From 9c82531ec085e53938f5dd0c8a1695ea8ffee6b7 Mon Sep 17 00:00:00 2001
From: Alexandre Boeglin <alex@nexedi.com>
Date: Thu, 8 Dec 2005 14:44:57 +0000
Subject: [PATCH] When using PAS, add the roles in the ZODB Role Manager as
 well as a property on the portal object. Note : removing roles has not been
 implemented.

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@4559 20353a03-c40f-0410-a6d1-a30d3c3de9de
---
 product/ERP5/Document/BusinessTemplate.py | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

diff --git a/product/ERP5/Document/BusinessTemplate.py b/product/ERP5/Document/BusinessTemplate.py
index c706f7c85b..8356a547cf 100755
--- a/product/ERP5/Document/BusinessTemplate.py
+++ b/product/ERP5/Document/BusinessTemplate.py
@@ -1650,13 +1650,23 @@ class RoleTemplateItem(BaseTemplateItem):
 
   def install(self, context, **kw):
     p = context.getPortalObject()
-    roles = {}
-    for role in p.__ac_roles__:
-      roles[role] = 1
+    # get roles
     if (getattr(self, 'template_format_version', 0)) == 1:
       role_list = self._objects.keys()
     else:
       role_list = self._archive.keys()
+    # set roles in PAS
+    if p.acl_users.meta_type == 'Pluggable Auth Service':
+      role_manager_list = p.acl_users.objectValues('ZODB Role Manager')
+      for role_manager in role_manager_list:
+        existing_role_list = role_manager.listRoleIds()
+        for role in role_list:
+          if role not in existing_role_list:
+            role_manager.addRole(role)
+    # set roles on portal
+    roles = {}
+    for role in p.__ac_roles__:
+      roles[role] = 1
     for role in role_list:
       roles[role] = 1
     p.__ac_roles__ = tuple(roles.keys())
-- 
2.30.9