[Zope-dev] Help on Zope security needed ...
Oliver Bleutgen
Oliver Bleutgen <myzope@gmx.net>
Thu, 2 Aug 2001 14:12:17 +0200
Just resending to zope-dev,
silly me adressed zope at first...
Hi,
just to give a little more weight to that...
> > The funny thing is: http://.../ROOT/FOLDER/title will work fine ...
> Indeed, funny. Should probably not happen. Are you
> sure, you get the "title" form root and not that from "FOLDER"
> (it has a "title" of its own).
Just tested it with blank zope 2.3.3
/
method
- testfolder
- userfolder with user test and manager role (just in testfolder!)
The following doesn't work for user test:
http://localhost/method/manage
The following _will_ work for user test:
http://localhost/testfolder/method/manage
and let's me change method, which is contained
in zopes root.
Hmm, this shouldn't be so, should it?
cheers,
olier