diff --git a/roundup/security.py b/roundup/security.py
index 6138e271a1ab430ddb9f01d7bf084ada4c3d75b4..3dfa8bd442c13ec068ca90589a10e55fc9f5b9fa 100644 (file)
--- a/roundup/security.py
+++ b/roundup/security.py
Note that this functionality is actually implemented by the
Permission.test() method.
'''
- roles = self.db.user.get(userid, 'roles')
- if roles is None:
- return 0
if itemid and classname is None:
raise ValueError, 'classname must accompany itemid'
- for rolename in [x.lower().strip() for x in roles.split(',')]:
+ for rolename in self.db.user.get_roles(userid):
if not rolename or not self.role.has_key(rolename):
continue
# for each of the user's Roles, check the permissions