# HG changeset patch
# User paulb
# Date 1095777799 0
# Node ID 78f1f3bdeeb584e3dbeb739413874929f44c4799
# Parent  862c62db7989993e45bcf3da8118e1e73b2776da
[project @ 2004-09-21 14:43:19 by paulb]
Fixed security so that the product hopefully acquires permission-based
restrictions from its parent folder.

diff -r 862c62db7989 -r 78f1f3bdeeb5 WebStack/Adapters/Zope.py
--- a/WebStack/Adapters/Zope.py	Tue Sep 21 14:42:40 2004 +0000
+++ b/WebStack/Adapters/Zope.py	Tue Sep 21 14:43:19 2004 +0000
@@ -9,30 +9,27 @@
 from Globals import Persistent
 from OFS.SimpleItem import Item
 from AccessControl import ClassSecurityInfo
+import Acquisition
 #from ZPublisher.HTTPResponse import status_reasons
 
-class WebStackAdapterProduct(Persistent, Item):
+class WebStackAdapterProduct(Persistent, Acquisition.Implicit, Item):
 
     "A WebStack adapter product superclass."
 
-    def __init__(self, id, resource, authenticator=None, permission=None):
+    security = ClassSecurityInfo()
+    security.declareObjectProtected("View")
+    security.declareProtected("View", "index_html")
+
+    def __init__(self, id, resource, authenticator=None):
 
         """
         Initialise with an 'id', a WebStack 'resource', and an optional
-        'authenticator'. The optional 'permission' is a Zope-related security
-        identifier.
+        'authenticator'.
         """
 
         self.id = id
         self.webstack_resource = resource
         self.webstack_authenticator = authenticator
-        self.security = ClassSecurityInfo()
-
-        if authenticator is None:
-            self.security.declarePublic("index_html")
-        else:
-            permission = permission or "View"
-            self.security.declareProtected(permission, "index_html")
 
     def __bobo_traverse__(self, request, entry_name):
         if entry_name == "index_html":