Tres Seaver wrote:
IIRC, if you had scripta calling scriptb, you used to be able to give scripta a proxy role and scriptb would also execute with that role. However, again IIRC, in current Zope releases, if you give scripta a proxy role, when it calls scriptb, scriptb will just run with the roles of the current user.
Have I got this right? If so, I wonder why the change was made...
The only change I recall to how proxy roles work is that proxy roles used to *augment* a users' roles; now they *replace* them.
Yeah, I wonder if that means if you give it a proxy role of manager, it looses all other roles?
I don't know that the case you are talking about (S1 has proxy roles, calls protected S2 fine,
Okay, S2 here is "some permission-protected method where the current user doesn't have the required permission"...
but fails when calling PR-less S3 which calls S2) ever worked under either scenario.
Oh well, I could have sworn it did at one point :-/
Proxy roles have always only been checked for the "topmost" object on the executable stack (S1 in the first example, S2 in the second).
Is it something worth adding as a feature request or are there security implications I'm missing? Chris -- Simplistix - Content Management, Zope & Python Consulting - http://www.simplistix.co.uk