[zope2-tracker] [Bug 142921] Re: security.declareObjectProtected('View') appears to be buggy
Tres Seaver
tseaver at palladion.com
Mon Apr 12 07:33:35 EDT 2010
I looked back at this: basically, the issue here is that using
'security.declareObjectProtected' requires that you *also* set up the
default role-permission mapping using 'setPermissionDefault', e.g.::
'security.setPermissionDefault('View', ['Anonymous'])
"Local" role bindings are not available to the ClassSecurityInfo object
at startup: the lazy lookup of those bindings which drives the normal
protection of methods and attributes is driven by the ExtensionClass
attribute getter, and can't work for the "bare" object itself.
** Changed in: zope2
Status: Incomplete => Invalid
--
security.declareObjectProtected('View') appears to be buggy
https://bugs.launchpad.net/bugs/142921
You received this bug notification because you are a member of Zope 2
Developers, which is subscribed to Zope 2.
More information about the zope2-tracker
mailing list