Looks to me like the Zope security machinery is refusing to publish the attirbute "data" because the container, an element instance, isn't telling Zope that this is allowable. Chris suggested a solution which involves using the Zope security helper functions to turn this container into something that works with Zope security, and if you're storing or keeping this container after passthis returns it, or you want to do any access control with it, I'd agree with him. Looking at ZopeSecurityPolicy.py where your exception was thrown, however, it seems that the reason that this exception would have been avoided if you make a simple change to the container. Either give it an __allow_access_to_unprotected_subobjects__ attribute with a value of 1, or use a dict instead of a class instance. Why? The throw occurs on line 168 because p isn't true. p will be an int if its container (the element instance in your code) is a list, dict, or tuple (line 153). Otherwise, p will be true if the container has an int __allow_access... attribute which is true (or if that attribute is another type, but I'd suggest real permissions first). Obscure, but there it is. I learned about this when trying to figure out a different obscure access situation :( What I don't understand is that these checks seem to occur even if the container supplies or acquires a __roles__ attribute. Jason Joy <kyroraz@usa.net> writes:
This one has been driving me a bit crazy and I think there is a simple solution to this. I have written an external method to return a list of objects back to a DTML method which executes the code via a dtml-in.
The dtml code looks like:
<dtml-in processMethod(passthis)> <dtml-var sequence-index><dtml-var data><BR> </dtml-in>
And this is passthis.py:
import string, regex
def passthis(passed): class element: pass info = [] structures = string.split(passed) for structure in structures: bit = element() ## Get Information here, and store it in foo. bit.data = foo bit.source = structure info.append(bit) return(info)
---
When I run the code, I get a box that asks me to revalidate my Zope login and nothing works, finally, the system gives up and gives me an error with this at the bottom:
File /usr/local/Zope-2.3.0/lib/python/AccessControl/ZopeSecurityPolicy.py, line 168, in validate Unauthorized: data
Does anyone have any advice on this one? This is an example of what I am doing and I need to pass a list of objects (with about 10 properties on each) to be run through a dtml-in.
Thanks,
Jason
____________________________________________________________________ Get free email and a permanent address at http://www.netaddress.com/?N=1
_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
-- Karl Anderson karl@digicool.com