Merge r110185 from 2.12 branch

1b105b23 · Martin Aspeli · a93eaae4 · 1b105b23 · 1b105b23
Commit 1b105b23 authored Mar 26, 2010 by Martin Aspeli
Show whitespace changes
Inline Side-by-side

Showing with 13 additions and 1 deletion

src/Products/Five/browser/resource.py src/Products/Five/browser/resource.py +5 -0

src/Products/Five/browser/tests/resource.txt src/Products/Five/browser/tests/resource.txt +8 -1

No files found.
--- a/src/Products/Five/browser/resource.py
+++ b/src/Products/Five/browser/resource.py
@@ -162,6 +162,11 @@ class DirectoryResource(Resource,
        resource = factory(name, filename)(self.request)
        resource.__name__ = name
        resource.__parent__ = self
+        
+        # We need to propagate security so that restrictedTraverse() will
+        # work
+        resource.__roles__ = self.__roles__
+        
        return resource

 class DirectoryResourceFactory(ResourceFactory):

--- a/src/Products/Five/browser/tests/resource.txt
+++ b/src/Products/Five/browser/tests/resource.txt
@@ -69,7 +69,6 @@ PageTemplateResource's __call__ renders the template
  ...     if not isinstance(resource, PageTemplateResource):
  ...         self.assertEquals(resource(), base_url % r)

-
 Security
 --------

@@ -108,6 +107,14 @@ We can now view them all:
  ...     path = base % resource
  ...     checkRestricted(self.folder, 'context.restrictedTraverse("%s")' % path)

+Let's make sure restrictedTraverse() works directly, too. It used to get
+tripped up on subdirectories due to missing security declarations.
+
+  >>> self.folder.restrictedTraverse('++resource++fivetest_resources/resource.txt') is not None
+  True
+  
+  >>> self.folder.restrictedTraverse('++resource++fivetest_resources/resource_subdir/resource.txt') is not None
+  True

 Clean up
 --------