[Zope-Checkins] CVS: Zope/lib/python/Products/PageTemplates -
Expressions.py:1.36.6.11
Jim Fulton
jim at zope.com
Mon Jan 19 13:54:12 EST 2004
Update of /cvs-repository/Zope/lib/python/Products/PageTemplates
In directory cvs.zope.org:/tmp/cvs-serv4014/lib/python/Products/PageTemplates
Modified Files:
Tag: Zope-2_6-branch
Expressions.py
Log Message:
Collector #1182: Functions for handling decisions about
unprotected subobjects were not passed "names" when doing
unnamed (item) access. In 2.6.3 we changed access checks when
doing item access to pass None rather than the key value when
validating access. This broke some existing applications. We
have reverted these changes.
=== Zope/lib/python/Products/PageTemplates/Expressions.py 1.36.6.10 => 1.36.6.11 ===
--- Zope/lib/python/Products/PageTemplates/Expressions.py:1.36.6.10 Thu Jan 8 15:12:08 2004
+++ Zope/lib/python/Products/PageTemplates/Expressions.py Mon Jan 19 13:54:11 2004
@@ -308,7 +308,7 @@
# Skip directly to item access
o = object[name]
# Check access to the item.
- if not validate(object, object, None, o):
+ if not validate(object, object, name, o):
raise Unauthorized, name
object = o
continue
@@ -363,7 +363,7 @@
raise
else:
# Check access to the item.
- if not validate(object, object, None, o):
+ if not validate(object, object, name, o):
raise Unauthorized, name
object = o
More information about the Zope-Checkins
mailing list