Jean Jordaan wrote at 2003-7-18 16:35 +0200:

For the second time in a couple of months, I found myself wrestling with security on FSPythonScripts (and eventually thinking hell with it, and just moving the functionality to a class method). Anyway, I found this, which looks like an inconsistency between docs and implementation:

In ProductContext.registerClass the docstring says:

permissions -- Additional permissions to be registered If not provided, then permissions defined in the class will be registered.

However, registerClass only handles permissions that are passed in:

if permissions:

It doesn't look at permissions defined in the class at all. Am I missing something?

I think these permissions are registered already be "InitializeClass". There should be no need for "registerClass" to do something special for this.

The reason I thought this matters is that this works fine in a CMF .metadata file: ... but this doesn't:

""" [security] Use LDAPService=1:Anonymous """

AccessControl.Role.manage_permission complains: "Invalid Permission: The permission <em>Use LDAPService</em> is invalid." The permission does, however, show up on the ZMI security tab, and if I set it for Anonymous on a parent of the script, the script executes fine.

This indicates for me that "Use LDAPService" has been registered. I would debug why "manage_permission" complains. Dieter