[zope2-tracker] [Bug 1007523] [NEW] zope2.Public from AccessControl isn't Public if used with grok.require

Patrick Gerken 1007523 at bugs.launchpad.net
Fri Jun 1 17:09:38 UTC 2012


Public bug reported:

Steps to reproduce:

1. Take any plone Project that has views defined with grok.
2. Change a require directive to "zope2.Public"
3. Try to access the view as a nonmanager
4. Confirm that you get an exception

There is a method checkPermission somewhere that handles the zope2.Public permission. But its never called.
The traverser instead just asks the Object and all it's parent which role has the required permission.

I can solve the issue by adding redefining the Public permission in
AccessControl:AccessControl/permissions.zcml to include the role
Anonymous.

But I am not sure whether this is the right way of fixing it. Therefor
I'll create a branch and link it here afterwards

** Affects: zope2
     Importance: Undecided
         Status: New


** Tags: accesscontrol

-- 
You received this bug notification because you are a member of Zope 2
Developers, which is subscribed to Zope 2.
https://bugs.launchpad.net/bugs/1007523

Title:
  zope2.Public from AccessControl isn't Public if used with grok.require

To manage notifications about this bug go to:
https://bugs.launchpad.net/zope2/+bug/1007523/+subscriptions


More information about the zope2-tracker mailing list