[Zope3-dev] Understading zopepolicy
Sidnei da Silva
sidnei at plone.org
Mon Oct 6 17:42:50 EDT 2003
Howdy folks,
I think that zopepolicy needs serious refactoring, at least as far as
I understand how security should work in Zope 3. Here's the issue:
Code in question is zope/app/security/zopepolicy.py
Currently, if a user has a global role (declared in zcml), and this
role has a permission, line 138 will execute, adding the user to the
'remove' dict, and short-circuiting the checking process which will
return 'True' at line 150.
It happens that if you want to remove a role in a given place (say,
you want to prevent the user from entering a folder) the setting you
just switched will never get checked because of this.
IMO, the checkins should be done from local -> global *or* not have
those short-circuits in the middle of the path. If I remove all the
occurrences of the check for 'remove' except the last, then the code
fails around line 190, because the role is already on the dict, so the
local setting (Deny) never overrides the global setting (Allow), thus
making it useless.
I hope I've explained myself in an understandable way.
Thoughts?
--
Sidnei da Silva <sidnei at plone.org>
dreamcatching :: making your dreams come true
http://dreamcatcher.homeunix.org
Simulations are like miniskirts, they show a lot and hide the essentials.
-- Hubert Kirrman
More information about the Zope3-dev
mailing list