[ZCM] [ZC] 514/ 2 Comment "User.has_permission broken"
Collector: Zope Bugs, Features, and Patches ...
zope-coders-admin@zope.org
Fri, 21 Feb 2003 03:38:34 -0500
Issue #514 Update (Comment) "User.has_permission broken"
Status Pending, Zope/bug medium
To followup, visit:
http://collector.zope.org/Zope/514
==============================================================
= Comment - Entry #2 by khk on Feb 21, 2003 3:38 am
This bug creates a problem for situations where a site manager needs to manage and follow up the other users' access to features and objects. Site managers need to be able to simulate the behavior of the site for the users without actually taking their identity.
If this can't be fixed easily (if it breaks existing code or for other reasons), it would be good to at least provide another method that will actually use the user object supplied with the call.
________________________________________
= Request - Entry #1 by Zen on Aug 13, 2002 2:12 am
User.has_permission currently works by doing:
getSecurityManager().checkPermission(...)
This will only work if the User object corresponds to the currently authenticated user. Code like the following will not work:
self.acl_users.getUser(
'fred').has_permission('View',self)
==============================================================