Use Base_checkPermission to prevent security issues...

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@23135 20353a03-c40f-0410-a6d1-a30d3c3de9de

Use Base_checkPermission to prevent security issues...
git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@23135 20353a03-c40f-0410-a6d1-a30d3c3de9de
05027171 · Rafael Monnerat · ce48ea3e · 05027171 · 05027171 · 05027171
Commit 05027171 authored Aug 25, 2008 by Rafael Monnerat
3 changed files
--- a/bt5/erp5_crm/ActionTemplateItem/portal_types/Support%20Request/jump_related_bug.xml
+++ b/bt5/erp5_crm/ActionTemplateItem/portal_types/Support%20Request/jump_related_bug.xml
@@ -97,7 +97,7 @@ string:${object_url}/Base_jumpToRelatedObject?base_category=follow_up&portal_typ
      <dictionary>
        <item>
            <key> <string>text</string> </key>
-            <value> <string>python:getattr(portal, \'support_request_module\', None) is not None</string> </value>
+            <value> <string>python: portal.Base_checkPermission(\'bug_module\', \'View\')</string> </value>
        </item>
      </dictionary>
    </pickle>

--- a/bt5/erp5_crm/ActionTemplateItem/portal_types/Support%20Request/new_bug.xml
+++ b/bt5/erp5_crm/ActionTemplateItem/portal_types/Support%20Request/new_bug.xml
@@ -93,7 +93,7 @@
      <dictionary>
        <item>
            <key> <string>text</string> </key>
-            <value> <string>python: getattr(here,\'bug_module\', None) is not None</string> </value>
+            <value> <string>python: portal.Base_checkPermission(\'bug_module\', \'Add portal content\')</string> </value>
        </item>
      </dictionary>
    </pickle>

--- a/bt5/erp5_crm/bt/revision
+++ b/bt5/erp5_crm/bt/revision
-292
\ No newline at end of file
+293
\ No newline at end of file