+-------[ Gaute Amundsen ]---------------------- | | Can anyone tell me what the argument "roles" to the methods validate and | authorize is supposed to be?
Roles should be the list of roles required for access. If no roles are passed the security mechanism is supposed to query the object for the roles needed for access... | The reason I ask is that I suspect that a previous developer has done | something that has made "roles" contain 'Anonymous user' when it should not, | and that this interferes with the propper functioning of login at our sites. That in and of itself isn't a problem. The 'View' permission e.g. could require 'Anonymous user', 'Manager', or 'Owner' roles.. However, if a USER has the Anonymous role, that could be causing an issue... -- Andrew Milton [EMAIL PROTECTED] _______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )