[Zope] role, user defined roles, and inclusion
Dieter Maurer
dieter at handshake.de
Fri Apr 1 15:12:46 EST 2005
Chris Withers wrote at 2005-3-31 12:26 +0100:
>Dieter Maurer wrote:
>> Any user has the "Anonymous" role whether or not it is authenticated.
>
>Really?
> ...
>print user.getRoles()
> ...
>
>returns ('Manager', 'Authenticated') when logged in as a manager and
>('Anonymous',) when anonymous?
>
>>>A user will never have Authenticated and Anonymous roles at the same time.
>>
>> This is wrong.
>
>See above.
As others already pointed out:
There is an inconsistency between what "getRoles()" returns
and what roles a user *effectively* has.
The inconsistency might be justified as follows:
When every user has invariably the "Anonymous" role,
this can just be taken a general default that need
not be expressed in "getRoles()".
--
Dieter
More information about the Zope
mailing list