Provide fix for recently added failing security tests.
authorChristopher Denter <moin GUESSWHAT the DASH space DASH station ROUNDTHING com>
Tue, 09 Jun 2009 00:45:52 +0200
changeset 4339897cdbe9e8f2
parent 4338 47c0ada5c1a2
child 4340 36d4b0af2213
child 4443 a8c445a6d37e
Provide fix for recently added failing security tests.
MoinMoin/security/__init__.py
     1.1 --- a/MoinMoin/security/__init__.py	Tue Jun 09 00:44:00 2009 +0200
     1.2 +++ b/MoinMoin/security/__init__.py	Tue Jun 09 00:45:52 2009 +0200
     1.3 @@ -69,6 +69,10 @@
     1.4                  allowed = acl.may(request, username, right)
     1.5                  if allowed is not None:
     1.6                      return allowed
     1.7 +                # If the item has an acl (even one that doesn't match) we *do not*
     1.8 +                # check the parents. We only check the parents if there's no acl on
     1.9 +                # the item at all.
    1.10 +                break
    1.11          if not some_acl:
    1.12              allowed = cache.acl_rights_default.may(request, username, right)
    1.13              if allowed is not None: