do not join anylonger with roles_and_user table when doing

search/countResults, instead make a first request to get security uid in pass the result git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@12959 20353a03-c40f-0410-a6d1-a30d3c3de9de

do not join anylonger with roles_and_user table when doing
search/countResults, instead make a first request to get security uid in pass the result git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@12959 20353a03-c40f-0410-a6d1-a30d3c3de9de
6e014198 · Aurel · febb03ac · 6e014198
Commit 6e014198 authored Feb 22, 2007 by Aurel
Show whitespace changes
Inline Side-by-side

Showing with 31 additions and 16 deletions

product/ERP5Catalog/CatalogTool.py product/ERP5Catalog/CatalogTool.py +31 -16

No files found.
--- a/product/ERP5Catalog/CatalogTool.py
+++ b/product/ERP5Catalog/CatalogTool.py
@@ -45,7 +45,7 @@ from Products.CMFCore.Expression import Expression
 from Products.PageTemplates.Expressions import getEngine
 from MethodObject import Method

-import os, time, urllib
+import os, time, urllib, warnings
 from zLOG import LOG

 SECURITY_USING_NUX_USER_GROUPS, SECURITY_USING_PAS = range(2)
@@ -425,13 +425,32 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):

      return allowedRolesAndUsers

+    security.declarePrivate('getSecurityUid')
+    def getSecurityUid(self, **kw):
+      """
+      Return list of security oid for given roles list
+      """
+      catalog = self.getSQLCatalog()
+      method = getattr(catalog, catalog.sql_search_security, '')
+      if method in ('', None):
+        # XXX old way, should not be used anylonger
+        warnings.warn("The usage of allowedRolesAndUsers is deprecated.\n"
+                      "Please update your business template erp5_mysql_innodb.",
+                      DeprecationWarning)
+        kw['allowedRolesAndUsers'] = self.getAllowedRolesAndUsers(**kw)
+      else:
+        allowedRolesAndUsers = ["'%s'" % (role, ) for role in self.getAllowedRolesAndUsers(**kw)]
+        security_uid_list = [x.uid for x in method(security_roles_list = allowedRolesAndUsers)]
+        kw['security_uid'] = security_uid_list
+      return kw
+
    # searchResults has inherited security assertions.
    def searchResults(self, REQUEST=None, **kw):
        """
            Calls ZCatalog.searchResults with extra arguments that
            limit the results to what the user is allowed to see.
        """
-        kw[ 'allowedRolesAndUsers' ] = self.getAllowedRolesAndUsers(**kw) # XXX allowedRolesAndUsers naming is wrong
+        kw = self.getSecurityUid(**kw)

        if not _checkPermission(
            CMFCorePermissions.AccessInactivePortalContent, self ):
@@ -457,11 +476,7 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
            Calls ZCatalog.countResults with extra arguments that
            limit the results to what the user is allowed to see.
        """
-        kw[ 'allowedRolesAndUsers' ] = self.getAllowedRolesAndUsers(**kw) # XXX allowedRolesAndUsers naming is wrong
-        
-        # Forget about permissions in statistics
-        # (we should not count lines more than once with statistic expressions)
-        if kw.has_key('select_expression'): del kw[ 'allowedRolesAndUsers' ]
+        kw = self.getSecurityUid(**kw)

        # XXX This needs to be set again
        #if not _checkPermission(