Updated the hook to reject unauthorized versions to also clear the

associated database version pool.

Updated the hook to reject unauthorized versions to also clear the
associated database version pool.
1a9f582d · Jim Fulton · d257f500 · 1a9f582d
Commit 1a9f582d authored Jun 24, 2003 by Jim Fulton
Hide whitespace changes
Inline Side-by-side

Showing with 3 additions and 1 deletion

lib/python/Zope/App/startup.py lib/python/Zope/App/startup.py +3 -1

No files found.
--- a/lib/python/Zope/App/startup.py
+++ b/lib/python/Zope/App/startup.py
@@ -118,7 +118,8 @@ def startup():

 def validated_hook(request, user):
    newSecurityManager(request, user)
-    if request.get(Globals.VersionNameName, ''):
+    version = request.get(Globals.VersionNameName, '')
+    if version:
        object = user.aq_parent
        if not getSecurityManager().checkPermission(
            'Join/leave Versions', object):
@@ -127,6 +128,7 @@ def validated_hook(request, user):
                expires="Mon, 25-Jan-1999 23:59:59 GMT",
                path=(request['BASEPATH1'] or '/'),
                )
+            Zope.DB.removeVersionPool(version)
            raise Unauthorized, "You don't have permission to enter versions."