[PEAK] peak.security: permissionFor problem

[Phillip J. Eby]

At 11:13 AM 2/11/05 -0500, Phillip J. Eby wrote:
>I have thought of one thing that could cause this: if the 'matches()' for 
>a criterion could contain the same seed more than once, then the 
>CriterionIndex could end up putting the same item in more than once into 
>the same dispatch node.  However, none of the criteria in play here should 
>do that; they all either yield exactly one seed, or yield only seeds from 
>the index itself...
>
>Oh heck, I think I know what's wrong, and why it's 
>unpredictable!  'matches()' iterates over a dictionary that might get 
>changed during the iteration!
>
>I'm going to see if I can write a test to provoke this, and fix it, and 
>then we can see if your problem goes away.  It is a problem in any event, 
>so I will still fix it.

It turns out it's not a problem in the way I thought.  Any new seeds 
yielded by seeds() are added before matches() is called, so it doesn't 
actually affect matches(), which means it can't do what I thought it was 
doing.  However, if a seeds() routine uses the input table to generate 
seeds, and yields seeds while iterating, then there's a different 
corruption that could happen.  But, there are no criteria classes that do 
this right now, so that can't be the problem here.  :(