check principals against principals vocabulary, not local users (#4387)
This commit is contained in:
parent
28d9781e07
commit
dc2ae2555f
|
@ -1,9 +1,9 @@
|
|||
# -*- coding: utf-8 -*-
|
||||
from zope.component import adapts
|
||||
from zope.component import adapts, getUtility
|
||||
from zope.interface import implementer
|
||||
from zope.interface import Interface
|
||||
|
||||
from zope.schema.interfaces import IList
|
||||
from zope.schema.interfaces import IList, IVocabularyFactory
|
||||
from zope.schema import List, Tuple
|
||||
from zope.interface import Invalid
|
||||
|
||||
|
@ -61,7 +61,7 @@ class LocalRolesToPrincipalsDataManager(AttributeField):
|
|||
"""See z3c.form.interfaces.IDataManager"""
|
||||
# set local roles before setting the value so we still have access to the old value
|
||||
roles_to_assign = self.field.roles_to_assign
|
||||
principal_ids = self.context.acl_users.getUserIds() + self.context.acl_users.getGroupIds()
|
||||
|
||||
# ---1 --- first find assigned roles to remove
|
||||
# it is not that easy to remove local roles because no helper method exists for removing
|
||||
# some specific local roles, only a method for removing every local roles for a list of principals...
|
||||
|
@ -89,10 +89,17 @@ class LocalRolesToPrincipalsDataManager(AttributeField):
|
|||
self.context.manage_delLocalRoles((principal,))
|
||||
# ---2 --- now add new local roles
|
||||
added_principals = set(value).difference(set(old_value))
|
||||
for added_principal in added_principals:
|
||||
if not added_principal in principal_ids:
|
||||
continue
|
||||
self.context.manage_addLocalRoles(added_principal, roles_to_assign)
|
||||
|
||||
if added_principals:
|
||||
# get principals, to avoid adding fake ones
|
||||
factory = getUtility(IVocabularyFactory, 'plone.principalsource.Principals')
|
||||
principals = factory(self.context)
|
||||
|
||||
for added_principal in added_principals:
|
||||
if added_principal not in principals:
|
||||
continue
|
||||
self.context.manage_addLocalRoles(added_principal, roles_to_assign)
|
||||
|
||||
# finally set the value
|
||||
super(LocalRolesToPrincipalsDataManager, self).set(value)
|
||||
|
||||
|
|
Reference in New Issue