Commit 2bec6f7f authored by Jérome Perrin's avatar Jérome Perrin

r16497 was bad, because it indexed a random Owner local roles from the acquisition context.



git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@17133 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent 7f6db54a
......@@ -161,13 +161,8 @@ class IndexableObjectWrapper(CMFCoreIndexableObjectWrapper):
allowed[user + ':' + role] = 1
else:
allowed['user:' + user + ':' + role] = 1
elif 'Owner' in allowed:
ob._v_view_permission_owner = user
if allowed.has_key('Owner'):
del allowed['Owner']
else:
ob._v_view_permission_owner = None
return list(allowed.keys())
class RelatedBaseCategory(Method):
......
......@@ -1698,17 +1698,12 @@ class Base( CopyContainer,
security.declareProtected( Permissions.AccessContentsInformation, 'getViewPermissionOwner' )
def getViewPermissionOwner(self):
"""
Returns the user ID of the owner if Owner role
has View permission. Returns None else.
Returns the user ID of the owner if this user has View permission,
otherwise returns None.
"""
marker = []
if getattr(aq_base(self), '_v_view_permission_owner', marker) is not marker:
return self._v_view_permission_owner
path, user_id = self.getOwnerTuple()
if 'Owner' in rolesForPermissionOn(Permissions.View, self):
path, user_id = self.getOwnerTuple()
return user_id
owner = self.getWrappedOwner()
if owner is not None and owner.has_permission(Permissions.View, self):
return str(owner)
return None
# Private accessors for the implementation of relations based on
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment