[Zope] Deleted role and user's assigned role behavior.

Felipe Barousse Boué fbarousse@piensa.com
21 Mar 2003 23:20:36 -0600

Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

Hello Zopistas:

Just wanted to check if this is a bug or a feature:

All this following is made programatically with a combination of DTML
and python external methods.

I add a Role, let's call it "role-1"  and I assign it to say "user-1",=20

Later on, programatically I delete "role-1" with a :

<dtml-call "manage_defined_roles('Delete Role', REQUEST)">

Having passed the "roles" list in the REQUEST with the "role-1" I want
to delete.  "role-1" is succesfully deleted from the place (tree level)
where it was previously added.

Now, it happens that if I view a method which has:

<dtml-in "AUTHENTICATED_USER.getRoles()">
   <dtml-unless "_.getitem('sequence-item')=3D=3D'Authenticated'"><b>
    <dtml-var sequence-item></b><br>

It still displays the "role-1" role as one of the assigned roles to the
user (the AUTHENTICATED_USER, i.e. "user-1" in this example). How come
is "role-1" still assigned to the user even it was deleted (the role).?

If I again, manually or programatically add up again "role-1" at the
same level it was originally entered, it happens that "user-1"
automagically gets "role-1" as one of its assigned roles.

Now, the question is:  Is this a bug or a feature ?  I would have
expected Zope, either to:

1.- Do not allow role deletions if there are users with that role


2.- Delete the role with no further questions and delete all assignments
to any and all users that have that role assigned at role deletion time.


3.- A more complex combination of validations.....

Any comments on the above behavior are appreciated.

Thanks and best regards.

Felipe Barousse.

Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org