Merged r40403 from 2.9 branch:

Fixed problem with security.setPermissionDefault when the permission
wasn't used anywhere else in the class to protect methods.

doc/CHANGES.txt

@@ -26,6 +26,10 @@ Zope Changes
 
     Bugs Fixed
 
+      - AccessControl.SecurityInfo: Fixed problem with
+        setPermissionDefault when the permission wasn't used anywhere
+        else in the class to protect methods.
+
       - Collector #1957:  Made ZPublisher.HTTPResponse._error_html
         return conformant XHTML.
 

lib/python/AccessControl/SecurityInfo.py

@@ -180,6 +180,10 @@ class ClassSecurityInfo(SecurityInfo):
             else:
                 entry = (permission_name, tuple(names))
             __ac_permissions__.append(entry)
+        for permission_name, roles in self.roles.items():
+            if permission_name not in ac_permissions:
+                entry = (permission_name, (), tuple(roles.keys()))
+                __ac_permissions__.append(entry)
         setattr(classobj, '__ac_permissions__', tuple(__ac_permissions__))
 
         # Take care of default attribute access policy

lib/python/AccessControl/tests/testClassSecurityInfo.py

@@ -44,6 +44,8 @@ class ClassSecurityInfoTests(unittest.TestCase):
 
             security = ClassSecurityInfo()
 
+            security.setPermissionDefault('Make food', ('Chef',))
+
             security.setPermissionDefault(
                 'Test permission',
                 ('Manager', 'Role A', 'Role B', 'Role C')
@@ -68,6 +70,11 @@ class ClassSecurityInfoTests(unittest.TestCase):
         for item in ('Manager', 'Role A', 'Role B', 'Role C'):
             self.failUnless(item in imPermissionRole)
 
+        # Make sure that a permission defined without accompanying method
+        # is still reflected in __ac_permissions__
+        self.assertEquals([t for t in Test.__ac_permissions__ if not t[1]],
+                          [('Make food', (), ('Chef',))])
+
 
 def test_suite():
     suite = unittest.TestSuite()