[Zope] Delete permission weirdness?
Chris Allen
chris_allen@aurema.com
Thu, 27 Jan 2000 15:44:27 +1100
Hi all,
I have stumbled across this rather interesting behaviour: Consider a
situation where you have a DTML method within a Folder object. For a
user-defined role "MyRole" you enable "Delete objects" permission on the
Folder. But for the DTML method, you turn off "Acquire permission" and make
sure the delete permission is off for everyone (even "Manager"). Why does
Zope still allow a user in the "MyRole" group to delete the object?
Regards,
Chris