From d55d85f6414252807c0e6b21b79fdde0d777e974 Mon Sep 17 00:00:00 2001
From: Vincent Pelletier <vincent@nexedi.com>
Date: Tue, 19 Jan 2010 14:13:33 +0000
Subject: [PATCH] Add a Manager proxy role.

This fixes cases where a user accesses a bank account of another agency
(this can happen for operation imports at country scale).

It is safe to set a Manager proxy role on this script as it is called on
the only accessed document, so security checks were already done (or
bypassed) upon fetching our context.


git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@31824 20353a03-c40f-0410-a6d1-a30d3c3de9de
---
 .../erp5_banking_core/BankAccount_isOpened.xml            | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/bt5/erp5_banking_core/SkinTemplateItem/portal_skins/erp5_banking_core/BankAccount_isOpened.xml b/bt5/erp5_banking_core/SkinTemplateItem/portal_skins/erp5_banking_core/BankAccount_isOpened.xml
index c55e43e21f..9355b2dcdf 100644
--- a/bt5/erp5_banking_core/SkinTemplateItem/portal_skins/erp5_banking_core/BankAccount_isOpened.xml
+++ b/bt5/erp5_banking_core/SkinTemplateItem/portal_skins/erp5_banking_core/BankAccount_isOpened.xml
@@ -66,6 +66,14 @@
             <key> <string>_params</string> </key>
             <value> <string></string> </value>
         </item>
+        <item>
+            <key> <string>_proxy_roles</string> </key>
+            <value>
+              <tuple>
+                <string>Manager</string>
+              </tuple>
+            </value>
+        </item>
         <item>
             <key> <string>errors</string> </key>
             <value>
-- 
2.30.9