From cf1c42a549fe89c8a4cbd6b7c6b26dc6cb7a6e87 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=A9rome=20Perrin?= <jerome@nexedi.com> Date: Wed, 26 Mar 2008 17:13:07 +0000 Subject: [PATCH] Add security for Associate in accounting workflow git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@20165 20353a03-c40f-0410-a6d1-a30d3c3de9de --- .../accounting_workflow/states/confirmed.xml | 5 ++ .../accounting_workflow/states/delivered.xml | 11 ++- .../accounting_workflow/states/draft.xml | 12 +-- .../accounting_workflow/states/planned.xml | 3 + .../accounting_workflow/states/started.xml | 5 +- .../accounting_workflow/states/stopped.xml | 4 +- .../transitions/cancel_accounting_action.xml | 88 +++++++++++++++++++ .../transitions/cancel_action.xml | 8 +- .../transitions/confirm_action.xml | 1 + .../transitions/delete_action.xml | 8 +- .../transitions/plan_action.xml | 1 + .../transitions/start_action.xml | 1 + bt5/erp5_accounting/bt/revision | 2 +- 13 files changed, 121 insertions(+), 28 deletions(-) create mode 100644 bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/transitions/cancel_accounting_action.xml diff --git a/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/states/confirmed.xml b/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/states/confirmed.xml index 27df300b37..05cad140ff 100644 --- a/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/states/confirmed.xml +++ b/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/states/confirmed.xml @@ -74,6 +74,7 @@ <tuple> <string>Assignee</string> <string>Assignor</string> + <string>Associate</string> <string>Auditor</string> <string>Manager</string> <string>Owner</string> @@ -86,6 +87,7 @@ <tuple> <string>Assignee</string> <string>Assignor</string> + <string>Associate</string> <string>Manager</string> </tuple> </value> @@ -96,6 +98,7 @@ <tuple> <string>Assignee</string> <string>Assignor</string> + <string>Associate</string> <string>Manager</string> </tuple> </value> @@ -106,6 +109,7 @@ <tuple> <string>Assignee</string> <string>Assignor</string> + <string>Associate</string> <string>Manager</string> </tuple> </value> @@ -116,6 +120,7 @@ <tuple> <string>Assignee</string> <string>Assignor</string> + <string>Associate</string> <string>Auditor</string> <string>Manager</string> <string>Owner</string> diff --git a/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/states/delivered.xml b/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/states/delivered.xml index 690da7d20f..aff75810a3 100644 --- a/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/states/delivered.xml +++ b/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/states/delivered.xml @@ -51,17 +51,14 @@ <record id="2" aka="AAAAAAAAAAI="> <pickle> <tuple> - <tuple> - <string>Persistence</string> - <string>PersistentMapping</string> - </tuple> - <none/> + <global name="PersistentMapping" module="Persistence.mapping"/> + <tuple/> </tuple> </pickle> <pickle> <dictionary> <item> - <key> <string>_container</string> </key> + <key> <string>data</string> </key> <value> <dictionary> <item> @@ -70,6 +67,7 @@ <tuple> <string>Assignee</string> <string>Assignor</string> + <string>Associate</string> <string>Auditor</string> <string>Manager</string> <string>Owner</string> @@ -100,6 +98,7 @@ <tuple> <string>Assignee</string> <string>Assignor</string> + <string>Associate</string> <string>Auditor</string> <string>Manager</string> </tuple> diff --git a/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/states/draft.xml b/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/states/draft.xml index 9d9231e109..1a1339ec19 100644 --- a/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/states/draft.xml +++ b/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/states/draft.xml @@ -62,17 +62,14 @@ <record id="2" aka="AAAAAAAAAAI="> <pickle> <tuple> - <tuple> - <string>Persistence</string> - <string>PersistentMapping</string> - </tuple> - <none/> + <global name="PersistentMapping" module="Persistence.mapping"/> + <tuple/> </tuple> </pickle> <pickle> <dictionary> <item> - <key> <string>_container</string> </key> + <key> <string>data</string> </key> <value> <dictionary> <item> @@ -106,6 +103,7 @@ <tuple> <string>Assignee</string> <string>Assignor</string> + <string>Associate</string> <string>Manager</string> <string>Owner</string> </tuple> @@ -117,6 +115,7 @@ <tuple> <string>Assignee</string> <string>Assignor</string> + <string>Associate</string> <string>Manager</string> <string>Owner</string> </tuple> @@ -128,6 +127,7 @@ <tuple> <string>Assignee</string> <string>Assignor</string> + <string>Associate</string> <string>Auditor</string> <string>Manager</string> <string>Owner</string> diff --git a/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/states/planned.xml b/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/states/planned.xml index e9f4d761e4..0a0da67bc7 100644 --- a/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/states/planned.xml +++ b/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/states/planned.xml @@ -85,6 +85,7 @@ <tuple> <string>Assignee</string> <string>Assignor</string> + <string>Associate</string> <string>Manager</string> <string>Owner</string> </tuple> @@ -96,6 +97,7 @@ <tuple> <string>Assignee</string> <string>Assignor</string> + <string>Associate</string> <string>Manager</string> <string>Owner</string> </tuple> @@ -107,6 +109,7 @@ <tuple> <string>Assignee</string> <string>Assignor</string> + <string>Associate</string> <string>Manager</string> <string>Owner</string> </tuple> diff --git a/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/states/started.xml b/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/states/started.xml index 3215eb5903..51843f0d51 100644 --- a/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/states/started.xml +++ b/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/states/started.xml @@ -38,7 +38,7 @@ <value> <tuple> <string>cancel</string> - <string>cancel_action</string> + <string>cancel_accounting_action</string> <string>stop</string> <string>stop_action</string> </tuple> @@ -85,7 +85,6 @@ <tuple> <string>Assignee</string> <string>Assignor</string> - <string>Associate</string> <string>Manager</string> </tuple> </value> @@ -96,7 +95,6 @@ <tuple> <string>Assignee</string> <string>Assignor</string> - <string>Associate</string> <string>Manager</string> </tuple> </value> @@ -107,7 +105,6 @@ <tuple> <string>Assignee</string> <string>Assignor</string> - <string>Associate</string> <string>Manager</string> </tuple> </value> diff --git a/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/states/stopped.xml b/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/states/stopped.xml index 6fe2624c92..b46dcddb89 100644 --- a/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/states/stopped.xml +++ b/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/states/stopped.xml @@ -38,7 +38,7 @@ <value> <tuple> <string>cancel</string> - <string>cancel_action</string> + <string>cancel_accounting_action</string> <string>deliver</string> <string>deliver_action</string> <string>restart_action</string> @@ -74,6 +74,7 @@ <tuple> <string>Assignee</string> <string>Assignor</string> + <string>Associate</string> <string>Auditor</string> <string>Manager</string> <string>Owner</string> @@ -110,6 +111,7 @@ <tuple> <string>Assignee</string> <string>Assignor</string> + <string>Associate</string> <string>Auditor</string> <string>Manager</string> </tuple> diff --git a/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/transitions/cancel_accounting_action.xml b/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/transitions/cancel_accounting_action.xml new file mode 100644 index 0000000000..cbada9d0dc --- /dev/null +++ b/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/transitions/cancel_accounting_action.xml @@ -0,0 +1,88 @@ +<?xml version="1.0"?> +<ZopeData> + <record id="1" aka="AAAAAAAAAAE="> + <pickle> + <tuple> + <global name="TransitionDefinition" module="Products.DCWorkflow.Transitions"/> + <tuple/> + </tuple> + </pickle> + <pickle> + <dictionary> + <item> + <key> <string>__ac_local_roles__</string> </key> + <value> + <none/> + </value> + </item> + <item> + <key> <string>actbox_category</string> </key> + <value> <string>workflow</string> </value> + </item> + <item> + <key> <string>actbox_name</string> </key> + <value> <string>Cancel Transaction</string> </value> + </item> + <item> + <key> <string>actbox_url</string> </key> + <value> <string>%(content_url)s/Base_viewWorkflowActionDialog?workflow_action=cancel_accounting_action</string> </value> + </item> + <item> + <key> <string>after_script_name</string> </key> + <value> <string>cancel</string> </value> + </item> + <item> + <key> <string>description</string> </key> + <value> <string>Cancel the transaction, when it already have a meaning from accounting point of view</string> </value> + </item> + <item> + <key> <string>guard</string> </key> + <value> + <persistent> <string encoding="base64">AAAAAAAAAAI=</string> </persistent> + </value> + </item> + <item> + <key> <string>id</string> </key> + <value> <string>cancel_accounting_action</string> </value> + </item> + <item> + <key> <string>new_state_id</string> </key> + <value> <string></string> </value> + </item> + <item> + <key> <string>script_name</string> </key> + <value> <string></string> </value> + </item> + <item> + <key> <string>title</string> </key> + <value> <string></string> </value> + </item> + <item> + <key> <string>trigger_type</string> </key> + <value> <int>1</int> </value> + </item> + </dictionary> + </pickle> + </record> + <record id="2" aka="AAAAAAAAAAI="> + <pickle> + <tuple> + <global name="Guard" module="Products.DCWorkflow.Guard"/> + <tuple/> + </tuple> + </pickle> + <pickle> + <dictionary> + <item> + <key> <string>roles</string> </key> + <value> + <tuple> + <string>Assignee</string> + <string>Assignor</string> + </tuple> + </value> + </item> + </dictionary> + </pickle> + </record> +</ZopeData> diff --git a/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/transitions/cancel_action.xml b/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/transitions/cancel_action.xml index c5b573e523..f6f940d06c 100644 --- a/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/transitions/cancel_action.xml +++ b/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/transitions/cancel_action.xml @@ -67,11 +67,8 @@ <record id="2" aka="AAAAAAAAAAI="> <pickle> <tuple> - <tuple> - <string>Products.DCWorkflow.Guard</string> - <string>Guard</string> - </tuple> - <none/> + <global name="Guard" module="Products.DCWorkflow.Guard"/> + <tuple/> </tuple> </pickle> <pickle> @@ -82,6 +79,7 @@ <tuple> <string>Assignor</string> <string>Assignee</string> + <string>Associate</string> </tuple> </value> </item> diff --git a/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/transitions/confirm_action.xml b/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/transitions/confirm_action.xml index dbba7f0f00..a04a7c0a46 100644 --- a/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/transitions/confirm_action.xml +++ b/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/transitions/confirm_action.xml @@ -79,6 +79,7 @@ <tuple> <string>Assignor</string> <string>Assignee</string> + <string>Associate</string> </tuple> </value> </item> diff --git a/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/transitions/delete_action.xml b/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/transitions/delete_action.xml index 3684a5831d..3ccb3c5e91 100644 --- a/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/transitions/delete_action.xml +++ b/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/transitions/delete_action.xml @@ -67,11 +67,8 @@ <record id="2" aka="AAAAAAAAAAI="> <pickle> <tuple> - <tuple> - <string>Products.DCWorkflow.Guard</string> - <string>Guard</string> - </tuple> - <none/> + <global name="Guard" module="Products.DCWorkflow.Guard"/> + <tuple/> </tuple> </pickle> <pickle> @@ -82,6 +79,7 @@ <tuple> <string>Assignee</string> <string>Assignor</string> + <string>Associate</string> <string>Owner</string> </tuple> </value> diff --git a/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/transitions/plan_action.xml b/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/transitions/plan_action.xml index 57e4c2a002..cc8dcc3a0b 100644 --- a/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/transitions/plan_action.xml +++ b/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/transitions/plan_action.xml @@ -79,6 +79,7 @@ <tuple> <string>Assignor</string> <string>Assignee</string> + <string>Associate</string> <string>Owner</string> </tuple> </value> diff --git a/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/transitions/start_action.xml b/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/transitions/start_action.xml index 279cfac347..6616a6fab0 100644 --- a/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/transitions/start_action.xml +++ b/bt5/erp5_accounting/WorkflowTemplateItem/portal_workflow/accounting_workflow/transitions/start_action.xml @@ -85,6 +85,7 @@ <tuple> <string>Assignee</string> <string>Assignor</string> + <string>Associate</string> </tuple> </value> </item> diff --git a/bt5/erp5_accounting/bt/revision b/bt5/erp5_accounting/bt/revision index 9ecf271983..f95076e1d6 100644 --- a/bt5/erp5_accounting/bt/revision +++ b/bt5/erp5_accounting/bt/revision @@ -1 +1 @@ -660 \ No newline at end of file +662 \ No newline at end of file -- 2.30.9