[Zope-Checkins] CVS: Zope/lib/python/AccessControl - User.py:1.182

Brian Lloyd brian at zope.com
Fri Jan 30 11:44:51 EST 2004


Update of /cvs-repository/Zope/lib/python/AccessControl
In directory cvs.zope.org:/tmp/cvs-serv15360/lib/python/AccessControl

Modified Files:
	User.py 
Log Message:
fix difference in behavior between C and Python policies.


=== Zope/lib/python/AccessControl/User.py 1.181 => 1.182 ===
--- Zope/lib/python/AccessControl/User.py:1.181	Tue Nov 18 08:16:57 2003
+++ Zope/lib/python/AccessControl/User.py	Fri Jan 30 11:44:50 2004
@@ -592,8 +592,17 @@
         security = getSecurityManager()
         try:
             try:
-                if security.validate(accessed, container, name, value, roles):
-                    return 1
+                # This is evil: we cannot pass _noroles directly because
+                # it is a special marker, and that special marker is not
+                # the same between the C and Python policy implementations.
+                # We __really__ need to stop using this marker pattern!
+                if roles is _noroles:
+                    if security.validate(accessed, container, name, value):
+                        return 1
+                else:
+                    if security.validate(accessed, container, name, value,
+                                         roles):
+                        return 1
             except:
                 noSecurityManager()
                 raise




More information about the Zope-Checkins mailing list