[Zope] FW: Security question - precision
Bocquillon Philippe
Philippe.Bocquillon@trasys.be
Fri, 2 Nov 2001 15:48:21 +0100
Dieter,
Thanks for your answer. You are right: it seems there is a problem in
traversing back to the root (looking at the trace). However, my classes are
already inheriting from Acquisition.Implicit. So, this is not sufficient to
solve the problem.
Philippe
> -----Original Message-----
> From: Dieter Maurer [mailto:dieter@handshake.de]
> Sent: dimanche 28 octobre 2001 19:04
> To: Bocquillon Philippe
> Cc: 'zope@zope.org'
> Subject: Re: [Zope] FW: Security question - precision
>
>
> Bocquillon Philippe writes:
> > Zope refuses "add object" permission to any user having a
> role other than
> > Manager, i.e. Zope refuses to add objects in containers
> whose classes are my
> > proper classes (inheriting ObjectManager), even if I give
> all permissions to
> > these other roles, at root level and acquiring them.
> > When a role adds these objects in _standard_ Zope Folders,
> no problem, Zope
> > permits it.
> Looks as if your classes do not inherit from
> "Acquisition.Implicit" (probably "Acquisition.Explicit" will
> work, too).
>
> In such a case, the Zope security machinery is no longer able
> to traverse back to the root. Consequently, it rejects the
> request (more precisely, it uses its default role assignment,
> "Manager").
>
>
> Dieter
>