From a6c6d3be19187072bdaaeef49a05c89d1ec16d1b Mon Sep 17 00:00:00 2001 From: Sebastien Robin <seb@nexedi.com> Date: Wed, 23 Mar 2005 08:47:47 +0000 Subject: [PATCH] added negative role compatibility git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@2736 20353a03-c40f-0410-a6d1-a30d3c3de9de --- product/ERP5Catalog/CatalogTool.py | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/product/ERP5Catalog/CatalogTool.py b/product/ERP5Catalog/CatalogTool.py index 84e1a5053f..eb2a64ecbc 100755 --- a/product/ERP5Catalog/CatalogTool.py +++ b/product/ERP5Catalog/CatalogTool.py @@ -75,10 +75,27 @@ class IndexableObjectWrapper(CMFCoreIndexableObjectWrapper): allowed[r] = 1 if withgroups: localroles = mergedLocalRoles(ob, withgroups=1) - #LOG("allowedRolesAndUsers",0,str(allowed.keys())) else: # CMF localroles = _mergedLocalRoles(ob) + # For each group or user, we have a list of roles, this list + # give in this order : [roles on object, roles acquired on the parent, + # roles acquired on the parent of the parent....] + # So if we have ['-Author','Author'] we should remove the role 'Author' + # but if we have ['Author','-Author'] we have to keep the role 'Author' + new_dict = {} + for key in localroles.keys(): + new_list = [] + remove_list = [] + for role in localroles[key]: + if role.startswith('-'): + if not role[1:] in new_list and not role[1:] in remove_list: + remove_list.append(role[1:]) + elif not role in remove_list: + new_list.append(role) + if len(new_list)>0: + new_dict[key] = new_list + localroles = new_dict for user, roles in localroles.items(): for role in roles: if allowed.has_key(role): -- 2.30.9