From d55d85f6414252807c0e6b21b79fdde0d777e974 Mon Sep 17 00:00:00 2001 From: Vincent Pelletier <vincent@nexedi.com> Date: Tue, 19 Jan 2010 14:13:33 +0000 Subject: [PATCH] Add a Manager proxy role. This fixes cases where a user accesses a bank account of another agency (this can happen for operation imports at country scale). It is safe to set a Manager proxy role on this script as it is called on the only accessed document, so security checks were already done (or bypassed) upon fetching our context. git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@31824 20353a03-c40f-0410-a6d1-a30d3c3de9de --- .../erp5_banking_core/BankAccount_isOpened.xml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/bt5/erp5_banking_core/SkinTemplateItem/portal_skins/erp5_banking_core/BankAccount_isOpened.xml b/bt5/erp5_banking_core/SkinTemplateItem/portal_skins/erp5_banking_core/BankAccount_isOpened.xml index c55e43e21f..9355b2dcdf 100644 --- a/bt5/erp5_banking_core/SkinTemplateItem/portal_skins/erp5_banking_core/BankAccount_isOpened.xml +++ b/bt5/erp5_banking_core/SkinTemplateItem/portal_skins/erp5_banking_core/BankAccount_isOpened.xml @@ -66,6 +66,14 @@ <key> <string>_params</string> </key> <value> <string></string> </value> </item> + <item> + <key> <string>_proxy_roles</string> </key> + <value> + <tuple> + <string>Manager</string> + </tuple> + </value> + </item> <item> <key> <string>errors</string> </key> <value> -- 2.30.9