pydotorg-specific change to mailgw to handle bizzaro permissions ;)

Author: Richard Jones

CHANGES.txt

@@ -21,6 +21,7 @@ Fixed:
 - handle deleted properties in RDBMS history
 - apply timezone in correct direction in user input (sf bug 1013097)
 - more efficient find() in RDBMS (sf bug 1012781)
+- pydotorg-specific change to mailgw to handle bizzaro permissions ;)
 
 
 2004-07-21 0.7.6

roundup/mailgw.py

@@ -72,7 +72,7 @@ class node. Any parts of other types are each stored in separate files
 an exception, the original message is bounced back to the sender with the
 explanatory message given in the exception.
 
-$Id: mailgw.py,v 1.149.2.3 2004-09-29 08:47:59 a1s Exp $
+$Id: mailgw.py,v 1.149.2.4 2004-10-11 05:20:37 richard Exp $
 """
 __docformat__ = 'restructuredtext'
 
@@ -572,6 +572,10 @@ def handle_Message(self, message):
             m.append(s.getvalue())
             self.mailer.bounce_message(message, sendto, m)
 
+    def hasPermissions(self, author, classname, nodeid):
+        # make sure they're allowed to edit this class of information
+        return self.db.security.hasPermission('Edit', author, classname)
+
     def handle_message(self, message):
         ''' message - a Message instance
 
@@ -790,8 +794,7 @@ def handle_message(self, message):
                 raise Unauthorized, 'You are not permitted to access '\
                     'this tracker.'
 
-        # make sure they're allowed to edit this class of information
-        if not self.db.security.hasPermission('Edit', author, classname):
+        if not self.hasPermissions(author, classname, nodeid):
             raise Unauthorized, 'You are not permitted to edit %s.'%classname
 
         # the author may have been created - make sure the change is