[Zope] proxy roles

Dieter Maurer dieter at handshake.de
Wed Mar 16 16:11:18 EST 2005


Eddy Ilg wrote at 2005-3-16 17:48 +0100:
> ...
>Exception traceback
>Time 2005/03/16 17:45:20.354 GMT+1
>User Name (User Id) Eddy.Ilg (Eddy.Ilg)
>Request URL http://guinies.fericom.net/newMemberAction
>Exception Type Unauthorized
>Exception Value You are not allowed to access manage_changeProperties in 
>this context

This tells you that an access to "manage_changeProperties" is
rejected...

> ...
>Module None, line 4, in GuinieMember_add
><PythonScript at /guinies/members/GuinieMember_add>
>Line 4
>Unauthorized: You are not allowed to access manage_changeProperties in 
>this context

This tells you that the problem is in line 4 of
the PythonScript "GuinieMember_add".

>> Are you sure that in this context "Member" is really a (Zope) product
>> (this has a precise meaning!)?
>Yes, it is.

But, you can access it and the problems is elsewhere.

> ...
>container.members.manage_addProduct["GuinieMember"].GuinieMember_add(Vorname,Nachname)
>Password=generatePassword()
>container.acl_users.manage_users('Add',{"name":Vorname+'.'+Nachname,"password":Password,"confirm":Password,"roles":[],"domains":[],})

>Already the first line raises an error.

As your traceback tells you, you must look inside
"GuinieMember_add".

Note that proxy roles are not passed on to callees.
They must have their own proxy role when they access
objects not granted for the current user.

-- 
Dieter


More information about the Zope mailing list