Use '__self__' instead of 'im_self' everywhere.

And only use it if it is not None, which is true for functions instead of methods.

src/AccessControl/ImplPython.py

@@ -61,7 +61,7 @@ def rolesForPermissionOn(perm, object, default=_default_roles, n=None):
     """
     n = n or getPermissionIdentifier(perm)
     r = None
-    
+
     while 1:
         if hasattr(object, n):
             roles = getattr(object, n)
@@ -458,20 +458,20 @@ def checkPermission(self, permission, object, context):
             if self._ownerous:
                 owner = eo.getOwner()
                 if (owner is not None) and not owner.allowed(object, roles):
-                    # We don't want someone to acquire if they can't 
+                    # We don't want someone to acquire if they can't
                     # get an unacquired!
                     return 0
             proxy_roles = getattr(eo, '_proxy_roles', None)
             if proxy_roles:
                 # Verify that the owner actually can state the proxy role
                 # in the context of the accessed item; users in subfolders
-                # should not be able to use proxy roles to access items 
+                # should not be able to use proxy roles to access items
                 # above their subfolder!
                 owner = eo.getWrappedOwner()
                 if owner is not None:
                     if object is not aq_base(object):
                         if not owner._check_context(object):
-                            # object is higher up than the owner, 
+                            # object is higher up than the owner,
                             # deny access
                             return 0
 
@@ -674,7 +674,7 @@ def guarded_getattr(inst, name, default=_marker):
         raise
 
     try:
-        container = v.im_self
+        container = v.__self__
     except AttributeError:
         container = aq_parent(aq_inner(v)) or inst
 
@@ -709,7 +709,7 @@ def guarded_getattr(inst, name, default=_marker):
     # v or it will return an Unauthorized raised by validate.
     validate = getSecurityManager().validate
     aq_acquire(inst, name, aq_validate, validate)
-    
+
     return v
 
 
@@ -824,9 +824,9 @@ def verifyAcquisitionContext(user, object, object_roles=None):
             # This is a strange rule, though
             # it doesn't cause any security holes. SDH
             return 1
-        if hasattr(object, 'im_self'):
+        if getattr(object, '__self__', None) is not None:
             # This is a method.  Grab its self.
-            object=object.im_self
+            object = object.__self__
         if not aq_inContextOf(object, ucontext, 1):
             if 'Shared' in object_roles:
                 # Old role setting. Waaa

src/AccessControl/Permission.py

@@ -55,8 +55,8 @@ def getRoles(self, default=_marker):
             if name:
                 if hasattr(obj, name):
                     attr = getattr(obj, name)
-                    if hasattr(attr, 'im_self'):
-                        attr = attr.im_self
+                    if getattr(attr, '__self__', None) is not None:
+                        attr = attr.__self__
                         if hasattr(attr, '__dict__'):
                             attr = attr.__dict__
                             name = name + '__roles__'

src/AccessControl/ZopeSecurityPolicy.py

@@ -37,7 +37,7 @@ def getRoles(container, name, value, default):
             return default
 
         if type(value) is MethodType:
-            container = value.im_self
+            container = value.__self__
 
         cls = getattr(container, '__class__', None)
         if cls is None:

src/AccessControl/userfolder.py

@@ -292,9 +292,9 @@ def _getobcontext(self, v, request):
         if innerparent is not None:
             # this is not a method, we needn't treat it specially
             c = innerparent
-        elif hasattr(v, 'im_self'):
+        elif getattr(v, '__self__', None) is not None:
             # this is a method, we need to treat it specially
-            c = v.im_self
+            c = v.__self__
             c = getattr(v, 'aq_inner', v)
         request_container = getattr(request['PARENTS'][-1], '__parent__', [])
         # if pub's __parent__ or container is the request container, it

src/AccessControl/users.py

@@ -97,9 +97,9 @@ def getRolesInContext(self, object):
             if parent is not None:
                 object = parent
                 continue
-            if hasattr(object, 'im_self'):
-                object=object.im_self
-                object=getattr(object, 'aq_inner', object)
+            if getattr(object, '__self__', None) is not None:
+                object = object.__self__
+                object = getattr(object, 'aq_inner', object)
                 continue
             break
         roles=list(roles) + local.keys()
@@ -138,9 +138,9 @@ def _check_context(self, object):
         if context is not None:
             if object is None:
                 return 1
-            if hasattr(object, 'im_self'):
+            if getattr(object, '__self__', None) is not None:
                 # This is a method.  Grab its self.
-                object = object.im_self
+                object = object.__self__
             return aq_inContextOf(object, context, 1)
 
         # This is lame, but required to keep existing behavior.
@@ -200,8 +200,8 @@ def allowed(self, object, object_roles=None):
                 parents.add(parent)
                 inner_obj = parent
                 continue
-            if hasattr(inner_obj, 'im_self'):
-                inner_obj = inner_obj.im_self
+            if getattr(inner_obj, '__self__', None) is not None:
+                inner_obj = inner_obj.__self__
                 inner_obj = getattr(inner_obj, 'aq_inner', inner_obj)
                 continue
             break