From 5a03f90bc16a57cde197fc85e7b2d91d00f73f3b Mon Sep 17 00:00:00 2001
From: Vincent Pelletier <vincent@nexedi.com>
Date: Wed, 1 Aug 2007 08:12:57 +0000
Subject: [PATCH] Prevent local roles from being acquired outside of Portal
 object.

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@15409 20353a03-c40f-0410-a6d1-a30d3c3de9de
---
 product/ERP5/ERP5Site.py | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/product/ERP5/ERP5Site.py b/product/ERP5/ERP5Site.py
index 011cb93dbd..abdbdefffb 100644
--- a/product/ERP5/ERP5Site.py
+++ b/product/ERP5/ERP5Site.py
@@ -208,6 +208,13 @@ class ERP5Site(FolderMixIn, CMFSite):
     """
     return self.index_html()
 
+  def _getAcquireLocalRoles(self):
+    """
+      Prevent local roles from being acquired outside of Portal object.
+      See ERP5Security/__init__.py:mergedLocalRoles .
+    """
+    return False
+
   security.declareProtected(Permissions.ManagePortal, 'enableRefererCheck')
   def enableRefererCheck(self):
     """Enable a ReferCheckerBeforeTraverseHook to check users have valid
-- 
2.30.9