[Zope3-checkins] CVS: Zope3/src/zope/app/security -
zopepolicy.py:1.13
Sidnei da Silva
sidnei at x3ng.com.br
Mon Oct 6 15:30:19 EDT 2003
Update of /cvs-repository/Zope3/src/zope/app/security
In directory cvs.zope.org:/tmp/cvs-serv422
Modified Files:
zopepolicy.py
Log Message:
Honor 'Deny' setting on role, both placeful and placeless
=== Zope3/src/zope/app/security/zopepolicy.py 1.12 => 1.13 ===
--- Zope3/src/zope/app/security/zopepolicy.py:1.12 Sun Sep 21 13:31:58 2003
+++ Zope3/src/zope/app/security/zopepolicy.py Mon Oct 6 15:29:48 2003
@@ -127,7 +127,9 @@
# Get principal permissions based on roles
for principal in principals:
roles = principals[principal]
- for role in roles:
+ for role, role_setting in roles.items():
+ if role_setting is Deny:
+ return False
if role in role_permissions:
if permission in role_permissions[role]:
setting = role_permissions[role][permission]
@@ -199,7 +201,9 @@
# Get principal permissions based on roles
for principal in principals:
roles = principals[principal]
- for role in roles:
+ for role, role_setting in roles.items():
+ if role_setting is Deny:
+ return False
if role in role_permissions:
if permission in role_permissions[role]:
setting = role_permissions[role][permission]
More information about the Zope3-Checkins
mailing list