Working with Zope 2.2.1 (in two distinct servers), I noticed the following
behaviour with (0.1.7) Python methods (created under Manager role):

1. Apparently anyone (non-authenticated users) can successfully run the 
   methods even if these include operations (folder/file/user creation, etc.)
   for which the invoking user has no permission.

2. Although I am able to give Python methods the proxy role of Manager,
   I can not give them other proxy roles, roles which I also have and
   am able to give to DTML methods, for instance (anyway, problem 1
   makes privileged proxy roles superfluous... :) ).

Has anyone fixed this (while we wait for the new shiny Python methods)?

Best regards & thanks in advance 
                                           J Esteves

 jmce: +351 919838775 ~ ~

Zope maillist  -  [EMAIL PROTECTED]
**   No cross posts or HTML encoding!  **
(Related lists - )

Reply via email to