[Zope-PAS] CookieAuthHelper login_form weirdness
Jens Vagelpohl
jens at dataflake.org
Tue Nov 23 05:15:39 EST 2004
On Nov 23, 2004, at 11:04, Jens Vagelpohl wrote:
> I cannot seem to look at any ZMI views for the login_form inside the
> CookieAuthHelper. I always get the form rendered. Trying to look at
> manage_access on the form produces this traceback:
The problem here seems to be the fact that after instantiating
login_form in CookieAuthHelper.manage_afterAdd the security on the
login_form itself is badly mangled by doing this:
self.login_form.__roles__ = []
I am assuming the intent is to ensure that everyone can always view the
form so people can actually log in. But doing it this way makes it
impossible to manage or edit the form in the ZMI. Simple proof: Delete
the existing login_form and create a new one in there. All ZMI tabs are
now working.
There's got to be a better way to tweak security at that point.
jens
More information about the Zope-PAS
mailing list