Lennart Regebro wrote at 2004-9-2 12:38 +0200:
Are there any other problems with NOT raising an exception in unathorized(). Becuase if there is, we probably limit the possible challenge responses to a redirect, and then this change makes no difference.
If the traversal made any changes to persistent state, then these changes are committed rather than aborted.
Usually, traversal should not change the persistent state -- but...
Would the transaction.abort() addition suggested by Tino be enough to solve that?
Zope-Dev maillist - [EMAIL PROTECTED]
** No cross posts or HTML encoding! **
(Related lists - http://mail.zope.org/mailman/listinfo/zope-announce