check principals against principals vocabulary, not local users (#4387)

2014-03-05 13:18:41 +01:00 · 2014-03-05 13:18:41 +01:00 · dc2ae2555f
parent 28d9781e07
commit dc2ae2555f
1 changed files with 14 additions and 7 deletions
--- a/src/collective/z3cform/rolefield/field.py
+++ b/src/collective/z3cform/rolefield/field.py
@ -1,9 +1,9 @@
 # -*- coding: utf-8 -*-
-from zope.component import adapts
+from zope.component import adapts, getUtility
 from zope.interface import implementer
 from zope.interface import Interface

-from zope.schema.interfaces import IList
+from zope.schema.interfaces import IList, IVocabularyFactory
 from zope.schema import List, Tuple
 from zope.interface import Invalid

@ -61,7 +61,7 @@ class LocalRolesToPrincipalsDataManager(AttributeField):
        """See z3c.form.interfaces.IDataManager"""
        # set local roles before setting the value so we still have access to the old value
        roles_to_assign = self.field.roles_to_assign
-        principal_ids = self.context.acl_users.getUserIds() + self.context.acl_users.getGroupIds()
+
        # ---1 --- first find assigned roles to remove
        # it is not that easy to remove local roles because no helper method exists for removing
        # some specific local roles, only a method for removing every local roles for a list of principals...
@ -89,10 +89,17 @@ class LocalRolesToPrincipalsDataManager(AttributeField):
                    self.context.manage_delLocalRoles((principal,))
        # ---2 --- now add new local roles
        added_principals = set(value).difference(set(old_value))
-        for added_principal in added_principals:
-            if not added_principal in principal_ids:
-                continue
-            self.context.manage_addLocalRoles(added_principal, roles_to_assign)
+
+        if added_principals:
+            # get principals, to avoid adding fake ones
+            factory = getUtility(IVocabularyFactory, 'plone.principalsource.Principals')
+            principals = factory(self.context)
+
+            for added_principal in added_principals:
+                if added_principal not in principals:
+                    continue
+                self.context.manage_addLocalRoles(added_principal, roles_to_assign)
+
        # finally set the value
        super(LocalRolesToPrincipalsDataManager, self).set(value)