Hi all, in
src/zope/app/workflow/stateful/browser/instance.py i've added the following local patch: Index: instance.py =================================================================== --- instance.py (revision 30205) +++ instance.py (working copy) @@ -58,7 +58,7 @@ def listContentInfo(self): return map(self._extractContentInfo, - IProcessInstanceContainer(self.context).items()) + removeSecurityProxy(IProcessInstanceContainer(self.context)).items()) def getWorkflowTitle(self): pi = self._getSelWorkflow() @@ -108,7 +108,7 @@ def _getSelWorkflow(self): reqWorkflow = self.request.get('workflow', u'') - pi_container = IProcessInstanceContainer(self.context) + pi_container = removeSecurityProxy(IProcessInstanceContainer(self.context)) if reqWorkflow is u'': available_instances = pi_container.keys() if len(available_instances) > 0: without the patch the workflows.html-view doesn't work for my Users defined in pau. I think, that's not the right place for _not_ testing security-aspects, or? Markus _______________________________________________ Zope3-dev mailing list Zope3-dev@zope.org Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com