[Zope-dev] checkPermission and proxy roles
Tim McLaughlin
tim at siteworx.com
Wed Mar 16 07:56:20 EST 2005
Issue #'s 78, 846, 1125 all relate to checkPermission not considering
proxy roles. #78 was resolved, however, from the looks of the code (and
I haven't tested this), it will fail to Cut/Paste because the 'Delete
objects' perm would be permitted by the proxy role which is not
considered in the checkPermission. Anyway, the question is this...
Why doesn't checkPermission consider proxy roles?
I found the following discussion in Zope-CMF and it looks like this was
"fixed" in CMF, but it seems to me like this should be the default
policy behavior in Zope. We can do the patches if there's no reason for
it being the way it is...
Cheers,
Tim
------------------------------------ begin quote
Dieter Maurer wrote:
> I think, we should have both possibilities:
>
> [1] check whether the real user would have the permission
> (independent of proxy roles)
>
> [2] check whether the current context has the permission
> (dependent on the current proxy roles and other
> execution security aspects (such as ownership))
I'd like to replace utils._checkPermission in CMF HEAD with the attached
code. This would change the behavior of _checkPermission from [1] to
[2]. (If I didn't make a mistake.)
The way utils._checkPermission is used in CMF implies possibility [2]
would be the right behavior, the fact it implemented [1] looks like a
bug to me. I don't know of any code that'll break if we switch to [2].
I can see there might be a need for [1]. But in this case you can use
Zope's checkPermission method.
If there are no objections I'll soon make a CVS checkin of the attached
code.
Cheers,
Yuppie
-----------------------------------
--
Tim McLaughlin
Chief Technology Officer
Siteworx, Inc. Innovative internet solutions.
703.964.0300 ext. 208
More information about the Zope-Dev
mailing list