Commit 748046d0 authored by Vincent Pelletier's avatar Vincent Pelletier

ERP5Security.ERP5GroupManager: Move security category mapping lookup out.

So that it can be reused outside of group manager without having to
duplicate the backward-compatibility order.
Also, simplify code.
parent ae6b3070
...@@ -1412,6 +1412,31 @@ class ERP5Site(FolderMixIn, CMFSite, CacheCookieMixin): ...@@ -1412,6 +1412,31 @@ class ERP5Site(FolderMixIn, CMFSite, CacheCookieMixin):
return self._getPortalGroupedCategoryList('assignment') or \ return self._getPortalGroupedCategoryList('assignment') or \
self._getPortalConfiguration('portal_assignment_base_category_list') self._getPortalConfiguration('portal_assignment_base_category_list')
def getPortalSecurityCategoryMapping(self):
"""
Returns a list of pairs composed of a script id and a list of base
category ids to use for computing security groups.
This is used during indexation, so involved scripts must not rely on
catalog at any point in their execution.
Example:
(
('script_1', ['base_category_1', 'base_category_2', ...]),
('script_2', ['base_category_1', 'base_category_3', ...])
)
"""
return getattr(
self,
'ERP5Type_getSecurityCategoryMapping',
lambda: ( # BBB
(
'ERP5Type_getSecurityCategoryFromAssignment',
self.getPortalAssignmentBaseCategoryList(),
),
),
)()
security.declareProtected(Permissions.AccessContentsInformation, security.declareProtected(Permissions.AccessContentsInformation,
'getPortalTicketTypeList') 'getPortalTicketTypeList')
def getPortalTicketTypeList(self): def getPortalTicketTypeList(self):
......
...@@ -86,29 +86,6 @@ class ERP5GroupManager(BasePlugin): ...@@ -86,29 +86,6 @@ class ERP5GroupManager(BasePlugin):
@UnrestrictedMethod @UnrestrictedMethod
def _getGroupsForPrincipal(user_id, path): def _getGroupsForPrincipal(user_id, path):
# To get the complete list of groups, we try to call the
# ERP5Type_getSecurityCategoryMapping which should return a list
# of lists of two elements (script, base_category_list) like :
# (
# ('script_1', ['base_category_1', 'base_category_2', ...]),
# ('script_2', ['base_category_1', 'base_category_3', ...])
# )
#
# else, if the script does not exist, falls back to a list containng
# only one list :
# (('ERP5Type_getSecurityCategoryFromAssignment',
# self.getPortalAssignmentBaseCategoryList() ),)
mapping_method = getattr(self,
'ERP5Type_getSecurityCategoryMapping', None)
if mapping_method is None:
security_definition_list = ((
'ERP5Type_getSecurityCategoryFromAssignment',
self.getPortalAssignmentBaseCategoryList()
),)
else:
security_definition_list = mapping_method()
user_path_set = { user_path_set = {
x['path'] x['path']
for x in self.searchUsers(id=user_id, exact_match=True) for x in self.searchUsers(id=user_id, exact_match=True)
...@@ -119,7 +96,7 @@ class ERP5GroupManager(BasePlugin): ...@@ -119,7 +96,7 @@ class ERP5GroupManager(BasePlugin):
user_path, = user_path_set user_path, = user_path_set
user_value = self.getPortalObject().unrestrictedTraverse(user_path) user_value = self.getPortalObject().unrestrictedTraverse(user_path)
security_category_dict = {} security_category_dict = {}
for (method_name, base_category_list) in security_definition_list: for method_name, base_category_list in self.getPortalSecurityCategoryMapping():
base_category_list = tuple(base_category_list) base_category_list = tuple(base_category_list)
security_category_list = security_category_dict.setdefault( security_category_list = security_category_dict.setdefault(
base_category_list, base_category_list,
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment