Hi,
Just doing Squishdot for 2.2 when I noticed the following:
The SquishSite class has a method called item_count() which is used on
one of the management pages. It currently isn't protected by any
permissions or __roles__ and yet it still works fine on the management
screen concerned.
I thought this sort of thing was supposed to throw up an unauthorized
error in 2.2?
cheers,
Chris
PS: It is now protected by a permission, but I can send anyone who cares
a version which isn't...
_______________________________________________
Zope-Dev maillist - [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists -
http://lists.zope.org/mailman/listinfo/zope-announce
http://lists.zope.org/mailman/listinfo/zope )
