ZTUtils.SimpleTreeMaker creates trees that check security twice for everything
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Zope 2 |
Invalid
|
Low
|
Unassigned | ||
Bug Description
(1) Invoke verbose security
(2) call hasChildren in a ZTUtils.
(3) call getChildren in a ZTUtils.
...and watch for double exceptions in the log every time we try to skip an unauthorised child. Apart from the performance issue, this appears to cause some erratic behaviour which I can't fully explain.
The cause is simple:
hasChildren in Tree.SimpleTree
When hasChildren is invoked on ZTUtils.
Thus when getChildren on ZTUtils.
The fix is to add an getCachedChildren() to Tree.SimpleTree
This is such a Classic multiple inheritance gotcha, it makes me want to go back to Java!
But if you ask me this there should be an abstract TreeMakerBase class with three subclasses, CachingTreeMaker, FilteredTreeMaker, and TreeMaker; CachingTreeMaker and FilteredTreeMaker should wrap a child TreeMaker which does the actual work and add the appropriate filtering/caching behaviour.
I'll happily refactor the code along these lines if anyone thinks it worthwhile.
| Changed in zope2: | |
| importance: | Medium → Low |
| status: | New → Confirmed |
| Colin Watson (cjwatson) wrote | #1 |
| Changed in zope2: | |
| status: | Confirmed → Invalid |
The zope2 project on Launchpad has been archived at the request of the Zope developers (see https:/