Tony Tocco writes:
While adjusting security and roles I noticed some behavior that concerns me a little. If you create a new role, assign it some rights, delete that role, then recreate a new role with that same name, it retains the rights of the deleted role. Put it into the Collector - seems to be a bug.
Is there an easy way to remove this information? Are there other scenarios like this that might cause the system to gather useless data? I fear it will not be too easy.
I looked at the code in "AccessControl.Permission". It is not easy. It would take me some time to understand what happens there. If you are lucky, then all base information is contained in declarations of the form: _<mangled_permission_name>_Permission= <role tuple> If I had your problem, I would use "ZopeFind" to locate all objects, look at all permission declarations that have the form above and remove the role to be deleted. As mentioned, permission mapping information may be hidden in other attributes, too. Then the algorithm above would not be complete. Dieter