Actually, since I added _check_security into object dispatch the repoze.what-pylons update is not strictly necessary to fix the problem. But it's a good idea to update anyway.
On Thu, Mar 5, 2009 at 3:27 AM, Sergei Beilin <[email protected]> wrote: > > Thanks Mark, Alberto, Gustavo and others! > > 1. repoze.what-pylons needs to be upgraded to 1.0rc3 for the fix to > work properly > 2. allow_only now works fine, sub-controllers are now protected, but > not RestControllers > > -- > Sergei > > > -- Mark Ramm-Christensen email: mark at compoundthinking dot com blog: www.compoundthinking.com/blog --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "TurboGears" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/turbogears?hl=en -~----------~----~----~----~------~----~------~--~---
