Post by bartekHello
If I am writing a Product class and I need to check something in the
portal_catalog, but bypassing security restrictions - is delegation to a
Script (Python) with proxy roles the only way to do it, or can it be
done from the class?
Using proxy roles on scripts does not help since catalog and SQL methods are
use the user security context.
Have a look to aq_dynamic of WebSection.py for an example of solution.
Another way is to add a method to catalog (ERP5 Catalog)
unrestrictedSearchResults
unrestrictedCountResults
which does not take into account allowedRoles and users. I do not know if
this is already implemented or not but it is generallt agreed to be
needed.
This method could be called from a script with proxy roles
JPS.
Post by bartekBartek
_______________________________________________
Erp5-dev mailing list
Erp5-dev at erp5.org
http://erp5.org/mailman/listinfo/erp5-dev
--
Jean-Paul Smets-Solanes, Nexedi CEO - Tel. +33(0)6 62 05 76 14
Nexedi: Consulting and Development of Libre / Open Source Software
http://www.nexedi.com
ERP5: Libre/ Open Source ERP Software for small and medium companies
http://www.erp5.org
Rentalinux: Desktop Linux Server
http://www.rentalinux.com