[Zope-Checkins] CVS: Zope3/lib/python/Zope/App/Security - ZopeSecurityPolicy.py:1.1.2.13.2.1
Jim Fulton
jim@zope.com
Mon, 11 Feb 2002 11:41:56 -0500
Update of /cvs-repository/Zope3/lib/python/Zope/App/Security
In directory cvs.zope.org:/tmp/cvs-serv7151
Modified Files:
Tag: Zope-3x-security_defactor-branch
ZopeSecurityPolicy.py
Log Message:
Code at top of check permission is bad.
=== Zope3/lib/python/Zope/App/Security/ZopeSecurityPolicy.py 1.1.2.13 => 1.1.2.13.2.1 ===
def checkPermission( self, permission, object, context ):
- anon = principalRegistry.getPrincipal('Anonymous')
- if (permission, Allow) in getPermissionsForRole(anon):
- return 1
-
+ # The following commented code is wrong in serveral ways:
+ #
+ # 1) Anonymous is a role, not a principal
+ #
+ # 2) It's not enough for anonymous top have the needed permission
+ # globally, since the permission may be delayed lower dowm.
+ #
+ # 3) It's really ineffecient to collect all the principals that have
+ # a role.
+ #
+ #anon = principalRegistry.getPrincipal('Anonymous')
+ #if (permission, Allow) in getPermissionsForRole(anon):
+ # return 1
+
principals = { context.user : 1 }
roles = {}
seen_allowed = 0