[Zope] Sudden authentication problem
Dunigan, Craig
craig.dunigan@esker.com
Fri, 30 Mar 2001 10:53:41 -0600
I've been trying to use documentation and avoid asking the list, but I'm
stumped now. I have three Zope 2.3 servers on RedHat 7.0, each running a
ZEO client to get their ZODB storage from a ZEO server running on NT4.
Users login with this DTML method:
<dtml-let userid="REQUEST['AUTHENTICATED_USER'].getUserName()">
<dtml-call expr="RESPONSE.redirect('/base/People/' + _['userid'])">
</dtml-let>
which forces a login and points them to their home folders, in a folder
called "People." In there, they see their own files, and a "management"
icon for each, that points to DTML containing this snippet:
<dtml-let
quotedEWItem="EWurl_quote(_, _.None, EWparam=_['EWItem'])"
currentFileName="_.string.split(_['EWItem'], '/')[-1]">
For document:<br>
<a href="<dtml-var quotedEWItem>">
<span class="URLsmall"><dtml-var quotedEWItem></span></a><br>
<br>
<form action="EWFileEditProperties" method="POST">
<input type="hidden" name="EWItem" value="<dtml-var EWItem>">
<input type="hidden" name="EWUpdateBody" value="1">
<dtml-with "REQUEST.resolve_url(BASE0+_['EWItem'])">
<table border="0" cellpadding="6" cellspacing="2">
All was well until Thursday morning. I hate it when users tell *me* this,
but I changed nothing. I do have a co-worker with a global Manager role who
is not "technically oriented," but he swears he did nothing, either. Hmph.
Anyway, now about half my users can login, but get an authentication error
when accessing the file management icon. The error page includes this
traceback:
Traceback (innermost last):
File /opt/Zope/ZopeInst/lib/python/ZPublisher/Publish.py, line 222, in
publish_module
File /opt/Zope/ZopeInst/lib/python/ZPublisher/Publish.py, line 187, in
publish
File /opt/Zope/ZopeInst/lib/python/ZPublisher/Publish.py, line 171, in
publish
File /opt/Zope/ZopeInst/lib/python/ZPublisher/mapply.py, line 160, in
mapply
(Object: EWFileEditPropertiesForm)
File /opt/Zope/ZopeInst/lib/python/ZPublisher/Publish.py, line 112, in
call_object
(Object: EWFileEditPropertiesForm)
File /opt/Zope/ZopeInst/lib/python/OFS/DTMLDocument.py, line 189, in
__call__
(Object: EWFileEditPropertiesForm)
File /opt/Zope/ZopeInst/lib/python/DocumentTemplate/DT_String.py, line
538, in __call__
(Object: EWFileEditPropertiesForm)
File /opt/Zope/ZopeInst/lib/python/DocumentTemplate/DT_Let.py, line 147,
in render
(Object: quotedEWItem="EWurl_quote(_, _.None, EWparam=_['EWItem'])"
currentFileName="_.string.split(_['EWItem'], '/')[-1]")
File /opt/Zope/ZopeInst/lib/python/DocumentTemplate/DT_In.py, line 711, in
renderwob
(Object: Catalog({'meta_type':'Yihaw Folder'}))
File /opt/Zope/ZopeInst/lib/python/DocumentTemplate/DT_Util.py, line 334,
in eval
(Object: REQUEST['AUTHENTICATED_USER'].has_permission('Add EW Nav
Links', REQUEST.resolve_url(BASE0+getpath(data_record_id_))))
(Info: BASE0)
File <string>, line 0, in ?
File /opt/Zope/ZopeInst/lib/python/ZPublisher/HTTPRequest.py, line 724, in
resolve_url
Unauthorized: (see above)
I'm a novice programmer, with a nodding acquaintance with Python at best.
But from this, I read that AUTHENTICATED USER doesn't have the permission
'Add EW Nav Links' (our own concotion, obviously), and it seems that he
lacks that permission in 'BASE0+getpath(data_record_id),' which I presume
evaluates to the current folder? Each user has a local role of Manager in
his/her own folder, which I thought is what the current folder would be. I
stress that this arrangement was working until the magical voodoo of
software "spontaneous degradation" took place. Anyway, users can't change
their file properties, which they have to do. I have checked the
permissions for the broken accounts compared to the working accounts and can
visually find no difference, but obviously there has to be something I'm
missing.
Any suggestions?
Craig Dunigan
Web Programmer
Esker Software