Dmitry Vasiliev wrote: does the following:

1. check for security map at /aFolder
2. get the aFolder's parent (the root folder in our case) through the '__parent__' attribute
3. check for security map at /
4. check global security map defined through configuration

If object doesn't have a '__parent__' attribute and any associated security map the security check will be based only on global security map.

Oh, now I see it. Thanks :)

Maybe we need always check security map at the root folder?

I don't believe this is the solution. Altrough it will solve my example, it wouldn't help in other scenarios. I would eventually make ZopeConnection and ZopeCursor locatable, if they aren't already, and assign the database adapter as the parent of the connection and the connection to the cursor at the time of their creation.
Actually I'm going to patch it like that right away.

One last question, to clear things a bit for me, as I don't have a Zope3 copy here to try - Imagine the user accesses some python class by the means of submiting a form and that class needs to do some work with the database, so it obtains a database connection, creates a cursor and executes some queries. In this case, will the class access the connection with the user's privileges, or is it trusted ? If it is trusted, my problem here is not of so big importance, but if not, I imagine needs some urgent updates.

Velko Ivanov
Zope3-dev mailing list

Reply via email to