Treat user with Manager role as superuser.

b3a8946d · Rafael Monnerat · 66284aff · b3a8946d
Commit b3a8946d authored Jul 27, 2017 by Rafael Monnerat
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 1 deletion

product/ERP5Catalog/CatalogTool.py product/ERP5Catalog/CatalogTool.py +4 -1

No files found.
--- a/product/ERP5Catalog/CatalogTool.py
+++ b/product/ERP5Catalog/CatalogTool.py
@@ -627,6 +627,8 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
      if isinstance(user_str, six.text_type):
        user_str = user_str.encode('utf-8')
      user_is_superuser = (user == system_user) or (user_str == ERP5Security.SUPER_USER)
+      user_is_superuser = (user == system_user) or (user_str == ERP5Security.SUPER_USER) or \
+          ('Manager' in user.getRoles())
      allowedRolesAndUsers = self._listAllowedRolesAndUsers(user)
      role_column_dict = {}
      local_role_column_dict = {}
@@ -751,7 +753,8 @@ class CatalogTool (UniqueObject, ZCatalog, CMFCoreCatalogTool, ActiveObject):
      """
      user = _getAuthenticatedUser(self)
      user_str = user.getIdOrUserName()
-      user_is_superuser = (user == system_user) or (user_str == ERP5Security.SUPER_USER)
+      user_is_superuser = (user == system_user) or (user_str == ERP5Security.SUPER_USER) or \
+          ('Manager' in user.getRoles())
      if user_is_superuser:
        # We need no security check for super user.
        return