Note that I found it to be relevant which object I want to acquire (don't ask me why, though). E.g. going back to my CMFDefault examples, I *can* acquire portal_workflow and portal_url, but I can *not* acquire portal_membership and acl_users from a denied context. Go figure. If I change the test below to "app.wanted = PartlyProtectedSimpleItem3()" the test fails on current 2_7-branch ... Stefan On 12.10.2004, at 19:14, Tres Seaver wrote:
+ def test_no_acquisition_through_paranoid(self): + + # Check that acquisition through a paranoid object is not allowed. + app = App() + app.wanted = UnprotectedSimpleItem() + app.enabling = UnprotectedSimpleItem() + app.blocking = RestrictedSimpleItem() + self.assertPolicyAllows(app.enabling, 'wanted') + self.assertPolicyDenies(app.blocking, 'wanted') +
-- The time has come to start talking about whether the emperor is as well dressed as we are supposed to think he is. /Pete McBreen/