Comment 6 for bug 649596

I have pushed the extension to "lp:~d.maurer/zope-pas/NotCompetentPlugin".

The extension is slightly different than the ones previously described. It now defines an new plugin type "INotCompetentPlugin". Plugins of this type check whether the current user folder is competent to authenticate the current request or should delegate authentication to user folders higher up in the hiearchy. Consequently, such plugins are not used at the root user folder (as there are no higher up user folders). The extension implements one such plugin "NotCompetent_byRoles". It declares the user folder as not competent when a higher level user folder is able to authenticate the request without challenge and with a user having one of a set of specified roles. If not roles are specified, any user acceptable by the request will do.