On Fri, 26 Mar 1999, John Eikenberry wrote:
Ack... I spoke to soon... but I've figured out a fix and I'd like to bounce it off the group to see if you'd think it'd break anything.
The fix was to modify AccessControl.User.validate()... here's a unified diff showing what I changed...
@@ +390,10 -388,7 @@ # Try to get user user=self.getUser(name) if user is None: + if self._isTop(): + return self._nobody + else: + return None - return None
Key: self._nobody returns the Anonymous User object self.getUser tries to get the user object from an acl_users folder
The problem I was having, was that validate() was getting passed the authentication information for the person who was defined in a subfolder which it didn't have access to... so... the validate would return none, which would raise the Unauthorized error. By having it return the Anonymous User object (only at the top level), it allows access to public areas without sacrificing security.
Does this make sense... does anyone see any potential problems?
Found a big one myself. Turned out 'Anonymous User' could get access to almost any part of the site with this... opps. ;) Here's a new version, I'll just enclose the source as the diff above points to the place in Zope. # Try to get user user=self.getUser(name) if user is None: nobody=self._nobody if self._isTop() and nobody.allowed(parent, roles): ob=nobody.__of__(self) return ob else: return None --- John Eikenberry [jae@kavi.com - http://taos.kavi.com/~jae/] ______________________________________________________________ "A society that will trade a little liberty for a little order will deserve neither and lose both." --B. Franklin