I'm having a problem with AUTHENTICATED_USER.hasRole()

I have a user with the role 'Member' defined at the root level (and nowhere
else).  I also have the following DTML method at the root level:

  <dtml-if "REQUEST['AUTHENTICATED_USER'].hasRole(PARENTS[-1], ['Member'])">
  You are a Member.
  Your are NOT a Member.

When I first request the protected document /Bogus/membersonly, I'm prompted
to log in.  When I do, I get access to the /Bogus/membersonly document.
Then when I request /Bogus/isMember, it says I am a Member.  However, when I
request /isMember, it says I am NOT a Member.  Anywhere I request isMember,
other than in the /Bogus folder, I am NOT a Member, even though the user is
defined at the root level with the Member role.

If I then request a protected document /membersonly, it shows me the
document without prompt.  After I do that, when I request /isMember or
/AnyFolder/isMember, it now tells me I am a Member.

Why does it not recognize that I'm a user with the Member role anywhere on
the site until I access a protected document at the root level?  Is this by
design or a bug?  If by design, what's the reasoning?


Ron Bickers
Logic Etc, Inc.

Zope maillist  -  [EMAIL PROTECTED]
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-dev )

Reply via email to