Looks like there is a bug in Zope 2.10.2 with OFS/Traversable.py on line
228:

                            if not ok:
                                if (container is not None or
                                    guarded_getattr(obj, name, _marker)
                                        is not next):
                                    raise Unauthorized(name)

Here is my debugging session:

(Pdb) guarded_getattr(obj, name, _marker)
'Guo Zhonghai'
(Pdb) obj
<Contact at /creme/Contacts/Contact_1125>
(Pdb) name
'title'
(Pdb) guarded_getattr(obj, name, _marker)
'Guo Zhonghai'
(Pdb) p next
'Guo Zhonghai'
(Pdb) guarded_getattr(obj, name, _marker) == next
True
(Pdb) guarded_getattr(obj, name, _marker) is next
False
(Pdb) type(guarded_getattr(obj, name, _marker)), type(next)
(<type 'str'>, <type 'str'>)
(Pdb) id(guarded_getattr(obj, name, _marker))
46912619931440
(Pdb) id(next)
46912619931720

Thus, often string attributes will fail with this check.

In my opinion the code should read:

                            if not ok:
                                if (container is not None or
                                    guarded_getattr(obj, name, _marker) 
                                        != next):
                                    raise Unauthorized(name)


If you agree that his is a bug, I'll log it.

-- 
Roché Compaan
Upfront Systems                   http://www.upfrontsystems.co.za

_______________________________________________
Zope-Dev maillist  -  Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope )

Reply via email to