diff --git a/roundup/cgi/client.py b/roundup/cgi/client.py
index 6c713ecda4fd4f242778159b2e9ce2f575783352..3b1023806a5bd4b20c7c3040c0cb6bd8378a7406 100644 (file)
--- a/roundup/cgi/client.py
+++ b/roundup/cgi/client.py
# see if we need to re-parse the environment for the form (eg Zope)
if form is None:
- self.form = cgi.FieldStorage(environ=env)
+ self.form = cgi.FieldStorage(fp=request.rfile, environ=env)
else:
self.form = form
if action in ('login', 'register'):
return
+ # allow Anonymous to view the "user" "register" template if they're
+ # allowed to register
+ if (self.db.security.hasPermission('Register', self.userid, 'user')
+ and self.classname == 'user' and self.template == 'register'):
+ return
+
# otherwise for everything else
if self.user == 'anonymous':
if not self.db.security.hasPermission('Web Access', self.userid):