[Zope-Checkins] CVS: Zope/lib/python/App - Management.py:1.49

[Shane Hathaway]

Update of /cvs-repository/Zope/lib/python/App
In directory cvs.zope.org:/tmp/cvs-serv12766

Modified Files:
	Management.py 
Log Message:
Made manage_workspace always require credentials.  This should help us get
closer to the HTTP spec with respect to authentication.


=== Zope/lib/python/App/Management.py 1.48 => 1.49 ===
 from string import split, join, find
 from AccessControl import getSecurityManager
+from Acquisition import aq_base
 
 class Tabs(ExtensionClass.Base):
     """Mix-in provides management folder tab support."""
@@ -140,6 +141,11 @@
     def manage_workspace(self, REQUEST):
         """Dispatch to first interface in manage_options
         """
+        from AccessControl.User import nobody
+        if aq_base(getSecurityManager().getUser()) is aq_base(nobody):
+            # No authentication credentials presented.
+            raise 'Unauthorized', (
+                'You are not authorized to view this object.')
         options=self.filtered_manage_options(REQUEST)
         try:
             m=options[0]['action']