[zope2-tracker] [Bug 1007523] [NEW] zope2.Public from AccessControl isn't Public if used with grok.require
Patrick Gerken
1007523 at bugs.launchpad.net
Fri Jun 1 17:09:38 UTC 2012
Public bug reported:
Steps to reproduce:
1. Take any plone Project that has views defined with grok.
2. Change a require directive to "zope2.Public"
3. Try to access the view as a nonmanager
4. Confirm that you get an exception
There is a method checkPermission somewhere that handles the zope2.Public permission. But its never called.
The traverser instead just asks the Object and all it's parent which role has the required permission.
I can solve the issue by adding redefining the Public permission in
AccessControl:AccessControl/permissions.zcml to include the role
Anonymous.
But I am not sure whether this is the right way of fixing it. Therefor
I'll create a branch and link it here afterwards
** Affects: zope2
Importance: Undecided
Status: New
** Tags: accesscontrol
--
You received this bug notification because you are a member of Zope 2
Developers, which is subscribed to Zope 2.
https://bugs.launchpad.net/bugs/1007523
Title:
zope2.Public from AccessControl isn't Public if used with grok.require
To manage notifications about this bug go to:
https://bugs.launchpad.net/zope2/+bug/1007523/+subscriptions
More information about the zope2-tracker
mailing list