Hi Jens,

> why is that code no longer referring to the real userfolder anymore? it 
> should not make calls to authorize/identify/authorize on "self" but on 
> the LDAPUserFolder it is using as the user source.

self.identify() should be the same as if getLUF().identify() since LDAPUserFolder and 
LDAPRoleTwiddler both inherited this from BasicUserFolder.

self.authenticate() does a self.getUser() which refers to getLUF().getUser() and does 
twiddling in one step and return the right user-object which the API would expect.

I think that self.authorize(user,...) is better than self.getLUF().authorize(user,...)
because the authorize does the following in 1st line:

def authorize(self, user,... ): (inherited from BasicUserFolder)
  user = getattr(user, 'aq_base', user).__of__(self)

this would be different for self.authorize, where self would be the LRT and
self.getLUF().authorize() where self would be the LUF.

The user is seen in 2 different contexts by .__of__(self) .

Maybe I'm think too complicated, Your opinion ?


Zope-Dev maillist  -  [EMAIL PROTECTED]
**  No cross posts or HTML encoding!  **
(Related lists -
 http://lists.zope.org/mailman/listinfo/zope )

Reply via email to