Commit 5cfc9d7e authored by Nicolas Delaby's avatar Nicolas Delaby

Generate allowRoleAndUsers with Role only if View permission. This patch...

Generate allowRoleAndUsers with Role only if View permission. This patch should reduce entries in roles_and_users table.

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@19108 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent c3fb98cd
...@@ -150,19 +150,19 @@ class IndexableObjectWrapper(CMFCoreIndexableObjectWrapper): ...@@ -150,19 +150,19 @@ class IndexableObjectWrapper(CMFCoreIndexableObjectWrapper):
allowed[user] = 1 allowed[user] = 1
else: else:
allowed['user:' + user] = 1 allowed['user:' + user] = 1
# Added for ERP5 project by JP Smets # Added for ERP5 project by JP Smets
# The reason why we do not want to keep Owner is because we are # The reason why we do not want to keep Owner is because we are
# trying to reduce the number of security definitions # trying to reduce the number of security definitions
# However, this is a bad idea if we start to use Owner role # However, this is a bad idea if we start to use Owner role
# as a kind of bamed Assignee and if we need it for worklists. Therefore # as a kind of bamed Assignee and if we need it for worklists. Therefore
# we may sometimes catalog the owner user ID whenever the Owner # we may sometimes catalog the owner user ID whenever the Owner
# has view permission (see getAllowedRolesAndUsers bellow # has view permission (see getAllowedRolesAndUsers bellow
# as well as getViewPermissionOwner method in Base) # as well as getViewPermissionOwner method in Base)
if role != 'Owner': if role != 'Owner':
if withnuxgroups: if withnuxgroups:
allowed[user + ':' + role] = 1 allowed[user + ':' + role] = 1
else: else:
allowed['user:' + user + ':' + role] = 1 allowed['user:' + user + ':' + role] = 1
if allowed.has_key('Owner'): if allowed.has_key('Owner'):
del allowed['Owner'] del allowed['Owner']
return list(allowed.keys()) return list(allowed.keys())
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment