[Zope3-checkins] CVS: Zope3/lib/python/Zope/App/Security - ZopeSecurityPolicy.py:1.7
Steve Alexander
steve@cat-box.net
Fri, 8 Nov 2002 12:14:19 -0500
Update of /cvs-repository/Zope3/lib/python/Zope/App/Security
In directory cvs.zope.org:/tmp/cvs-serv9113/lib/python/Zope/App/Security
Modified Files:
ZopeSecurityPolicy.py
Log Message:
fixed two bugs in the security policy. The main problem was that
"permission" was being used as a for-loop variable and that shadowed
the "permission" method argument.
=== Zope3/lib/python/Zope/App/Security/ZopeSecurityPolicy.py 1.6 => 1.7 ===
--- Zope3/lib/python/Zope/App/Security/ZopeSecurityPolicy.py:1.6 Tue Aug 13 13:46:12 2002
+++ Zope3/lib/python/Zope/App/Security/ZopeSecurityPolicy.py Fri Nov 8 12:14:19 2002
@@ -99,12 +99,13 @@
# get placeless principal permissions
for principal in principals:
- for permission, setting in getPermissionsForPrincipal(principal):
- if setting is Deny:
- return 0
- assert setting is Allow
- remove[principal] = 1
-
+ for principal_permission, setting in (
+ getPermissionsForPrincipal(principal)):
+ if principal_permission == permission:
+ if setting is Deny:
+ return 0
+ assert setting is Allow
+ remove[principal] = 1
# Clean out removed principals
if remove:
@@ -166,14 +167,14 @@
prinper = queryAdapter(object, IPrincipalPermissionMap)
if prinper is not None:
for principal in principals:
- for permission, setting in (
+ for principal_permission, setting in (
prinper.getPermissionsForPrincipal(principal)):
+ if principal_permission == permission:
+ if setting is Deny:
+ return 0
- if setting is Deny:
- return 0
-
- assert setting is Allow
- remove[principal] = 1
+ assert setting is Allow
+ remove[principal] = 1
# Clean out removed principals
if remove: