[PEAK] peak.security: permissionFor problem

Phillip J. Eby pje at telecommunity.com
Fri Feb 11 11:13:57 EST 2005


At 04:42 PM 2/11/05 +0100, Radek Kanovsky wrote:
> > I suspect that the problem is that for some reason the metadata is being
> > declared more than once, leading to a spurious apparent ambiguity.  I may
> > have to switch from a generic function to a dispatcher so that multiple
> > declarations of the same metadata can be ignored.
>
>_declare_permission is called only one time for subject==web.Context and
>name=='user'. Permission is also correct, i.e. security.Anybody.

Then it must be a dispatch problem.  :(

I wish you could send me a reproducable case, I have lots of things I'd 
like to check.  For example, I'd step up to the generic function level and 
look at the dispatch tree.

I have thought of one thing that could cause this: if the 'matches()' for a 
criterion could contain the same seed more than once, then the 
CriterionIndex could end up putting the same item in more than once into 
the same dispatch node.  However, none of the criteria in play here should 
do that; they all either yield exactly one seed, or yield only seeds from 
the index itself...

Oh heck, I think I know what's wrong, and why it's 
unpredictable!  'matches()' iterates over a dictionary that might get 
changed during the iteration!

I'm going to see if I can write a test to provoke this, and fix it, and 
then we can see if your problem goes away.  It is a problem in any event, 
so I will still fix it.




More information about the PEAK mailing list