Explicitly require Manager role for AltDatabaseManager.

If you use experimental.publishtraverse and try to call manage_pack, it warns that the object (the manage_pack function) has no roles. In strict mode it will fail. This is an indication that the function *might* be available for anonymous users. That is not the case here, but being strict seems good.
zopefoundation · May 10, 2017 · c6fcf3e · c6fcf3e
1 parent d869368
commit c6fcf3e
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 0 deletions.
diff --git a/doc/CHANGES.rst b/doc/CHANGES.rst
@@ -8,6 +8,7 @@ http://docs.zope.org/zope2/
 2.13.27 (unreleased)
 --------------------
 
+- Explicitly require Manager role for ``AltDatabaseManager``.  [maurits]
 
 
 2.13.26 (2017-02-20)

diff --git a/src/App/ApplicationManager.py b/src/App/ApplicationManager.py
@@ -482,6 +482,7 @@ def objectIds(self, spec=None):
 class AltDatabaseManager(DatabaseManager, CacheManager):
     """ Database management DBTab-style
     """
+    __roles__ = ('Manager', )
     db_name = ApplicationManager.db_name.im_func
     db_size = ApplicationManager.db_size.im_func
     manage_pack = ApplicationManager.manage_pack.im_func