[Zope] role, user defined roles, and inclusion

Chris Withers chris at simplistix.co.uk
Thu Mar 31 06:26:16 EST 2005


Dieter Maurer wrote:
>>A user will have the Anonymous role iff they have not supplied any 
>>authentication credentials.
> 
> Any user has the "Anonymous" role whether or not it is authenticated.

Really?

Then how come the following script:

from AccessControl import getSecurityManager
user = getSecurityManager().getUser()
print user.getRoles()
return printed

returns ('Manager', 'Authenticated') when logged in as a manager and 
('Anonymous',) when anonymous?

>>A user will never have Authenticated and Anonymous roles at the same time.
> 
> This is wrong.

See above.

Chris

-- 
Simplistix - Content Management, Zope & Python Consulting
            - http://www.simplistix.co.uk


More information about the Zope mailing list