Commit a69225a6 authored by Brian Lloyd's avatar Brian Lloyd

fix difference in behavior between C and Python policies.

parent 5ca49ca4
...@@ -12,7 +12,7 @@ ...@@ -12,7 +12,7 @@
############################################################################## ##############################################################################
"""Access control package""" """Access control package"""
__version__='$Revision: 1.181 $'[11:-2] __version__='$Revision: 1.182 $'[11:-2]
import Globals, socket, SpecialUsers,re import Globals, socket, SpecialUsers,re
import os import os
...@@ -592,7 +592,16 @@ class BasicUserFolder(Implicit, Persistent, Navigation, Tabs, RoleManager, ...@@ -592,7 +592,16 @@ class BasicUserFolder(Implicit, Persistent, Navigation, Tabs, RoleManager,
security = getSecurityManager() security = getSecurityManager()
try: try:
try: try:
if security.validate(accessed, container, name, value, roles): # This is evil: we cannot pass _noroles directly because
# it is a special marker, and that special marker is not
# the same between the C and Python policy implementations.
# We __really__ need to stop using this marker pattern!
if roles is _noroles:
if security.validate(accessed, container, name, value):
return 1
else:
if security.validate(accessed, container, name, value,
roles):
return 1 return 1
except: except:
noSecurityManager() noSecurityManager()
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment