zope2.Public from AccessControl isn't Public if used with grok.require
Bug #1007523 reported by
Patrick Gerken
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Zope 2 |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Steps to reproduce:
1. Take any plone Project that has views defined with grok.
2. Change a require directive to "zope2.Public"
3. Try to access the view as a nonmanager
4. Confirm that you get an exception
There is a method checkPermission somewhere that handles the zope2.Public permission. But its never called.
The traverser instead just asks the Object and all it's parent which role has the required permission.
I can solve the issue by adding redefining the Public permission in AccessControl:
But I am not sure whether this is the right way of fixing it. Therefor I'll create a branch and link it here afterwards
Changed in zope2: | |
milestone: | 2.13.15 → 2.13.16 |
Changed in zope2: | |
status: | Confirmed → Fix Released |
To post a comment you must log in.
Branch: svn.zope. org/AccessContr ol/branches/ do3cc_1007523/
http://
Diff: svn.zope. org/AccessContr ol/branches/ do3cc_1007523/ src/AccessContr ol/permissions. zcml?rev= 126552& view=diff& r1=126552& r2=126551& p1=AccessContro l/branches/ do3cc_1007523/ src/AccessContr ol/permissions. zcml&p2= /AccessControl/ trunk/src/ AccessControl/ permissions. zcml
http://
If there are no objections I'd like to merge change into trunk and 2.13 branch.