Jérome Perrin
2008-02-29 18:51:37 UTC
Author: bartek
Date: Mon Feb 18 15:49:28 2008
New Revision: 19359
URL: http://svn.erp5.org?rev=19359&view=rev
get acquired membership too
erp5/trunk/products/ERP5/bootstrap/erp5_core/SkinTemplateItem/portal_skins/erp5_core/ERP5Type_getSecurityCategoryFromArrow.xml
for base_category in base_category_list:\n
- category_list.append({base_category: object.getCategoryMembershipList(base_category)})\n
+ category_list.append({base_category: object.getAcquiredCategoryMembershipList(base_category)})\n
Hello,Date: Mon Feb 18 15:49:28 2008
New Revision: 19359
URL: http://svn.erp5.org?rev=19359&view=rev
get acquired membership too
erp5/trunk/products/ERP5/bootstrap/erp5_core/SkinTemplateItem/portal_skins/erp5_core/ERP5Type_getSecurityCategoryFromArrow.xml
for base_category in base_category_list:\n
- category_list.append({base_category: object.getCategoryMembershipList(base_category)})\n
+ category_list.append({base_category: object.getAcquiredCategoryMembershipList(base_category)})\n
The problem with a security based on acquired categories is that you
won't be able to easily regenerate local roles when a category is
changed. When the category is set on the document, we usually add an
interaction workflow on set.* to update local roles. If the category is
acquired from another document, the interaction workflow must be on the
other document, and all documents acquiring values from the other must
be updated. Finding "all documents acquiring values from a document" is
not possible, they can only be guessed in an ad-hoc way.
For safety / consistency with existing API, we should keep the old
ERP5Type_getSecurityCategoryFromArrow behaviour and introduce a new
script using acquired categories,
"ERP5Type_getSecurityCategoryFromAcquiredArrow".
I did this in r19639, but this can still be discussed if you want.
J?rome