(I can't find any link to the issue tracker at http://www.zope.org/Products/PluggableAuthService so I'll just post this here)
looking at the allowed method for PropertiedUser there are a few possible return values: 1 - one of the allowed roles is allowed 0 - object is outside the acquisition context of the user, so abort further checks None - none of the allowed roles is found then handling of 0 versus None seems confused: when checking for roles None is returned if the object is outside the acquisition context, but when checking local roles 0 is returned. Shouldn't 0 be returned in both places? Wichert. -- Wichert Akkerman <[EMAIL PROTECTED]> It is simple to make things. http://www.wiggy.net/ It is hard to make things simple. _______________________________________________ Zope-PAS mailing list Zope-PAS@zope.org http://mail.zope.org/mailman/listinfo/zope-pas