Solve bug fix related to the security, from the xml-rpc request

bzr revid: mga@tinyerp.com-989c493dac84d2822e6e158097ac865dbe7d0aac
2008-07-08 06:42:02 +00:00 · 2008-07-08 06:42:02 +00:00 · f8262137d2
parent 7899c261ce
commit f8262137d2
1 changed files with 7 additions and 3 deletions
--- a/bin/service/security.py
+++ b/bin/service/security.py
@ -48,9 +48,9 @@ def check_super(passwd):
 		raise Exception('AccessDenied')
 	
 def check(db, uid, passwd):
-	# XXX FIXME: this should be db dependent
-	if _uid_cache.has_key(uid) and (_uid_cache[uid]==passwd):
+	if _uid_cache.get(db, {}).get(uid) == passwd:
 		return True
+		
 	cr = pooler.get_db(db).cursor()
 	cr.execute('select count(*) from res_users where id=%d and password=%s', (int(uid), passwd))
 	res = cr.fetchone()[0]
@ -58,7 +58,11 @@ def check(db, uid, passwd):
 	if not bool(res):
 		raise Exception('AccessDenied')
 	if res:
-		_uid_cache[uid] = passwd
+		if _uid_cache.has_key(db):
+			ulist = _uid_cache[db]
+			ulist[uid] = passwd
+		else:
+			_uid_cache[db] = {uid:passwd}
 	return bool(res)

 def access(db, uid, passwd, sec_level, ids):