Added a security policy which is able to combine parent (for group) and no...

Added a security policy which is able to combine parent (for group) and no parent (for the rest). It can be useful to generate groups such as AF-ACC-MAN_NXD* (any accounting manager in Nexedi group) for users

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@14836 20353a03-c40f-0410-a6d1-a30d3c3de9de

product/ERP5/bootstrap/erp5_core/ExtensionTemplateItem/StandardSecurity.py

@@ -27,7 +27,8 @@
 
 from Products.ERP5Security.ERP5GroupManager import ConsistencyError
 
-def getSecurityCategoryFromAssignment(self, base_category_list, user_name, object, portal_type, child=0):
+def getSecurityCategoryFromAssignment(self, base_category_list, user_name, object, portal_type,
+                                      child_category_list=[]):
   """
   This script returns a list of dictionaries which represent
   the security groups which a person is member of. It extracts
@@ -72,7 +73,7 @@ def getSecurityCategoryFromAssignment(self, base_category_list, user_name, objec
         category_value_list = assignment.getValueList(base_category)
         if category_value_list:
           for category_value in category_value_list:
-            if child:
+            if base_category in child_category_list:
               if category_value.getPortalType() == 'Category':
                 while category_value.getPortalType() == 'Category':
                   category_dict.setdefault(base_category, []).append('%s*' % category_value.getRelativeUrl())
@@ -89,4 +90,9 @@ def getSecurityCategoryFromAssignment(self, base_category_list, user_name, objec
 def getSecurityCategoryFromAssignmentParent(self, base_category_list,
                                        user_name, object, portal_type):
   return getSecurityCategoryFromAssignment(self, base_category_list,
-                                       user_name, object, portal_type, child=1)
+                                       user_name, object, portal_type, child_category_list=base_category_list)
+
+def getSecurityCategoryFromAssignmentParentGroup(self, base_category_list,
+                                       user_name, object, portal_type):
+  return getSecurityCategoryFromAssignment(self, base_category_list,
+                                       user_name, object, portal_type, child_category_list=('group',))

product/ERP5/bootstrap/erp5_core/SkinTemplateItem/portal_skins/erp5_core/ERP5Type_getSecurityCategoryFromAssignmentParentGroup.xml

+<?xml version="1.0"?>
+<ZopeData>
+  <record id="1" aka="AAAAAAAAAAE=">
+    <pickle>
+      <tuple>
+        <tuple>
+          <string>Products.ExternalMethod.ExternalMethod</string>
+          <string>ExternalMethod</string>
+        </tuple>
+        <none/>
+      </tuple>
+    </pickle>
+    <pickle>
+      <dictionary>
+        <item>
+            <key> <string>__ac_local_roles__</string> </key>
+            <value>
+              <none/>
+            </value>
+        </item>
+        <item>
+            <key> <string>_function</string> </key>
+            <value> <string>getSecurityCategoryFromAssignmentParentGroup</string> </value>
+        </item>
+        <item>
+            <key> <string>_module</string> </key>
+            <value> <string>StandardSecurity</string> </value>
+        </item>
+        <item>
+            <key> <string>_owner</string> </key>
+            <value>
+              <none/>
+            </value>
+        </item>
+        <item>
+            <key> <string>id</string> </key>
+            <value> <string>ERP5Type_getSecurityCategoryFromAssignmentParentGroup</string> </value>
+        </item>
+        <item>
+            <key> <string>title</string> </key>
+            <value> <string></string> </value>
+        </item>
+      </dictionary>
+    </pickle>
+  </record>
+</ZopeData>