give read access to tasks on basis of the "treated by" attribute (#4516)

2014-05-12 13:54:15 +02:00 · 2014-05-12 13:54:15 +02:00 · a41d361ce3
parent 2eac1186ba
commit a41d361ce3
1 changed files with 7 additions and 5 deletions
--- a/src/pfwbged/policy/subscribers/document.py
+++ b/src/pfwbged/policy/subscribers/document.py
@ -383,12 +383,14 @@ def set_permissions_on_task_on_add(context, event):
    if not document:
        return

+    if not hasattr(document, 'treated_by') or not document.treated_by:
+        return
+
    with api.env.adopt_user('admin'):
-        for user_id, roles in document.get_local_roles():
-            if 'Reader' in roles or 'Editor' in roles:
-                context.manage_addLocalRoles(user_id, ['Reader'])
-                context.reindexObjectSecurity()
-                context.reindexObject(idxs=['allowedRolesAndUsers'])
+        for user_id in document.treated_by:
+            context.manage_addLocalRoles(user_id, ['Reader'])
+            context.reindexObjectSecurity()
+            context.reindexObject(idxs=['allowedRolesAndUsers'])

        document.reindexObject(idxs=['allowedRolesAndUsers'])