ehem ... for create too

[roundup.git] / roundup / security.py

diff --git a/roundup/security.py b/roundup/security.py
index f34892ee9701716868545540820c70bc2ed59705..0526b4eb8c66e3e0730d550fc42744a7229d4cce 100644 (file)
--- a/roundup/security.py
+++ b/roundup/security.py
@@ -66,8 +66,9 @@ class Security:
             description="User may register through the email")
 
         # initialise the permissions and roles needed for the UIs
-        from roundup import cgi_client, mailgw
-        cgi_client.initialiseSecurity(self)
+        from roundup.cgi import client
+        client.initialiseSecurity(self)
+        from roundup import mailgw
         mailgw.initialiseSecurity(self)
 
     def getPermission(self, permission, classname=None):
@@ -98,7 +99,7 @@ class Security:
         if roles is None:
             return 0
         for rolename in roles.split(','):
-            if not rolename:
+            if not rolename or not self.role.has_key(rolename):
                 continue
             # for each of the user's Roles, check the permissions
             for perm in self.role[rolename].permissions:
@@ -157,3 +158,4 @@ class Security:
         role = self.role[rolename]
         role.permissions.append(permission)
 
+# vim: set filetype=python ts=4 sw=4 et si