Am Samstag, 28. Juni 2003 20:07 schrieb Dieter Maurer:
robert wrote at 2003-6-28 16:53 +0200:
... security.setPermissionDefault('Delete ZehnderRequests', ['Manager', 'Owner' ] ... now my problem:
every user has the permission set altough only manager should have it.
what am I doing wrong here ?
There has been a bug with "setPermissionDefault" (search the CVS log to check when it was fixed).
It might (though not very likely) be a difference between a list and a tuple. At other places, a list indicates "include acquisition" while a tuple means "just these roles without acquisition".
Dieter Thanks Dieter, changing to tuples did not help. In fact whatever I do, setting permissions or not, any user (with no role at all) does have the permission set. the script: u = context.acl_users.getUserById('ldf01') return u.has_permission('Delete ZehnderRequests', context['Ticket.2003-06-28.2211'])
always returns 1 any more hints ? robert