Behalf Of Jim Fulton
> Sent: Friday, April 08, 2005 5:35 PM
> To: Dominik Huber
> Cc: Garrett Smith; [EMAIL PROTECTED]; zope3-dev@zope.org
> Subject: Re: [Zope3-dev] Form framework, adapters and pau
> 
> Dominik Huber wrote:
> > Jim Fulton wrote:
> > 
> >> OK, here's an alternate proposal:
> >>
> >>   If the permission attribute is used in the adapter 
> directive and the
> >>   permission is not zope.Public, then:
> >>
> >>     If the adapter doesn't provide ILocation, we location 
> proxy it and
> >>     set the parent.
> >>
> >>     If the adapter does provide ILocation and it's 
> __parent__ is None,
> >>     we set the __parent__.
> >>
> >>   This will be accomplished with a custom factory.
> >>
> >> Does this make you happy? :)
> > 
> > 
> > Yes, cool  ;)
> > Can I help anything or are you going to implement that code
> 
> I don't think I'll have time to do this soon.  Will this be for
> 3.1 or 3.2?  Is it a feature or a bug fix? :)

This is a bug fix.
If we use local authentication (PAU). The checker used in the 
editform will lookup in the global registry for principal 
permissions.

Because the method canWrite looks up the permission with
"thread_local.interaction.checkPermission(permission, object)"
this ends in a bug if no location is provided.

Regards
Roger Ineichen

> Jim
> 
> -- 
> Jim Fulton           mailto:[EMAIL PROTECTED]       Python Powered!
> CTO                  (540) 361-1714            http://www.python.org
> Zope Corporation     http://www.zope.com       http://www.zope.org
> _______________________________________________
> Zope3-dev mailing list
> Zope3-dev@zope.org
> Unsub: 
> http://mail.zope.org/mailman/options/zope3-dev/dev%40projekt01.ch
> 
> 

_______________________________________________
Zope3-dev mailing list
Zope3-dev@zope.org
Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com

Reply via email to