(I can't find any link to the issue tracker at
http://www.zope.org/Products/PluggableAuthService so I'll just post this
looking at the allowed method for PropertiedUser there are a few
possible return values:
1 - one of the allowed roles is allowed
0 - object is outside the acquisition context of the user, so abort
None - none of the allowed roles is found
then handling of 0 versus None seems confused: when checking for roles
None is returned if the object is outside the acquisition context, but
when checking local roles 0 is returned. Shouldn't 0 be returned in both
Wichert Akkerman <[EMAIL PROTECTED]> It is simple to make things.
http://www.wiggy.net/ It is hard to make things simple.
Zope-PAS mailing list