Alberto Porras Galvez a écrit : > Hi all! > > > > I'm using CPS-3.3.8, and I have found the following error related to > portal members and local roles: If I give to a member a local role in a > workspace or a section and then I delete this member in the portal, the > deleted member is not removed from the local roles in that workspace or > section, so we have a 'phantom' member with a local role in that > workspace or section but he doesn't really exist in the portal. > > Moreover, it can lead us to a security problem if another user > registers in the portal with the same username that had the old member, > this new member will acquire these local roles defined for the old member. > > Is this a known bug? By the way, Is there implemented any method that > lets us to delete all the defined local roles in sections and workspaces > for a member? Yes, but it's not exactly a bug. You can use cps_housekeeping.py to purge localroles on a regular bases or you can do it manually in the ZMI, on the "configuration" tab. -- Olivier
Hosting: Nuxeo: Zope service provider