Merge from 2_6 branch.

PageTemplateFiles were previously owned by whatever object contained them. This resulted in very hard bugs if the user who owned the container was removed. Since PageTemplateFiles come from the filesystem, they are now "unowned", similar to DTMLFiles. Security is still applied, but now it is applied correctly.

Merge from 2_6 branch.
PageTemplateFiles were previously owned by whatever object contained them. This resulted in very hard bugs if the user who owned the container was removed. Since PageTemplateFiles come from the filesystem, they are now "unowned", similar to DTMLFiles. Security is still applied, but now it is applied correctly.
42ea9a15 · Shane Hathaway · 36a4864b · 42ea9a15
Commit 42ea9a15 authored Oct 14, 2002 by Shane Hathaway
Hide whitespace changes
Inline Side-by-side

Showing with 10 additions and 1 deletion

lib/python/Products/PageTemplates/PageTemplateFile.py lib/python/Products/PageTemplates/PageTemplateFile.py +10 -1

No files found.
--- a/lib/python/Products/PageTemplates/PageTemplateFile.py
+++ b/lib/python/Products/PageTemplates/PageTemplateFile.py
@@ -15,7 +15,7 @@
 Zope object encapsulating a Page Template from the filesystem.
 """

-__version__='$Revision: 1.21 $'[11:-2]
+__version__='$Revision: 1.22 $'[11:-2]

 import os, AccessControl, Acquisition, sys
 from Globals import package_home, DevelopmentMode
@@ -139,6 +139,15 @@ class PageTemplateFile(Script, PageTemplate, Traversable):

    __roles__ = ComputedAttribute(_get__roles__, 1)

+    def getOwner(self, info=0):
+        """Gets the owner of the executable object.
+
+        This method is required of all objects that go into
+        the security context stack.  Since this object came from the
+        filesystem, it is owned by no one managed by Zope.
+        """
+        return None
+
    def __getstate__(self):
        from ZODB.POSException import StorageError
        raise StorageError, ("Instance of AntiPersistent class %s "