Commit d76a30cf authored by Romain Courteaud's avatar Romain Courteaud

Fix getSingleCategoryMembershipList in order to handle checked_permission

parameter.


git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@16542 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent be15c414
...@@ -678,7 +678,9 @@ class CategoryTool( UniqueObject, Folder, Base ): ...@@ -678,7 +678,9 @@ class CategoryTool( UniqueObject, Folder, Base ):
security.declareProtected( Permissions.AccessContentsInformation, 'setDefaultCategoryMembership' ) security.declareProtected( Permissions.AccessContentsInformation, 'setDefaultCategoryMembership' )
def setDefaultCategoryMembership(self, context, base_category, default_category, def setDefaultCategoryMembership(self, context, base_category, default_category,
spec=(), filter=None, portal_type=(), base=0 ): spec=(), filter=None,
portal_type=(), base=0,
checked_permission=None ):
""" """
Sets the membership of the context on the specified base_category Sets the membership of the context on the specified base_category
list and for the specified portal_type spec list and for the specified portal_type spec
...@@ -711,10 +713,11 @@ class CategoryTool( UniqueObject, Folder, Base ): ...@@ -711,10 +713,11 @@ class CategoryTool( UniqueObject, Folder, Base ):
self.setCategoryMembership(context, base_category, new_category_list, self.setCategoryMembership(context, base_category, new_category_list,
spec=spec, filter=filter, portal_type=portal_type, base=base, keep_default = 0) spec=spec, filter=filter, portal_type=portal_type, base=base, keep_default = 0)
security.declareProtected( Permissions.AccessContentsInformation, security.declareProtected(Permissions.AccessContentsInformation,
'getSingleCategoryMembershipList' ) 'getSingleCategoryMembershipList')
def getSingleCategoryMembershipList(self, context, base_category, base=0, def getSingleCategoryMembershipList(self, context, base_category, base=0,
spec=(), filter=None, checked_permission=None, **kw): spec=(), filter=None,
checked_permission=None, **kw):
""" """
Returns the local membership of the context for a single base category Returns the local membership of the context for a single base category
represented as a list of relative URLs represented as a list of relative URLs
...@@ -727,47 +730,51 @@ class CategoryTool( UniqueObject, Folder, Base ): ...@@ -727,47 +730,51 @@ class CategoryTool( UniqueObject, Folder, Base ):
base -- if set to 1, returns relative URLs to portal_categories base -- if set to 1, returns relative URLs to portal_categories
if set to 0, returns relative URLs to the base category if set to 0, returns relative URLs to the base category
checked_permission -- a string which defined the permission
to filter the object on
""" """
# XXX We must use filters in the future # XXX We must use filters in the future
# where_expression = self._buildQuery(spec, filter, kw) # where_expression = self._buildQuery(spec, filter, kw)
portal_type = kw.get('portal_type', ()) if spec is ():
if spec is (): spec = portal_type spec = kw.get('portal_type', ())
# Build the ckecked_permission filter # Build the ckecked_permission filter
if checked_permission is None: if checked_permission is not None:
permissionFilter = lambda x: x checkPermission = self.portal_membership.checkPermission
else: def permissionFilter(category):
def permissionFilter(category_list): object = self.unrestrictedTraverse(category)
filtered_category_list = [] if object is not None and checkPermission(checked_permission, object):
checkPermission = self.portal_membership.checkPermission return category
for category in category_list: else:
object = self.unrestrictedTraverse(category) return None
if object is not None and checkPermission(checked_permission, object):
filtered_category_list.append(category)
return filtered_category_list
# We must treat parent in a different way # We must treat parent in a different way
#LOG('getSingleCategoryMembershipList', 0, 'base_category = %s, spec = %s, base = %s, context = %s, context.aq_inner.aq_parent = %s' % (repr(base_category), repr(spec), repr(base), repr(context), repr(context.aq_inner.aq_parent))) #LOG('getSingleCategoryMembershipList', 0, 'base_category = %s, spec = %s, base = %s, context = %s, context.aq_inner.aq_parent = %s' % (repr(base_category), repr(spec), repr(base), repr(context), repr(context.aq_inner.aq_parent)))
if base_category == 'parent': if base_category == 'parent':
parent = context.aq_inner.aq_parent # aq_inner is required to make sure we use containment parent = context.aq_inner.aq_parent # aq_inner is required to make sure we use containment
if parent.portal_type in spec: if parent.portal_type in spec:
if base: parent_relative_url = parent.getRelativeUrl()
return permissionFilter(['parent/' + parent.getRelativeUrl()]) if (checked_permission is None) or \
else: (permissionFilter(parent_relative_url) is not None):
return permissionFilter([parent.getRelativeUrl()]) if base:
return 'parent/%s' % parent_relative_url
else:
return parent_relative_url
#LOG('getSingleCategoryMembershipList', 0, 'not in spec: parent.portal_type = %s, spec = %s' % (repr(parent.portal_type), repr(spec))) #LOG('getSingleCategoryMembershipList', 0, 'not in spec: parent.portal_type = %s, spec = %s' % (repr(parent.portal_type), repr(spec)))
return [] return []
result = []
append = result.append
# XXX We must use filters in the future # XXX We must use filters in the future
# where_expression = self._buildQuery(spec, filter, kw) # where_expression = self._buildQuery(spec, filter, kw)
spec = kw.get('portal_type', ()) result = []
append = result.append
# Make sure spec is a list or tuple # Make sure spec is a list or tuple
if isinstance(spec, str): if isinstance(spec, str):
spec = [spec] spec = [spec]
# Filter categories # Filter categories
if getattr(aq_base(context), 'categories', _marker) is not _marker: if getattr(aq_base(context), 'categories', _marker) is not _marker:
for category_url in self._getCategoryList(context): for category_url in self._getCategoryList(context):
try: try:
index = category_url.index('/') index = category_url.index('/')
...@@ -777,20 +784,22 @@ class CategoryTool( UniqueObject, Folder, Base ): ...@@ -777,20 +784,22 @@ class CategoryTool( UniqueObject, Folder, Base ):
if my_base_category == base_category: if my_base_category == base_category:
#LOG("getSingleCategoryMembershipList",0,"%s %s %s %s" % (context.getRelativeUrl(), #LOG("getSingleCategoryMembershipList",0,"%s %s %s %s" % (context.getRelativeUrl(),
# my_base_category, base_category, category_url)) # my_base_category, base_category, category_url))
if spec is (): if (checked_permission is None) or \
if base: (permissionFilter(category_url) is not None):
append(category_url) if spec is ():
if base:
append(category_url)
else:
append(category_url[len(my_base_category)+1:])
else: else:
append(category_url[len(my_base_category)+1:]) my_reference = self.unrestrictedTraverse(category_url, None)
else: if my_reference is not None:
my_reference = self.unrestrictedTraverse(category_url, None) if my_reference.portal_type in spec:
if my_reference is not None: if base:
if my_reference.portal_type in spec: append(category_url)
if base: else:
append(category_url) append(category_url[len(my_base_category)+1:])
else: return result
append(category_url[len(my_base_category)+1:])
return permissionFilter(result)
security.declareProtected( Permissions.AccessContentsInformation, security.declareProtected( Permissions.AccessContentsInformation,
'getSingleCategoryAcquiredMembershipList' ) 'getSingleCategoryAcquiredMembershipList' )
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment