Chris Withers <chris@simplistix.co.uk> wrote:
A, B and C are folders nested in each other i.e. A/B/C. A user does not have access to A and B but he does have access to C. If getObject uses restrictedTraverse it returns None immediately when traversing A, even though the user is allowed to access C. If getObject was working properly it would have returned C.
Ah, okay, I thought that's what you meant, but I hoped it wasn't. The fact that you expect this to work is a bug in Zope's security machinery, IMHO, but sadly only IMHO it appears.
Huh? That's fundamental to Zope's security model.
I would have no problem with the above behaviour if getObject raised Unauthorized rather than returned None.
Your patch still had it returning None, IIRC, why did it do that?
The rest of the discussion basically boils down to figure out if the user is allowed to access C or not.
Yep, personally I reckon EVRYTHING should behave like restrictedTraverse, but as I said, that appears to just be me...
Well, you must be the only one who never had a need for security restrictions elsewhere than at the root of the site. Florent -- Florent Guillaume, Nuxeo (Paris, France) CTO, Director of R&D +33 1 40 33 71 59 http://nuxeo.com fg@nuxeo.com