Issue #'s 78, 846, 1125 all relate to checkPermission not considering
proxy roles.  #78 was resolved, however, from the looks of the code (and
I haven't tested this), it will fail to Cut/Paste because the 'Delete
objects' perm would be permitted by the proxy role which is not
considered in the checkPermission.  Anyway, the question is this...

Why doesn't checkPermission consider proxy roles?

I found the following discussion in Zope-CMF and it looks like this was
"fixed" in CMF, but it seems to me like this should be the default
policy behavior in Zope.  We can do the patches if there's no reason for
it being the way it is...


------------------------------------ begin quote
Dieter Maurer wrote:
> I think, we should have both possibilities:
>  [1] check whether the real user would have the permission
>      (independent of proxy roles)
>  [2] check whether the current context has the permission
>      (dependent on the current proxy roles and other
>      execution security aspects (such as ownership))

I'd like to replace utils._checkPermission in CMF HEAD with the attached

code. This would change the behavior of _checkPermission from [1] to 
[2]. (If I didn't make a mistake.)

The way utils._checkPermission is used in CMF implies possibility [2] 
would be the right behavior, the fact it implemented [1] looks like a 
bug to me. I don't know of any code that'll break if we switch to [2].

I can see there might be a need for [1]. But in this case you can use 
Zope's checkPermission method.

If there are no objections I'll soon make a CVS checkin of the attached 

Tim McLaughlin 
Chief Technology Officer 
Siteworx, Inc. Innovative internet solutions. 
703.964.0300 ext. 208  
Zope-Dev maillist  -
**  No cross posts or HTML encoding!  **
(Related lists - )

Reply via email to