set loops.Owner role on object creation; do not propagate Owner role to children/resources

2013-01-10 12:58:09 +01:00 · 2013-01-10 12:58:09 +01:00 · 0c8cc8a24e
commit 0c8cc8a24e
parent 2cee73672b
2 changed files with 6 additions and 1 deletions
--- a/security/common.py
+++ b/security/common.py
@ -167,6 +167,9 @@ def setDefaultSecurity(obj, event):
    aObj = adapted(obj)
    setter = ISecuritySetter(aObj)
    setter.setDefaultSecurity()
+    principal = getCurrentPrincipal()
+    if principal is not None:
+        assignOwner(obj, principal.id)


@component.adapter(IConcept, IAssignmentEvent)
--- a/security/setter.py
+++ b/security/setter.py
@ -135,6 +135,7 @@ class LoopsObjectSecuritySetter(BaseSecuritySetter):
        prm = IPrincipalRoleMap(baseObject(source.context))
        for r, p, s in prm.getPrincipalsAndRoles():
            #if p in self.workspacePrincipals:
+            if r != 'loops.Owner':
                if revert:
                    setPrincipalRole(self.principalRoleManager, r, p, Unset)
                else:
@ -203,7 +204,8 @@ class ResourceSecuritySetter(LoopsObjectSecuritySetter):
            vSetters = [ISecuritySetter(adapted(v)) for v in versions]
        prm = IPrincipalRoleMap(baseObject(source.context))
        for r, p, s in prm.getPrincipalsAndRoles():
-            if p in self.workspacePrincipals:
+            #if p in self.workspacePrincipals:
+            if r != 'loops.Owner' and p in self.workspacePrincipals:
                for v in vSetters:
                    if revert:
                        setPrincipalRole(v.principalRoleManager, r, p, Unset)