[ZCM] [ZC] 319/ 1 Request "ZMI AccessControl Bug "
Collector: Zope Bugs and Patches ...
zope-coders@zope.org
Thu, 28 Mar 2002 10:52:33 -0500
Issue #319 Update (Request) "ZMI AccessControl Bug "
Status Pending, Zope/bug low
To followup, visit:
http://collector.zope.org/Zope/319
==============================================================
= Request - Entry #1 by tfoerster on Mar 28, 2002 10:52 am
When allowing normal users access to the ZMI, they are provided with the full set of management tabs. Even in the case they so not have the right permissions.
This is due to a buggy implementation of *filtered_manage_options* in App/Management.py .
Importing *AccessControl.SimpleObjectPolicies._noroles* and changing the end of *filtered_manage_options* to:
if validate(None, self, None, o, _noroles):
result.append(d)
except:
if not hasattr(o, '__roles__'):
result.append(d)
return result
solves the problem
==============================================================