[Zope-dev] Trying to understand the nuances of a VerboseSecurity
report ..
Shane Hathaway
shane@zope.com
Thu, 20 Feb 2003 10:33:56 -0500
Jean Jordaan wrote:
> All I can think is that that object 'basic' lacks context for
> some reason (i.e. lacks an acquisition wrapper?). I can't think
> why it lacks context .. we use that idiom all over the app, and
> don't normally get any problems.
That's all I can think of also. Try examining basic.aq_chain.
> I'm trying to see if reading VerboseSecurity's source will
> help, but all I've found so far is a suspect double negation:
>
> """
> def userHasRolesButNotInContext(user, object, object_roles):
> '''Returns 1 if the user has any of the listed roles but
> is not defined in a context which is not an ancestor of object.
> '''
> """
>
> Surely either one of those 'not's should go?
Yes. I think the first one should go.
Shane