[CMF-checkins] CVS: CMF/CMFCore - MembershipTool.py:1.38.2.3
Tres Seaver
tseaver at zope.com
Sat Sep 13 11:11:11 EDT 2003
On Sat, 2003-09-13 at 06:38, Yvo Schubbe wrote:
> Update of /cvs-repository/CMF/CMFCore
> In directory cvs.zope.org:/tmp/cvs-serv4994/CMFCore
>
> Modified Files:
> Tag: yuppie-deleteMembers-branch
> MembershipTool.py
> Log Message:
> fixed some Local Role issues:
> - replaced role check by permission check in setLocalRoles
You have changed the use case here: the original code allows
non-managers (in your case, users without the 'ManageUsrs' permission)
to "share" their roles with others (e.g., I can create a document, and
then add you as an "Owner"). I don't know whether the skins surfaced
this feature, however, so this use case may not be important to anyone.
Hmmm, probably not for "normal" content, but the folder_local_roles form
can do this.
Perhaps we could make it::
security.declareProtected(View, 'setLocalRoles')
def setLocalRoles( self, obj, member_ids, member_role, reindex=1 ):
""" Set local roles on an item """
member = self.getAuthenticatedMember()
my_roles = member.getRolesInContext( obj )
if (_checkPermission(ManageUsers, obj)
or member_role in my_roles):
for member_id in member_ids:
....
> - made sure deleteLocalRoles updates objects only if necessary
> - reverted reindex change (there has to be a reindexObjectSecurity method)
Tres.
--
===============================================================
Tres Seaver tseaver at zope.com
Zope Corporation "Zope Dealers" http://www.zope.com
More information about the CMF-checkins
mailing list