Properly reset security context on activity reactivation

The cold to reactivate an activity could sometimes switch to 'Anonymous User' and not switch back. Move the user switching logic to inside the 'try' block that restores the user afterwards. git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@30778 20353a03-c40f-0410-a6d1-a30d3c3de9de

Properly reset security context on activity reactivation
The cold to reactivate an activity could sometimes switch to 'Anonymous User' and not switch back. Move the user switching logic to inside the 'try' block that restores the user afterwards. git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@30778 20353a03-c40f-0410-a6d1-a30d3c3de9de
15df152f · Leonardo Rochael Almeida · eb81fb79 · 15df152f
Commit 15df152f authored Nov 19, 2009 by Leonardo Rochael Almeida
Hide whitespace changes
Inline Side-by-side

Showing with 8 additions and 9 deletions

product/CMFActivity/ActivityTool.py product/CMFActivity/ActivityTool.py +8 -9

No files found.
--- a/product/CMFActivity/ActivityTool.py
+++ b/product/CMFActivity/ActivityTool.py
@@ -276,10 +276,10 @@ class Message:
    else:
      try:
        old_security_manager = getSecurityManager()
-        # Change user if required (TO BE DONE)
-        # We will change the user only in order to execute this method
-        user = self.changeUser(self.user_name, activity_tool)
        try:
+          # Change user if required (TO BE DONE)
+          # We will change the user only in order to execute this method
+          self.changeUser(self.user_name, activity_tool)
          try:
            # XXX: There is no check to see if user is allowed to access
            # that method !
@@ -351,17 +351,16 @@ Exception: %s %s
  def reactivate(self, activity_tool, activity=DEFAULT_ACTIVITY):
    # Reactivate the original object.
    obj= self.getObject(activity_tool)
-    # Change user if required (TO BE DONE)
-    # We will change the user only in order to execute this method
-    current_user = str(_getAuthenticatedUser(self))
-    user = self.changeUser(self.user_name, activity_tool)
+    old_security_manager = getSecurityManager()
    try:
+      # Change user if required (TO BE DONE)
+      # We will change the user only in order to execute this method
+      user = self.changeUser(self.user_name, activity_tool)
      active_obj = obj.activate(activity=activity, **self.activity_kw)
      getattr(active_obj, self.method_id)(*self.args, **self.kw)
    finally:
      # Use again the previous user
-      if user is not None:
-        self.changeUser(current_user, activity_tool)
+      setSecurityManager(old_security_manager)

  def setExecutionState(self, is_executed, exc_info=None, log=True, context=None):
    """