From 0c8cc8a24e1c64b8ec87479aa4c03e1e69bf99c8 Mon Sep 17 00:00:00 2001 From: Helmut Merz Date: Thu, 10 Jan 2013 12:58:09 +0100 Subject: [PATCH] set loops.Owner role on object creation; do not propagate Owner role to children/resources --- security/common.py | 3 +++ security/setter.py | 4 +++- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/security/common.py b/security/common.py index ba67833..f3b1b07 100644 --- a/security/common.py +++ b/security/common.py @@ -167,6 +167,9 @@ def setDefaultSecurity(obj, event): aObj = adapted(obj) setter = ISecuritySetter(aObj) setter.setDefaultSecurity() + principal = getCurrentPrincipal() + if principal is not None: + assignOwner(obj, principal.id) @component.adapter(IConcept, IAssignmentEvent) diff --git a/security/setter.py b/security/setter.py index b61e41f..f0bec54 100644 --- a/security/setter.py +++ b/security/setter.py @@ -135,6 +135,7 @@ class LoopsObjectSecuritySetter(BaseSecuritySetter): prm = IPrincipalRoleMap(baseObject(source.context)) for r, p, s in prm.getPrincipalsAndRoles(): #if p in self.workspacePrincipals: + if r != 'loops.Owner': if revert: setPrincipalRole(self.principalRoleManager, r, p, Unset) else: @@ -203,7 +204,8 @@ class ResourceSecuritySetter(LoopsObjectSecuritySetter): vSetters = [ISecuritySetter(adapted(v)) for v in versions] prm = IPrincipalRoleMap(baseObject(source.context)) for r, p, s in prm.getPrincipalsAndRoles(): - if p in self.workspacePrincipals: + #if p in self.workspacePrincipals: + if r != 'loops.Owner' and p in self.workspacePrincipals: for v in vSetters: if revert: setPrincipalRole(v.principalRoleManager, r, p, Unset)