diff --git a/src/collective/z3cform/rolefield/field.py b/src/collective/z3cform/rolefield/field.py index 70856aa..9981130 100644 --- a/src/collective/z3cform/rolefield/field.py +++ b/src/collective/z3cform/rolefield/field.py @@ -1,9 +1,9 @@ # -*- coding: utf-8 -*- -from zope.component import adapts +from zope.component import adapts, getUtility from zope.interface import implementer from zope.interface import Interface -from zope.schema.interfaces import IList +from zope.schema.interfaces import IList, IVocabularyFactory from zope.schema import List, Tuple from zope.interface import Invalid @@ -61,7 +61,7 @@ class LocalRolesToPrincipalsDataManager(AttributeField): """See z3c.form.interfaces.IDataManager""" # set local roles before setting the value so we still have access to the old value roles_to_assign = self.field.roles_to_assign - principal_ids = self.context.acl_users.getUserIds() + self.context.acl_users.getGroupIds() + # ---1 --- first find assigned roles to remove # it is not that easy to remove local roles because no helper method exists for removing # some specific local roles, only a method for removing every local roles for a list of principals... @@ -89,10 +89,17 @@ class LocalRolesToPrincipalsDataManager(AttributeField): self.context.manage_delLocalRoles((principal,)) # ---2 --- now add new local roles added_principals = set(value).difference(set(old_value)) - for added_principal in added_principals: - if not added_principal in principal_ids: - continue - self.context.manage_addLocalRoles(added_principal, roles_to_assign) + + if added_principals: + # get principals, to avoid adding fake ones + factory = getUtility(IVocabularyFactory, 'plone.principalsource.Principals') + principals = factory(self.context) + + for added_principal in added_principals: + if added_principal not in principals: + continue + self.context.manage_addLocalRoles(added_principal, roles_to_assign) + # finally set the value super(LocalRolesToPrincipalsDataManager, self).set(value)