27 Jan
2000
27 Jan
'00
4:44 a.m.
Hi all, I have stumbled across this rather interesting behaviour: Consider a situation where you have a DTML method within a Folder object. For a user-defined role "MyRole" you enable "Delete objects" permission on the Folder. But for the DTML method, you turn off "Acquire permission" and make sure the delete permission is off for everyone (even "Manager"). Why does Zope still allow a user in the "MyRole" group to delete the object? Regards, Chris