[Zope3-dev] Security: Do not compare symbolic constants with persistent data using "is"
Steve Alexander
steve@cat-box.net
Sat, 16 Feb 2002 22:07:16 +0000
I've just debugged a tricky problem with the ZopeSecurityPolicy.
The problem was that I was getting spurious Forbidden errors. These
would go away when I "refreshed" the role-permissions mapping on a
folder on the acquisition path by saving it in exactly the state it was
in before.
The problem is that Settings.Allow and Deny are checked by identity
rather than equality in ZopeSecurityPolicy.
When a string has been pickled and then unpickled, it may be a different
object, and thus must be compared by equality.
The same mistake may have been made elsewhere.
I'll check in a fix to ZopeSecurityPolicy, but then I need to go to the
pub and relax! :-)
--
Steve Alexander