Commit 6f1921a8 authored by Rafael Monnerat's avatar Rafael Monnerat

product/SlapOS: Allow user to login with a shadow user created on the same transaction

  This allow during a subscription process, create a user and them create all
  documents using that user w/o rely on proxy roles (keeping good ownership
  across the documents).
parent 005b4686
......@@ -40,6 +40,7 @@ from Products.ERP5Security.ERP5GroupManager import NO_CACHE_MODE
from Products.ERP5Type.Cache import CachingMethod
from Products.ERP5Security.ERP5LoginUserManager import SYSTEM_USER_USER_NAME,\
SPECIAL_USER_NAME_SET
from Products.ERP5Type.TransactionalVariable import getTransactionalVariable
# some usefull globals
LOGIN_PREFIX = 'SHADOW-'
......@@ -252,6 +253,31 @@ class SlapOSShadowAuthenticationPlugin(BasePlugin):
]
# END OF CUSTOM CODE
if getTransactionalVariable()["transactional_user"] is not None:
person = getTransactionalVariable()["transactional_user"]
erp5_login = person.objectValues("ERP5 Login")[0]
if (id is not None and person.getUserId() == id[0]):
result.append({
'id': LOGIN_PREFIX + person.getUserId(),
# Note: PAS forbids us from returning more than one entry per given id,
# so take any available login.
'login': LOGIN_PREFIX + erp5_login.getReference(),
'pluginid': plugin_id,
# Extra properties, specific to ERP5
'path': person.getPath(),
'uid': person.getUid(),
'login_list': [
{
'reference': LOGIN_PREFIX + erp5_login.getReference(),
'path': erp5_login.getRelativeUrl(),
'uid': erp5_login.getPath(),
}
],
})
return tuple(result)
#List implementation of class
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment