[Zope-CMF] invokeFactory and security

Dieter Maurer dieter at handshake.de
Tue Aug 26 23:07:22 EDT 2003


Reverend Matt wrote at 2003-8-22 20:38 -0000:
 > I have a portal tool that I want to allow anonymous users to use,
 > which means allowing invokeFactory for anonymous users.  My problem is
 > that I figured I could do this by simply proxying the python script
 > that runs when they hit "submit", but it still indicates "you are not
 > authorized to access invokeFactory in this context".  The tool works
 > fine when logged in.  

In some contexts, the code makes its own security checks
(most prominent example: pasting) which does not honour
execution oriented permissions such as proxy roles.

Try to get a traceback and look where the exception is raised.


Dieter



More information about the Zope-CMF mailing list