This document contains comments from migrating a very old ERP5 site with
old security to PAS based + roles based security model.
Table of Contents
Migration Script¶
I wrote the following script (not the most beautiful):
types_tool = context.portal_types
if ptype:
ptype = types_tool[ptype]
ptype.updateRoleMapping()
return
portal = context.getPortalObject()
for ptype in types_tool.objectIds():
portal.person_module.activate(activity='SQLQueue').ERP5Site_updateRoleMapping(ptype=ptype)
return "done"
Results:¶
- Worked.
- I had to remove some useless reindexObject and immediateReindexObject activities.
- I wonder why activate() does not work on a portal object (too bad).
- In my opinion, upgrading securities in an ERP5 Site should be a bit easier.
Recommendations¶
-
Make sure that the updateRoleMapping does not generate too many reindexing
activities (1 reindexObject per object is probably enough for a mass upgrade).
Or maybe even better, prevent reindexing in such a case. Or maybe better,
write a reindexing script such as ERP5Site_reindexAll which also upgrades
security (and does not generate more reindexing messages).
- make reindexing of large folders a bit better (ie. by splitting the reindexing on each component of the folder) - I already committed this
In the end, I would like to be able to massively upgrade the security of a site without pain and in real time.
Related Articles¶