--- versionedFile/versionedFile.py	2006/02/17 12:16:08	1.56
+++ versionedFile/versionedFile.py	2006/05/10 16:58:49	1.57
@@ -602,11 +602,12 @@ class versionedFileObject(File):
 
         #self.REQUEST.close()
     
+    security.declareProtected('AUTHENTICATED_USER','downloadLocked')    
     def downloadLocked(self):
         """download and lock"""
         
         
-        if self.REQUEST['AUTHENTICATED_USER']=='Anonymous User':
+        if repr(self.REQUEST['AUTHENTICATED_USER'])=='Anonymous User':
             return "please login first"
         if not self.aq_parent.lockedBy=="":
             return "cannot be locked because is already locked by %s"%self.lockedBy
@@ -880,7 +881,7 @@ class versionedFile(CatalogAware,Folder)
         """unlock"""
         if str(self.lockedBy) in [str(self.REQUEST['AUTHENTICATED_USER'])]:
             self.lockedBy=''
-            RESPONSE.redirect(self.REQUEST['URL2'])
+            RESPONSE.redirect(self.REQUEST['HTTP_REFERER'])
         else:
             return "Sorry, not locked by you! (%s,%s)"%(self.lockedBy,self.REQUEST['AUTHENTICATED_USER'])
         
@@ -975,9 +976,11 @@ class versionedFile(CatalogAware,Folder)
         #self.getLastVersion().content_type="application/octet-stream"
         self.REQUEST.RESPONSE.redirect(self.REQUEST['URL1']+'/'+self.getId()+'/'+self.getLastVersion().getId())
     
+    security.declareProtected('AUTHENTICATED_USER','downloadLocked')    
     def downloadLocked(self):
         """download and lock"""
-        if self.REQUEST['AUTHENTICATED_USER']=='Anonymous User':
+
+        if repr(self.REQUEST['AUTHENTICATED_USER'])=='Anonymous User':
             return "please login first"
         if not self.lockedBy=="":
             return "cannot be locked because is already locked by %s"%self.lockedBy