![[tokkee]](http://tokkee.org/images/avatar.png){kind=avatar}
diff --git a/roundup/security.py b/roundup/security.py
index 3c87c48cc93263466fcac678cc1321513c6da103..241715d80b356d64ac2ff4ddd17bcdc1213f6a4f 100644 (file)
--- a/roundup/security.py
+++ b/roundup/security.py
roles = self.db.user.get(userid, 'roles')
if roles is None:
return 0
- for rolename in [x.lower() for x in roles.split(',')]:
+ for rolename in [x.lower().strip() for x in roles.split(',')]:
if not rolename or not self.role.has_key(rolename):
continue
# for each of the user's Roles, check the permissions