Hi ALL, I have been doing an authentcation package with signup and login/logout features using PAU. When i refered to philips book and the worldcookery example i found the following codes in the signup logic.
class SignUpView(BaseSignUpView): signUpForm = ViewPageTemplateFile('signup.pt') def signUp(self, login, title, password, confirmation): if confirmation != password: raise UserError(_(u"Password and confirmation didn't match")) folder = self._signupfolder() if login in folder: raise UserError(_(u"This login has already been chosen.")) principal_id = folder.signUp(login, password, title) role_manager = IPrincipalRoleManager(self.context) role_manager = removeSecurityProxy(role_manager) # <- wot does it really do and how does it make the newly # created user to be authenticated automatically for role in folder.signup_roles: role_manager.assignRoleToPrincipal(role, principal_id) self.request.response.redirect("@@welcome.html") The above logic works well for me too. But if i comment the line 'role_manager = removeSecurityProxy(role_manager)',still user creation and role assignment works. but i am asked to login again right after the signup. and the redirect does not work. And another apporch i have seen in http://kelpi.com/script/e2019a http://kelpi.com/script/f49219 so i tried to set the principal as principal=pau.getPrincipal(principal_id) sel.request.setPrincipal(principal) and commented the removeSecurityProxy line. But it also gives same result. So is there any other way than using removeSecurityProxy(role_manager)? I also would like to know how risky it can be to use removeSecurityProxy in a code with public (zope.public) permission. I Know this is very trivial issue and everyone have gone through this once. Thanks in advance.
_______________________________________________ Zope3-users mailing list Zope3firstname.lastname@example.org http://mail.zope.org/mailman/listinfo/zope3-users