[z3-five] Unexpectedly unprotected code
Sidnei da Silva
sidnei at enfoldsystems.com
Mon Jan 29 22:57:02 CET 2007
On 1/29/07, Chris Withers <chris at simplistix.co.uk> wrote:
> 1. Code running at this point has no security context, so anything that
> uses getSecurityManager will get an anonymous user. This is annoying.
> Why is it like this?
It's because the traversal machinery needs to get the final object to
be published to find the innermost acl_users object, to validate the
possibly local user.
So what happens is that the validate() method of the security
machinery is only called after the traversal finds the last object in
the chain.
Your __init__ method is called right before that, during traversal,
while *creating* the view object, which most likely will be the last
object in the chain.
> 2. More worrying, the code running at point A is "trusted". Am I being
> unreasonable to expect that code only to run if the current user has
> cmf.ModifyPortalContent?
Yes you are? :)
> Can anyone explain a bit more about this and how you're supposed to get
> around this?
By implementing your stuff into a proper method of the view class that
gets called *after* the traversal has taken place, and not in the
'constructor'.
--
Sidnei da Silva
Enfold Systems http://enfoldsystems.com
Fax +1 832 201 8856 Office +1 713 942 2377 Ext 214
More information about the z3-five
mailing list