From b73249183bc0f6fc46539aaaee593bf45ae9ff25 Mon Sep 17 00:00:00 2001 From: Vincent Pelletier <vincent@nexedi.com> Date: Mon, 6 Aug 2007 07:28:35 +0000 Subject: [PATCH] Add a warning about suspicious code. git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@15480 20353a03-c40f-0410-a6d1-a30d3c3de9de --- product/ERP5Catalog/CatalogTool.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/product/ERP5Catalog/CatalogTool.py b/product/ERP5Catalog/CatalogTool.py index 8ec77f5f72..28d73103bd 100644 --- a/product/ERP5Catalog/CatalogTool.py +++ b/product/ERP5Catalog/CatalogTool.py @@ -475,6 +475,8 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject): "deprecated. Please update your catalog "\ "business template." if allowedRolesAndUsers: + # XXX: What with this string transformation ?! Souldn't it be done in + # dtml instead ? allowedRolesAndUsers = ["'%s'" % (role, ) for role in allowedRolesAndUsers] security_uid_list = [x.uid for x in method(security_roles_list = allowedRolesAndUsers)] else: -- 2.30.9