hello! i use the SimpleUserFolder product and derive a MyUser class from it's included User class, which in turn inherits from BasicUser.
the SimpleUserFolder's User class does neither reimplement getRolesInContext() nor allowed(). i looked at the source of BasicUser (lib/python/AccessControl/User.py) and found out that allowed() does not use the information provided by getRolesInContext(). i found this comment: # Still have not found a match, so check local roles. We do # this manually rather than call getRolesInContext so that # we can incur only the overhead required to find a match. so if i reimplement getRolesInContext() in MyUser, i'll probably also have to reimplement allowed() to reflect the possibly added local roles, right? regards, jürgen herrmann ps: looking at the code of allowed() i doubt that the "manual" checking of local roles will speed this method up a lot: local roles seem to be a seldomly used feature, the improvement in speed would only occur if the object in question was protected by a local role (and not a normal one). is this enough to justify duplicated code with all of it's disadvantages)? _______________________________________________________________________ >> XLhost.de - eXperts in Linux hosting << Jürgen Herrmann Bruderwöhrdstraße 15b, DE-93051 Regensburg Fon: +49 (0)700 XLHOSTDE [0700 95467833] Fax: +49 (0)721 151 463027 WEB: http://www.XLhost.de _______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )