App.Management.Tabs.manage_workspace sucks! :-(
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Zope 2 |
Fix Released
|
Medium
|
Unassigned |
Bug Description
1. manage_workspace is only protected by the Authenticated role, and that is done directly, not even through a permission.
2. self.filtered_
3. There's a bare try/except which masks errors. From what I can see, it should ONLY catch IndexError's.
4. The "raise TypeError" could do with some explanation.
5. The Unauthorized could raise a more helpful message "You are not authorized to view an of this object's management itnerface"
Can you fix this?