Tres Seaver wrote at 2005-11-22 16:51 -0500:
> ...
>The actual problem here is a confusion of "authorization" with
>"containment constraints":  the CopySupport code is using a single check
>to test both, which makes it impossible to do the Right Thing (TM):
>either the proxy roles should be taken into account, in which case the
>containment constraint may be violated, or they shouldn't, in which case
>a proxy-role-granted script cannot be used to perform a "controlled"
>paste which would otherwise not be authorized.

Not sure that I follow you:

  In my view, "all_meta_types" can be used to enforce
  "containment constraints". "CopySupport" handles this
  it a perfect fashion.

  After this "containment constraints" check, it
  checks that the copying/moving/renaming user has the
  right to add the object in the destination folder
  (it fact, it checks that the creating action can be traversed to,
  which is a bit different and fails when the action contains a
  query string).
  Modern versions take proxy roles into account.

  The problem is that trusted code lacks a means to
  set proxy roles -- thus, it cannot do what untrusted
  code with appropriate proxy roles can.

Zope maillist  -
**   No cross posts or HTML encoding!  **
(Related lists - )

Reply via email to