[Zope-PAS] CookieAuthHelper login_form weirdness

Jens Vagelpohl jens at dataflake.org
Tue Nov 23 05:15:39 EST 2004

On Nov 23, 2004, at 11:04, Jens Vagelpohl wrote:

> I cannot seem to look at any ZMI views for the login_form inside the 
> CookieAuthHelper. I always get the form rendered. Trying to look at 
> manage_access on the form produces this traceback:

The problem here seems to be the fact that after instantiating 
login_form in CookieAuthHelper.manage_afterAdd the security on the 
login_form itself is badly mangled by doing this:

	self.login_form.__roles__ = []

I am assuming the intent is to ensure that everyone can always view the 
form so people can actually log in. But doing it this way makes it 
impossible to manage or edit the form in the ZMI. Simple proof: Delete 
the existing login_form and create a new one in there. All ZMI tabs are 
now working.

There's got to be a better way to tweak security at that point.


More information about the Zope-PAS mailing list