Tres Seaver wrote:
IIRC, if you had scripta calling scriptb, you used to be able to give
scripta a proxy role and scriptb would also execute with that role.
However, again IIRC, in current Zope releases, if you give scripta a
proxy role, when it calls scriptb, scriptb will just run with the roles
of the current user.

Have I got this right? If so, I wonder why the change was made...

The only change I recall to how proxy roles work is that proxy roles
used to *augment* a users' roles;  now they *replace* them.

Yeah, I wonder if that means if you give it a proxy role of manager, it looses all other roles?

I don't know that the case you are talking about (S1 has proxy roles,
calls protected S2 fine,

Okay, S2 here is "some permission-protected method where the current user doesn't have the required permission"...

but fails when calling PR-less S3 which calls
S2) ever worked under either scenario.

Oh well, I could have sworn it did at one point :-/

Proxy roles have always only
been checked for the "topmost" object on the executable stack (S1 in the
first example, S2 in the second).

Is it something worth adding as a feature request or are there security implications I'm missing?


Simplistix - Content Management, Zope & Python Consulting

Zope maillist  -
**   No cross posts or HTML encoding!  **
(Related lists - )

Reply via email to