Treat user with Manager role as superuser.
-
Owner
I believe this change is also relevant to merge on master, What do you think?
-
Owner
Although I understand the intent (accelerate queries done as Manager by not adding a crazy-long list of security_uid), this breaks the rule that in-ZODB object visibility for calling user can be checked in-catalog too - and as a result, it means it breaks catalog when Manager cannot view all documents.
So I think this needs @jp 's approval before it can go in:
- Do we want Managers to become all-viewing users ?
- Do we tolerate catalog-ZODB view permission discrepancy ?
If the answer to either is "yes", then it can be merged.
-
Owner
Vincent is right:
- it is wrong to consider Manager as a superuser (Manager in Zope designed can be blocked to access some objects, a feature that is loved by some users of ERP5 in sensitive industries)
- it is wrong to introduce inconsistencies between catalog security and ZODB
The problem is however non trivial. I think it would be good that Vincent thinks about a solution.
Very often, the problem comes first from the use of Manager role instead of a normal role (ex. Auditor). If security is designed to define clearly who is Auditor (including which "virtual user" launching alarms), then security can be better designed and the number of uids reduced.
I thus prefer Vincent or Rafael to consider a real solution.