"roles" argument to validate/ authorize
Can anyone tell me what the argument "roles" to the methods validate and authorize is supposed to be? This is sort of a followup to the thread about exUserFolder that Andrew Milton got stuck answering all on his own (thanks :-), but I have a feeling there is a more general explanation... The reason I ask is that I suspect that a previous developer has done something that has made "roles" contain 'Anonymous user' when it should not, and that this interferes with the propper functioning of login at our sites. Among other things we have our own virtual host system, and several products including document types, so there is scope for a lot of things to interfere... However, while no longer being a newbee at this, I have not yet been able, to find a way to unravel where the "roles" argument originate, and who could have touched it.. Regards. Gaute Amundsen
+-------[ Gaute Amundsen ]---------------------- | | Can anyone tell me what the argument "roles" to the methods validate and | authorize is supposed to be? Roles should be the list of roles required for access. If no roles are passed the security mechanism is supposed to query the object for the roles needed for access... | The reason I ask is that I suspect that a previous developer has done | something that has made "roles" contain 'Anonymous user' when it should not, | and that this interferes with the propper functioning of login at our sites. That in and of itself isn't a problem. The 'View' permission e.g. could require 'Anonymous user', 'Manager', or 'Owner' roles.. However, if a USER has the Anonymous role, that could be causing an issue... -- Andrew Milton akm@theinternet.com.au
participants (2)
-
Andrew Milton -
Gaute Amundsen