[Grok-dev] five.grok ZopeTwoDirectoryResource and security
Martin Aspeli
optilude+lists at gmail.com
Fri Mar 20 00:34:11 EDT 2009
Hi again,
Sorry for the flood of little issues...
I am using an auto-registered 'static' directory in my package. This
works when I traverse to it via URL
(http://example.com/siteroot/++resource++my.package/foo.css).
However, in Plone, the ResourceRegistries has some code that attempts to
do an 'exists:' path expression on the resource to decide whether to
include it when the CSS is cooked into a single stylesheet. This returns
false.
I found the cause though: If I try to do path-traverse to
portal/++resource++my.package/foo.css, I get an Unauthorized exception:
"the container has no security assertions". "The container" here is the
ZopeTwoDirectoryResource.
This does not happen with a <browser:resourceDirectory /> registered in
ZCML.
Martin
--
Author of `Professional Plone Development`, a book for developers who
want to work with Plone. See http://martinaspeli.net/plone-book
More information about the Grok-dev
mailing list