diff --git a/product/ERP5Catalog/CatalogTool.py b/product/ERP5Catalog/CatalogTool.py index c96aae674ca04ecf0ebc4607cf10ec947f7f8c6f..de7ccfdf20677206dff3f7b67ea127c7e4314396 100644 --- a/product/ERP5Catalog/CatalogTool.py +++ b/product/ERP5Catalog/CatalogTool.py @@ -155,13 +155,18 @@ class IndexableObjectWrapper(CMFCoreIndexableObjectWrapper): # we may sometimes catalog the owner user ID whenever the Owner # has view permission (see getAllowedRolesAndUsers bellow # as well as getViewPermissionOwner method in Base) - if role != 'Owner': + if role != 'Owner': if withnuxgroups: allowed[user + ':' + role] = 1 else: allowed['user:' + user + ':' + role] = 1 + elif 'Owner' in allowed: + ob._v_view_permission_owner = user + if allowed.has_key('Owner'): del allowed['Owner'] + else: + ob._v_view_permission_owner = None return list(allowed.keys()) class RelatedBaseCategory(Method): diff --git a/product/ERP5Type/Base.py b/product/ERP5Type/Base.py index 142258c1d6d4400f2e76863302d9550e06aa209c..b177077ee614d0782ecc52f0ad1012c06c4be984 100644 --- a/product/ERP5Type/Base.py +++ b/product/ERP5Type/Base.py @@ -1704,12 +1704,17 @@ class Base( CopyContainer, security.declareProtected( Permissions.AccessContentsInformation, 'getViewPermissionOwner' ) def getViewPermissionOwner(self): """ - Returns the user ID of the owner if this user has View permission, - otherwise returns None. + Returns the user ID of the owner if Owner role + has View permission. Returns None else. """ - owner = self.getWrappedOwner() - if owner is not None and owner.has_permission(Permissions.View, self): - return str(owner) + marker = [] + if getattr(aq_base(self), '_v_view_permission_owner', marker) is not marker: + return self._v_view_permission_owner + + path, user_id = self.getOwnerTuple() + if 'Owner' in rolesForPermissionOn(Permissions.View, self): + path, user_id = self.getOwnerTuple() + return user_id return None # Private accessors for the implementation of relations based on