[Zope] Re: Confused about permissions
Dieter Maurer
dieter at handshake.de
Fri May 16 15:56:18 EDT 2008
Brenda Bell wrote at 2008-5-13 13:27 +0000:
>In article <b311b-news-555B7E.01592813052008 at news.gmane.org>,
> Brenda Bell <b311b-news at theotherbell.com>
> wrote:
>
>> What I can't seem to do is get the permissions right such that a user in
>> the Editor role can add new External Files.
>>
>> I've checked every box on the Security tab for the Editor role. Users
>> in the Editor role can view and modify existing ExternalFile's but still
>> cannot add new ones.
>>
>
>I enabled VerboseSecurity and I see this in my console window when I try
>to add an ExternalFile when logged in as a user who is assigned the
>Editor role:
>
>2008-05-13 13:12:55 ERROR Zope.SiteErrorLog
>http://localhost:8090/foo/manage_addProduct/ExternalFile/manage_addObject
>ViaGui
>Traceback (innermost last):
> Module ZPublisher.Publish, line 110, in publish
> Module ZPublisher.BaseRequest, line 596, in traverse
> Module ZPublisher.HTTPResponse, line 713, in unauthorized
>Unauthorized: <strong>You are not authorized to access this
>resource.</strong><p>
>No Authorization header found.</p>
The "manage_addObject" requires roles for which no user folder
in context could identify an appropriate user.
You could try to find out in an interactive interpreter
(started with "bin/zopectl debug" under "*nix") which
roles are required.
app.unrestrictedTraverse('foo/manage_addProduct/ExternalFile').manage_addObject__roles__
--
Dieter
More information about the Zope
mailing list