[Zope3-dev] Permission in stateful workflow correct?
Markus Leist
ml_zope3_dev at ikom-online.de
Wed Apr 27 20:26:40 EDT 2005
Hi all,
in
src/zope/app/workflow/stateful/browser/instance.py
i've added the following local patch:
Index: instance.py
===================================================================
--- instance.py (revision 30205)
+++ instance.py (working copy)
@@ -58,7 +58,7 @@
def listContentInfo(self):
return map(self._extractContentInfo,
- IProcessInstanceContainer(self.context).items())
+ removeSecurityProxy(IProcessInstanceContainer(self.context)).items())
def getWorkflowTitle(self):
pi = self._getSelWorkflow()
@@ -108,7 +108,7 @@
def _getSelWorkflow(self):
reqWorkflow = self.request.get('workflow', u'')
- pi_container = IProcessInstanceContainer(self.context)
+ pi_container = removeSecurityProxy(IProcessInstanceContainer(self.context))
if reqWorkflow is u'':
available_instances = pi_container.keys()
if len(available_instances) > 0:
without the patch the workflows.html-view doesn't work for my Users defined in pau.
I think, that's not the right place for _not_ testing security-aspects, or?
Markus
More information about the Zope3-dev
mailing list