[Zope-dev] Re: Weird proxy role behaviour
Tres Seaver
tseaver at palladion.com
Mon Jul 4 08:57:18 EDT 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Andreas Jung wrote:
> I created a PyScript through the ZMI:
>
> from AccessControl import getSecurityManager()
> print getSecurityManager().getUser().getRoles()
> print getSecurityManager().getUser().getRolesInContext(context)
> return printed
>
> The script has the proxy role 'Manager'.
>
> When I call the script as Anyonmous User then the output is always
> ('Anonymous',) for both calls. This happens with Zope 2.7.0, 2.7.6 and
> Zope 2.8.0. Shouldn't I see the Manager role in the output or am I just
> brain-dead today?
Proxy roles are an attribute of the callable, not the user; they can't
be introspected that way. Check
AccessControl.ImplPython.ZopeSecurityPolicy.validate, near the bottom,
for how they are checked.
Tres.
- --
===================================================================
Tres Seaver +1 202-558-7113 tseaver at palladion.com
Palladion Software "Excellence by Design" http://palladion.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFCyTIu+gerLs4ltQ4RAvXNAJ0UKsG4GT0FtyJwyyFbO08YLsmiywCcCcmP
2Rtuhcds6UZrkFAEVng1T58=
=4ZA/
-----END PGP SIGNATURE-----
More information about the Zope-Dev
mailing list