Chris Withers wrote: > Florent Guillaume wrote: >>>> Specifically, in CMFCatalogAware.reindexObjectSecurity (recently >>>> introduced by Florent Guillaume if I recall), it assumes getObject() >>>> will return None in a failure. >>> >>> >>> Yes, see http://www.zope.org/Collectors/CMF/337 which I'm about to fix. > > > This is a bad fix IMNSHO :-( > Why was getObject not returning an object?
It could raise Unauthorized because the current user is not allowed to access the returned object, which is the case if there are security restrictions lower in the object tree. Which is something you don't seem to grok. > That condition has been accepted for far too long and, reading the rest > of the thread here, seems to be a bug in this case. No. > Furthermore, rather than effectively re-implementing getObject in CMF > code, why didn't we just catch the exceptions that are now being raised? Because we want to get to that object and reindex it. > Anyone mind if I revert this checking? Yes, me. Stop threatening to revert checkins, Chris. Florent -- Florent Guillaume, Nuxeo (Paris, France) CTO, Director of R&D +33 1 40 33 71 59 http://nuxeo.com [EMAIL PROTECTED] _______________________________________________ Zope-CMF maillist - [email protected] http://mail.zope.org/mailman/listinfo/zope-cmf See http://collector.zope.org/CMF for bug reports and feature requests
