[Zope-dev] Bug in User.py
Brian Spilsbury
brian@designix.com.au
Fri, 14 Apr 2000 03:42:22 +1000
There's an insufficiently guarded operation in User.py
def allowed(self, parent, roles=None):
...
# This is a method, grab it's self.
parent=parent.im_self
if hasattr(parent, 'aq_inContextOf') and not
parent.aq_inContextOf(self.aq_parent.aq_parent,1):
if 'Shared' in roles:
# Damn, old role setting. Waaa
...
I've added the hasattr(parent, 'aq_inContextOf') to make sure that the
second clause is reasonable.
I'm not sure of the process of submitting fixes, etc, hopefully this
will go to the right place.