[Zope-Checkins] SVN: Zope/trunk/src/Products/Five/browser/ Merge r110185 from 2.12 branch
Martin Aspeli
optilude at gmx.net
Fri Mar 26 08:48:35 EDT 2010
Log message for revision 110186:
Merge r110185 from 2.12 branch
Changed:
U Zope/trunk/src/Products/Five/browser/resource.py
U Zope/trunk/src/Products/Five/browser/tests/resource.txt
-=-
Modified: Zope/trunk/src/Products/Five/browser/resource.py
===================================================================
--- Zope/trunk/src/Products/Five/browser/resource.py 2010-03-26 12:39:58 UTC (rev 110185)
+++ Zope/trunk/src/Products/Five/browser/resource.py 2010-03-26 12:48:34 UTC (rev 110186)
@@ -162,6 +162,11 @@
resource = factory(name, filename)(self.request)
resource.__name__ = name
resource.__parent__ = self
+
+ # We need to propagate security so that restrictedTraverse() will
+ # work
+ resource.__roles__ = self.__roles__
+
return resource
class DirectoryResourceFactory(ResourceFactory):
Modified: Zope/trunk/src/Products/Five/browser/tests/resource.txt
===================================================================
--- Zope/trunk/src/Products/Five/browser/tests/resource.txt 2010-03-26 12:39:58 UTC (rev 110185)
+++ Zope/trunk/src/Products/Five/browser/tests/resource.txt 2010-03-26 12:48:34 UTC (rev 110186)
@@ -69,7 +69,6 @@
... if not isinstance(resource, PageTemplateResource):
... self.assertEquals(resource(), base_url % r)
-
Security
--------
@@ -108,7 +107,15 @@
... path = base % resource
... checkRestricted(self.folder, 'context.restrictedTraverse("%s")' % path)
+Let's make sure restrictedTraverse() works directly, too. It used to get
+tripped up on subdirectories due to missing security declarations.
+ >>> self.folder.restrictedTraverse('++resource++fivetest_resources/resource.txt') is not None
+ True
+
+ >>> self.folder.restrictedTraverse('++resource++fivetest_resources/resource_subdir/resource.txt') is not None
+ True
+
Clean up
--------
More information about the Zope-Checkins
mailing list