From f4a9ac0429301bd735d46025a77546c45feb15e9 Mon Sep 17 00:00:00 2001
From: Julien Muchembled <jm@nexedi.com>
Date: Tue, 19 Apr 2016 16:22:30 +0200
Subject: [PATCH] ERP5Type: remove buggy/useless cache for the owner of temp
 objects

Caching the current user during the transaction breaks code that changes user.
getSecurityManager().getUser().getId() is anyway already so fast, and it is
here called so rarely, that it's not worth caching the result.
---
 product/ERP5Type/ERP5Type.py | 25 +++++--------------------
 1 file changed, 5 insertions(+), 20 deletions(-)

diff --git a/product/ERP5Type/ERP5Type.py b/product/ERP5Type/ERP5Type.py
index d59000a678..2405a44b4d 100644
--- a/product/ERP5Type/ERP5Type.py
+++ b/product/ERP5Type/ERP5Type.py
@@ -38,7 +38,6 @@ from Products.ERP5Type.XMLObject import XMLObject
 from Products.ERP5Type.Cache import CachingMethod
 from Products.ERP5Type.dynamic.accessor_holder import getPropertySheetValueList, \
     getAccessorHolderList
-from Products.ERP5Type.TransactionalVariable import getTransactionalVariable
 
 ERP5TYPE_SECURITY_GROUP_ID_GENERATION_SCRIPT = 'ERP5Type_asSecurityGroupId'
 
@@ -49,24 +48,6 @@ from sys import exc_info
 from zLOG import LOG, ERROR
 from Products.CMFCore.exceptions import zExceptions_Unauthorized
 
-def getCurrentUserIdOrAnonymousToken():
-  """Return connected user_id or simple token for
-  Anonymous users in scope of transaction.
-  """
-  tv = getTransactionalVariable()
-  USER_ID_KEY = '_user_id'
-  ANONYMOUS_OWNER_ROLE_VALUE = 'Anonymous Owner'
-  try:
-    return tv[USER_ID_KEY]
-  except KeyError:
-    user = getSecurityManager().getUser()
-    if user is not None:
-      user_id = user.getId()
-    else:
-      user_id = ANONYMOUS_OWNER_ROLE_VALUE
-    tv[USER_ID_KEY] = user_id
-    return user_id
-
 class LocalRoleAssignorMixIn(object):
     """Mixin class used by type informations to compute and update local roles
     """
@@ -392,7 +373,11 @@ class ERP5TypeInformation(XMLObject,
       if temp_object:
         # Setup only Owner local role on Document like
         # container._setObject(set_owner=True) does.
-        user_id = getCurrentUserIdOrAnonymousToken()
+        user = getSecurityManager().getUser()
+        if user is not None:
+          user_id = user.getId()
+        else:
+          user_id = 'Anonymous Owner'
         ob.manage_setLocalRoles(user_id, ['Owner'])
       else:
         if activate_kw is not None:
-- 
2.30.9