-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Wichert Akkerman wrote: > Previously Tres Seaver wrote: > >>We aren't "enforcing" anything: the plugin can't fulfill its own >>contract (in this case, to return a list of (id, title) tuples) if the >>user has screwed up by configuring the other plugins that way. > > > If multiple principals share have the same id you will still fulfill the > contract; the only difference is that with this patch you will see the > title from the first one and ignore titles from the others. This is ok > since we still show all ids. > > For some background: I needed this patch to be able to use groups from > an active directory environment in a site. That gave me two groups > called 'Administrators': the standard Zope one and the one that comes > in via active directory.
Within a single PAS, it is an error to have two principals with the same ID; otherwise you will end up granting permissions inappropriately. If you have plugins which are generating identical IDs, then you need to have one or both of them use prefixes (that is what they are for). BTW, there is no "standard" Administrators group in Zope (Zope proper doesn't know about groups at all). Tres. - -- =================================================================== Tres Seaver +1 202-558-7113 [EMAIL PROTECTED] Palladion Software "Excellence by Design" http://palladion.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDj0cu+gerLs4ltQ4RAvWXAKCXF/cthIH2FYlYMlcI+RN3R9VTagCgsKgP m9uly0yFvG3tMHJe7zh3cOs= =8Hxm -----END PGP SIGNATURE----- _______________________________________________ Zope-PAS mailing list [email protected] http://mail.zope.org/mailman/listinfo/zope-pas
