zope2.Public from AccessControl isn't Public if used with grok.require
Bug #1007523 reported by
Patrick Gerken
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Zope 2 |
Fix Released
|
Undecided
|
Unassigned | ||
Bug Description
Steps to reproduce:
1. Take any plone Project that has views defined with grok.
2. Change a require directive to "zope2.Public"
3. Try to access the view as a nonmanager
4. Confirm that you get an exception
There is a method checkPermission somewhere that handles the zope2.Public permission. But its never called.
The traverser instead just asks the Object and all it's parent which role has the required permission.
I can solve the issue by adding redefining the Public permission in AccessControl:
But I am not sure whether this is the right way of fixing it. Therefor I'll create a branch and link it here afterwards
Revision history for this message
| Patrick Gerken (do3cc) wrote | #1 |
Revision history for this message
| Hanno Schlichting (hannosch) wrote | #2 |
| Changed in zope2: | |
| milestone: | none → 2.13.15 |
| status: | New → Confirmed |
Revision history for this message
| Patrick Gerken (do3cc) wrote | #3 |
| Changed in zope2: | |
| milestone: | 2.13.15 → 2.13.16 |
| Changed in zope2: | |
| status: | Confirmed → Fix Released |
To post a comment you must log in.
Branch:
http://
Diff:
http://
If there are no objections I'd like to merge change into trunk and 2.13 branch.