> why is that code no longer referring to the real userfolder anymore? it
> should not make calls to authorize/identify/authorize on "self" but on
> the LDAPUserFolder it is using as the user source.
self.identify() should be the same as if getLUF().identify() since LDAPUserFolder and
LDAPRoleTwiddler both inherited this from BasicUserFolder.
self.authenticate() does a self.getUser() which refers to getLUF().getUser() and does
twiddling in one step and return the right user-object which the API would expect.
I think that self.authorize(user,...) is better than self.getLUF().authorize(user,...)
because the authorize does the following in 1st line:
def authorize(self, user,... ): (inherited from BasicUserFolder)
user = getattr(user, 'aq_base', user).__of__(self)
this would be different for self.authorize, where self would be the LRT and
self.getLUF().authorize() where self would be the LUF.
The user is seen in 2 different contexts by .__of__(self) .
Maybe I'm think too complicated, Your opinion ?
Zope-Dev maillist - [EMAIL PROTECTED]
** No cross posts or HTML encoding! **
(Related lists -