[Zope] Scripts run as least privileged user necessary?

Ken Causey ken at kencausey.com
Fri Aug 29 11:27:15 EDT 2003


I'm running into a strange problem.  I have a situation in which I want
a script to treat Managers differently than other users.  But I'm
finding that whether or not I'm logged in as a manager or not the script
only considers the user to be 'Anonymous User' as long as 'Anonymous'
has View privilege for the script.  If I change the Security permissions
so that only 'Authenticated' can View the script then the user is
properly identified.  Is this expected behaviour?  This is what I'm
seeing on 2.6.1.

As a test create a script with

return _.SecurityGetUser()

be sure to bind '_' to Namespace.  Set that script so that the View
privilege is allowed for 'Anonymous'.  Stay logged in and run the
script.  Then change it so only 'Authenticated' as the View privilege,
run it again.  The behavior changes based on the permissions.

Ken Causey
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.zope.org/pipermail/zope/attachments/20030829/cf814e82/attachment.bin


More information about the Zope mailing list