On Thu, 2005-03-03 at 14:56 +0000, Chris Withers wrote: > Roché Compaan wrote: > > + obj = self.aq_parent.unrestrictedTraverse(self.getPath(), None) > > + if obj and securityManager.validate(obj, obj, None, None): > > + return obj > > + else: > > + return None > > Urm, Roche, doesn't the above seek to do exactly what... > > return self.aq_parent.restrictedTraverse(self.getPath(), None) > > ...does?
No it doesn't, restrictedTraverse fails along the way. If the path is /a/b and the user doesn't have access to /a/ restrictedTraverse will return None even though the user has access to /a/b/. In my code above we only do a security check on the object that the full path resolves to. > > The problem is that an error should be raised, Unauthorized in my > opinion, rather than None being returned. I would be ok with raising Unauthorized but it is not backwards compatible. I suppose changing to 'unrestrictedTraverse' is also not backward compatible but the current 'getObject' seems to suggest that we do not want to raise an exception when the user does not have permission to access the object. Is there some use case for 'getObject' that we are missing here? > None should never be returned in place of a brain, although I'll soften > that to say that if it does, it means something weird has happened (used > to mean the object the catalog entry mapped to had gone away) I agree. -- Roché Compaan Upfront Systems http://www.upfrontsystems.co.za _______________________________________________ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
