Fixed a bug that prevented validate() from working if the top-level object

were accessed and no default object (index_html) existed.

Fixed a bug that prevented validate() from working if the top-level object
were accessed and no default object (index_html) existed.
eb14b8a5 · bc5caa9f · eb14b8a5
Commit eb14b8a5 authored Mar 12, 1999 by
Hide whitespace changes
Inline Side-by-side

Showing with 5 additions and 2 deletions

lib/python/AccessControl/User.py lib/python/AccessControl/User.py +5 -2

No files found.
--- a/lib/python/AccessControl/User.py
+++ b/lib/python/AccessControl/User.py
@@ -84,7 +84,7 @@
 ##############################################################################
 """Access control package"""

-__version__='$Revision: 1.65 $'[11:-2]
+__version__='$Revision: 1.66 $'[11:-2]

 import Globals, App.Undo, socket, regex
 from Globals import HTMLFile, MessageDialog, Persistent, PersistentMapping
@@ -355,7 +355,10 @@ class BasicUserFolder(Implicit, Persistent, Navigation, Tabs, RoleManager,
    _nobody=nobody
            
    def validate(self,request,auth='',roles=None):
-        parent=request['PARENTS'][0]
+        parents=request.get('PARENTS', [])
+        if not parents:
+            parent=self.aq_parent
+        else: parent=parents[0]

        # If no authorization, only a user with a
        # domain spec and no passwd or nobody can