Fixed in revision 3388. Resolved this by displaying the delete action only when permissions allow deletion. A related problem is some strange permission settings in the database. I suggest we run the following script to remove the apparently senseless settings::
def fix(obj):
acl = getattr(obj, '__acl__', None)
if acl is not None:
new_acl = []
for ace in acl:
if ace[1] == 'admin': # no principal is named 'admin' continue
if ace == ('Deny', 'system.Everyone', ('edit', 'delete')): # this is implicit continue new_acl.append(ace)
if acl != new_acl: print obj.__name__, new_acl obj.__acl__ = new_acl
if hasattr(obj, 'values') and hasattr(obj, '__getitem__'):
for item in obj.values(): fix(item)
Fixed in revision 3388. Resolved this by displaying the delete action only when permissions allow deletion. A related problem is some strange permission settings in the database. I suggest we run the following script to remove the apparently senseless settings::
def fix(obj):
# no principal is named 'admin'
continue
# this is implicit
continue
new_acl. append( ace)
print obj.__name__, new_acl
obj._ _acl__ = new_acl
fix(item)
acl = getattr(obj, '__acl__', None)
if acl is not None:
new_acl = []
for ace in acl:
if ace[1] == 'admin':
if ace == ('Deny', 'system.Everyone', ('edit', 'delete')):
if acl != new_acl:
if hasattr(obj, 'values') and hasattr(obj, '__getitem__'):
for item in obj.values():
fix( root['offices' ]) commit( )
import transaction; transaction.