Commit 5e7f9ff3 authored by Jérome Perrin's avatar Jérome Perrin

Base_getPreferredSectionItemList : don't return deleted or invalidated...

Base_getPreferredSectionItemList : don't return deleted or invalidated sections, and prevent some security problems with deleted organisations.

git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@23484 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent 30f1f662
...@@ -69,7 +69,10 @@ ...@@ -69,7 +69,10 @@
context.portal_preferences.getPreferredAccountingTransactionSectionCategory() \n context.portal_preferences.getPreferredAccountingTransactionSectionCategory() \n
\n \n
section_value = context.portal_categories.resolveCategory(section)\n section_value = context.portal_categories.resolveCategory(section)\n
value_list = section_value.getGroupRelatedValueList(portal_type=portal_type)\n value_list = section_value.getGroupRelatedValueList(portal_type=portal_type,\n
checked_permission=\'View\')\n
value_list = [r for r in value_list\n
if r.getProperty(\'validation_state\') not in (\'invalidated\', \'deleted\')]\n
\n \n
# convert to ListField format\n # convert to ListField format\n
return [(\'\', \'\')] + [(obj.getTitle(), obj.getRelativeUrl()) for obj in value_list]\n return [(\'\', \'\')] + [(obj.getTitle(), obj.getRelativeUrl()) for obj in value_list]\n
...@@ -130,6 +133,7 @@ return [(\'\', \'\')] + [(obj.getTitle(), obj.getRelativeUrl()) for obj in value ...@@ -130,6 +133,7 @@ return [(\'\', \'\')] + [(obj.getTitle(), obj.getRelativeUrl()) for obj in value
<string>append</string> <string>append</string>
<string>$append0</string> <string>$append0</string>
<string>_getiter_</string> <string>_getiter_</string>
<string>r</string>
<string>obj</string> <string>obj</string>
</tuple> </tuple>
</value> </value>
...@@ -153,6 +157,12 @@ return [(\'\', \'\')] + [(obj.getTitle(), obj.getRelativeUrl()) for obj in value ...@@ -153,6 +157,12 @@ return [(\'\', \'\')] + [(obj.getTitle(), obj.getRelativeUrl()) for obj in value
<key> <string>id</string> </key> <key> <string>id</string> </key>
<value> <string>Base_getPreferredSectionItemList</string> </value> <value> <string>Base_getPreferredSectionItemList</string> </value>
</item> </item>
<item>
<key> <string>uid</string> </key>
<value>
<none/>
</value>
</item>
<item> <item>
<key> <string>warnings</string> </key> <key> <string>warnings</string> </key>
<value> <value>
......
954 955
\ No newline at end of file \ No newline at end of file
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment