Romain Courteaud
2006-09-28 12:39:16 UTC
Hi all,
When you update ERP5Catalog, do not forget to reindex your site completely.
All objects returned by portal_catalog should be 'clickable' to the user, and
that's why we have to use the permission 'View'.
Romain
When you update ERP5Catalog, do not forget to reindex your site completely.
All objects returned by portal_catalog should be 'clickable' to the user, and
that's why we have to use the permission 'View'.
Romain
Author: romain
Date: Thu Sep 28 14:27:44 2006
New Revision: 10394
URL: http://svn.erp5.org?rev=10394&view=rev
Catalog security is based on the permission on 'View' and not on 'Access
Content Permission', which was a major error. Catalog is designed to be
used with the user interface, and every object returned by portal_catalog
should be viewable.
erp5/trunk/products/ERP5Catalog/CatalogTool.py
Modified: erp5/trunk/products/ERP5Catalog/CatalogTool.py
http://svn.erp5.org/erp5/trunk/products/ERP5Catalog/CatalogTool.py?rev=1039
4&r1=10393&r2=10394&view=diff
===========================================================================
=== --- erp5/trunk/products/ERP5Catalog/CatalogTool.py (original)
+++ erp5/trunk/products/ERP5Catalog/CatalogTool.py Thu Sep 28 14:27:44 2006
@@ -95,7 +95,7 @@
withnuxgroups = getSecurityProduct(ob.acl_users)\
== SECURITY_USING_NUX_USER_GROUPS
allowed = {}
allowed[r] = 1
localroles = mergedLocalRoles(ob, withgroups=1)
_______________________________________________
Erp5-report mailing list
Erp5-report at erp5.org
http://www.erp5.org/mailman/listinfo/erp5-report
Date: Thu Sep 28 14:27:44 2006
New Revision: 10394
URL: http://svn.erp5.org?rev=10394&view=rev
Catalog security is based on the permission on 'View' and not on 'Access
Content Permission', which was a major error. Catalog is designed to be
used with the user interface, and every object returned by portal_catalog
should be viewable.
erp5/trunk/products/ERP5Catalog/CatalogTool.py
Modified: erp5/trunk/products/ERP5Catalog/CatalogTool.py
http://svn.erp5.org/erp5/trunk/products/ERP5Catalog/CatalogTool.py?rev=1039
4&r1=10393&r2=10394&view=diff
===========================================================================
=== --- erp5/trunk/products/ERP5Catalog/CatalogTool.py (original)
+++ erp5/trunk/products/ERP5Catalog/CatalogTool.py Thu Sep 28 14:27:44 2006
@@ -95,7 +95,7 @@
withnuxgroups = getSecurityProduct(ob.acl_users)\
== SECURITY_USING_NUX_USER_GROUPS
allowed = {}
allowed[r] = 1
localroles = mergedLocalRoles(ob, withgroups=1)
_______________________________________________
Erp5-report mailing list
Erp5-report at erp5.org
http://www.erp5.org/mailman/listinfo/erp5-report