ERP5Catalog/CatalogTool.py +1 -1

No files found.
--- a/product/ERP5Catalog/CatalogTool.py
+++ b/product/ERP5Catalog/CatalogTool.py
@@ -95,7 +95,7 @@ class IndexableObjectWrapper(CMFCoreIndexableObjectWrapper):
        withnuxgroups = getSecurityProduct(ob.acl_users)\
                              == SECURITY_USING_NUX_USER_GROUPS
        allowed = {}
-        for r in rolesForPermissionOn('Access contents information', ob):
+        for r in rolesForPermissionOn('View', ob):
          allowed[r] = 1
        if withnuxgroups:
          localroles = mergedLocalRoles(ob, withgroups=1)