[Zope-dev] RoleManager and Security of Attributes
Chris Withers
chrisw@nipltd.com
Thu, 14 Sep 2000 16:11:49 +0100
Lance wrote:
> Well, I'm at a loss. I tried a bunch things myself, and I've found out that
> instances of the Article class are not inheriting __ac_permissions__ from
> the Posting class.
How did you find this out? It's be good to knwo 'cos it might be a weird
acquisiton wrapping thing rather than a security problem, as such...
> In fact, even if you override __ac_permissions__ in the
> Article class, the validate() method is reporting there's nothing there. What
> I don't understand is, SquishSite works, and SquishFile works, what's so
> different about the Posting/Article classes?
Indeed, I'd love to hear some answers :-)
That said, I did get exactly the same problems with the SquishFiel
class, so I'm nto convinced it's onyl articles and replies that have
problems...
> I thought all one had to do was inherit RoleManager,
Can someone please tell me what inheriting from RoleManager is actually
suppsoed to do or where I can fidn that out?
cheers,
Chris