Tres Seaver wrote:
IIRC, if you had scripta calling scriptb, you used to be able to give
scripta a proxy role and scriptb would also execute with that role.
However, again IIRC, in current Zope releases, if you give scripta a
proxy role, when it calls scriptb, scriptb will just run with the roles
of the current user.
Have I got this right? If so, I wonder why the change was made...
The only change I recall to how proxy roles work is that proxy roles
used to *augment* a users' roles; now they *replace* them.
Yeah, I wonder if that means if you give it a proxy role of manager, it
looses all other roles?
I don't know that the case you are talking about (S1 has proxy roles,
calls protected S2 fine,
Okay, S2 here is "some permission-protected method where the current
user doesn't have the required permission"...
but fails when calling PR-less S3 which calls
S2) ever worked under either scenario.
Oh well, I could have sworn it did at one point :-/
Proxy roles have always only
been checked for the "topmost" object on the executable stack (S1 in the
first example, S2 in the second).
Is it something worth adding as a feature request or are there security
implications I'm missing?
Chris
--
Simplistix - Content Management, Zope & Python Consulting
- http://www.simplistix.co.uk
_______________________________________________
Zope maillist - Zope@zope.org
http://mail.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope-dev )