[Zope-dev] Re: Weird proxy role behaviour

Tres Seaver tseaver at palladion.com
Mon Jul 4 08:57:18 EDT 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Andreas Jung wrote:

> I created a PyScript through the ZMI:
> 
> from AccessControl import getSecurityManager()
> print getSecurityManager().getUser().getRoles()
> print getSecurityManager().getUser().getRolesInContext(context)
> return printed
> 
> The script has the proxy role 'Manager'.
> 
> When I call the script as Anyonmous User then the output is always
> ('Anonymous',) for both calls. This happens with Zope 2.7.0, 2.7.6 and
> Zope 2.8.0. Shouldn't I see the Manager role in the output or am I just
> brain-dead today?

Proxy roles are an attribute of the callable, not the user;  they can't
be introspected that way.  Check
AccessControl.ImplPython.ZopeSecurityPolicy.validate, near the bottom,
for how they are checked.


Tres.
- --
===================================================================
Tres Seaver          +1 202-558-7113          tseaver at palladion.com
Palladion Software   "Excellence by Design"    http://palladion.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCyTIu+gerLs4ltQ4RAvXNAJ0UKsG4GT0FtyJwyyFbO08YLsmiywCcCcmP
2Rtuhcds6UZrkFAEVng1T58=
=4ZA/
-----END PGP SIGNATURE-----



More information about the Zope-Dev mailing list