[Zope-dev] local roles

Dieter Maurer dieter@handshake.de
Tue, 8 Apr 2003 20:33:26 +0200


Sergio wrote at 2003-4-7 17:25 -0300:
 > I create a new Folder and a new Role inside it, giving View
 > permission only to this Role.
 > Then in 'local roles', I associate this Role to an user.
 > Until here, it=B4s all right. This user has access to this forlder.
 >=20
 > But I decide to change the Role=B4s name and deleted it.
 > After this, the user keep=B4s accessing the folder, because the role-
 > >user association in 'local roles' exists yet.
 >=20
 > I tried to flush and Pack the database, but that 'local role' doesn=B4=
t
 > disapear.
 >=20
 > Is this the correct behavior for local roles?

It is a well known weakness.

  You must implement an External Method that visits all objects and
  cleans up the state.


Dieter