8 Sep
2001
8 Sep
'01
5:35 p.m.
Mark N. Gibson writes:
DM: ... I doubt that "User.has_permission" uses the authenticated user and not its "*self" .... Here's the code for has_permission from the BasicUser Class
def has_permission(self, permission, object): """Check to see if a user has a given permission on an object.""" return getSecurityManager().checkPermission(permission, object)
Draw your own conclusions. You convinced me.
A severe bug in my view -- very unintuitive, probably not documented... Something for the collector... Dieter