[Zope-CMF] Re: [CMF-checkins] CVS: CMF/CMFCore - CatalogTool.py:1.30.4.7

Sidnei da Silva sidnei@x3ng.com.br
Mon, 28 Apr 2003 15:18:12 -0300


On segunda-feira, abr 28, 2003, at 12:00 America/Sao_Paulo, Florent 
Guillaume wrote:
> I agree with Shane. The executable owner has nothing to do with what's
> going on here. A local role of Owner is set by Zope when someone 
> creates
> an object, and the allowedRolesAndUsers code deals with it correctly
> (through the rolesForPermissionOn call).
>
> BTW, the removal of 'Owner' at the end is there because 'Owner' is
> designed to be a local role only and it's been felt (by Tres I guess)
> that it's better to not provide an opportunity for users having a 
> global
> role Owner for whatever reason to see content they don't really own.
>
> So Sidnei, please revert.

I see that Tres already reverted the change. I just checked the 
behavior on my app and I found out that two things were happening:

1. I was calling reindexObject too early, before the security settings 
were applied by the workflow. At this point, the Owner role didnt had 
the view permission yet

2. A few lines later it was calling notifyWorkflowCreated, and then 
setting the View permission to the owner role, which indeed does the 
right thing.

Sorry for the inconvenience.

~dc