10 Mar
2005
10 Mar
'05
6:33 p.m.
Malcolm Cleaton wrote at 2005-3-10 10:07 +0000:
...
It should not be necessary:
A user should not be able to access any *protected* (!) object outside the subhierarchy governed by the user folder that authenticated the user.
But maybe, we have a bug (and "aq_inContextOf" does not work as expected).
Yes, this shouldn't be necessary, and it looks like it's a bug.
Looks to me like the bug is in User.py's allowed method. Quite simply, when it checks for the Authenticated role, it doesn't call self._check_context, so never attempts to detect and foil acquisition tricks. Unless I'm missing something, it should be a quick and easy fix.
You are right! -- Dieter