Just doing Squishdot for 2.2 when I noticed the following:
The SquishSite class has a method called item_count() which is used on
one of the management pages. It currently isn't protected by any
permissions or __roles__ and yet it still works fine on the management
I thought this sort of thing was supposed to throw up an unauthorized
error in 2.2?
PS: It is now protected by a permission, but I can send anyone who cares
a version which isn't...
Zope-Dev maillist - [EMAIL PROTECTED]
** No cross posts or HTML encoding! **
(Related lists -