[Zope] Proxy role bug (or feature)

R. David Murray bitz@bitdance.com
Mon, 3 Jul 2000 18:46:33 -0400 (EDT)


On Fri, 30 Jun 2000, Ng Pheng Siong wrote:
> 2. ngps adds a user in 'junk' called 'user2', with roles 'owner',
> 'manager' and 'proxy_for_agf'.
> 
> 3. Login as 'user2'; 'user2' is now able to assign the role 'proxy_for_agf'
> to the above-mentioned DTML method 'view_agf'.
> 
> 
> This proxy role handling seems unwieldy, in that 'ngps' cannot assign
> the proxy role but can create another user 'user2' that _can_ assign
> said proxy role.
> 
> Is this a bug or a feature?

I think it's half of each.

I suspect that user1 can assign itself a local role of proxy_for_agf
and achieve the same result, without having to create user2.  A
little less unweildy.  The bug half IMO is that since manager can assign
itself the role anyway, it might as well be allowed to assign the
proxy role even though it doesn't have it.

--RDM