[PEAK] peak.security: permissionFor problem
Phillip J. Eby
pje at telecommunity.com
Fri Feb 11 11:13:57 EST 2005
At 04:42 PM 2/11/05 +0100, Radek Kanovsky wrote:
> > I suspect that the problem is that for some reason the metadata is being
> > declared more than once, leading to a spurious apparent ambiguity. I may
> > have to switch from a generic function to a dispatcher so that multiple
> > declarations of the same metadata can be ignored.
>
>_declare_permission is called only one time for subject==web.Context and
>name=='user'. Permission is also correct, i.e. security.Anybody.
Then it must be a dispatch problem. :(
I wish you could send me a reproducable case, I have lots of things I'd
like to check. For example, I'd step up to the generic function level and
look at the dispatch tree.
I have thought of one thing that could cause this: if the 'matches()' for a
criterion could contain the same seed more than once, then the
CriterionIndex could end up putting the same item in more than once into
the same dispatch node. However, none of the criteria in play here should
do that; they all either yield exactly one seed, or yield only seeds from
the index itself...
Oh heck, I think I know what's wrong, and why it's
unpredictable! 'matches()' iterates over a dictionary that might get
changed during the iteration!
I'm going to see if I can write a test to provoke this, and fix it, and
then we can see if your problem goes away. It is a problem in any event,
so I will still fix it.
More information about the PEAK
mailing list