[Zope-CMF] portal_catalog.searchResults interaction with allowedUsersAndRoles

seb bacon seb@jamkit.com
26 Feb 2002 12:40:10 +0000


On Tue, 2002-02-26 at 02:08, John Morton wrote:
> The problem I ran into immediately related to the fact that some objects I'd 
> created and where searching for where created by a management user from an 
> acl_users below the CMF site instance, and consequently only had that user 
> name and 'Manager' in each object allowedUsersAndRoles. 
> 
> So if the search results of a catalog search are governed by the usual 
> security machinary anyway (this is the case, right?), what is the purpose of 
> this allowedUsersAndRoles business?

Your analysis sounds correct, but you're mistaken in your assumption
that the Catalog filters by role already.

seb