From 39cbad11badcb2e31df39da18cbe2c57a27281ac Mon Sep 17 00:00:00 2001
From: Chris McDonough <chrism@agendaless.com>
Date: Wed, 6 May 2009 05:25:53 +0000
Subject: Thinko.

---
 repoze/bfg/security.py            | 1 +
 repoze/bfg/tests/test_security.py | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/repoze/bfg/security.py b/repoze/bfg/security.py
index bfc43d752..4b28811cc 100644
--- a/repoze/bfg/security.py
+++ b/repoze/bfg/security.py
@@ -260,6 +260,7 @@ class InheritingACLSecurityPolicy(object):
                         # clear the entire allowed set, as we've hit a
                         # deny of Everyone ala (Deny, Everyone, ALL)
                         allowed = set()
+                        break
                     elif ace_principal in allowed:
                         allowed.remove(ace_principal)
 
diff --git a/repoze/bfg/tests/test_security.py b/repoze/bfg/tests/test_security.py
index 20ec1d4db..03a466e7c 100644
--- a/repoze/bfg/tests/test_security.py
+++ b/repoze/bfg/tests/test_security.py
@@ -356,7 +356,7 @@ class TestInheritingACLSecurityPolicy(unittest.TestCase):
         policy = self._makeOne(lambda *arg: None)
         result = sorted(
             policy.principals_allowed_by_permission(context, 'read'))
-        self.assertEqual(result, ['chrism', 'other'])
+        self.assertEqual(result, ['chrism'])
 
     def test_principals_allowed_by_permission(self):
         from repoze.bfg.security import Allow
-- 
cgit v1.2.3