From 5a03f90bc16a57cde197fc85e7b2d91d00f73f3b Mon Sep 17 00:00:00 2001 From: Vincent Pelletier <vincent@nexedi.com> Date: Wed, 1 Aug 2007 08:12:57 +0000 Subject: [PATCH] Prevent local roles from being acquired outside of Portal object. git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@15409 20353a03-c40f-0410-a6d1-a30d3c3de9de --- product/ERP5/ERP5Site.py | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/product/ERP5/ERP5Site.py b/product/ERP5/ERP5Site.py index 011cb93dbd..abdbdefffb 100644 --- a/product/ERP5/ERP5Site.py +++ b/product/ERP5/ERP5Site.py @@ -208,6 +208,13 @@ class ERP5Site(FolderMixIn, CMFSite): """ return self.index_html() + def _getAcquireLocalRoles(self): + """ + Prevent local roles from being acquired outside of Portal object. + See ERP5Security/__init__.py:mergedLocalRoles . + """ + return False + security.declareProtected(Permissions.ManagePortal, 'enableRefererCheck') def enableRefererCheck(self): """Enable a ReferCheckerBeforeTraverseHook to check users have valid -- 2.30.9