On Aug 10, 2006, at 8:33 AM, Christian Theune wrote:
Philipp von Weitershausen wrote:
Christian Theune wrote:
Log message for revision 69387:
- Removed conflicting security declaration for the traversal
returns a Session object.
configure.zcml 2006-08-10 08:24:12 UTC (rev 69386)
configure.zcml 2006-08-10 12:23:22 UTC (rev 69387)
@@ -23,7 +23,6 @@
Hah! I can't believe that was the problem. It all makes sense now. I
still wonder why the session object was still wrapped in a proxy
checker didn't allow anything...
Because IPathAdapter doesn't define any names, so the checker derived
it doesn't allow any access.
seems that such a setup causes the
security machinery to be a little confused?
No, it did what it was told.
Perhaps the system shouldn't
allow such combinations (adapter security + security of the class)?
I agree. This combination should raise a ConflictError IMHO.
I don't agree. It is reasonable to me that different adapters
derived from the same class
could need different permission settings.
Jim Fulton mailto:[EMAIL PROTECTED] Python
CTO (540) 361-1714
Zope Corporation http://www.zope.com http://www.zope.org
Zope3-dev mailing list