[Zope] Re: Re: permissions and ODBC
cuiod-tec Jens Gelhaar
jeg@cuiod-tec.de
Mon, 14 Aug 2000 22:12:28 +0200
Hi Michel,
I solved this, but I am not completely sure why. It has something to do with
the new 2.2.0 feature of Trojan horses preventing I think (which I learned
after hours of searching around). The final problem was the owner-settings.
Lets assume you have the following structure
root
root_acl_users "rootmanager"
subfolder "newrole"
subfolder_acl_users "subfoldermanager"
subsubfolder
When you define a user "rootmanager" under root_acl_users and you define a
new role "newrole" under subfolder, than you can not give the rootmanager
the "newrole" because it is not defined on that level, you can not see it.
That was my problem. The subsubfolder was owned by rootmanager. And the
right to access the subsubfolder and it's objects was limited to "newrole"
and "manager"-role. Everything looks fine, but it does not work. You have to
define a new "subfoldermanager" in your subfolder_acl_users and give him the
"manager" role. Than you have to set the Ownership of all your objects to
"subfoldermanager".
May be I missed something, but now everything works. I hope you know what I
mean, otherwise let me know.
Jens