Tres Seaver wrote:
bruno modulix wrote:
Sébastien Vinot wrote:
Continuing to investigate my problem
Which is ?-)
I get now this error " You are not allowed to access 'aq_inner' in this context " for one specific user.
I've read that aq_inner is the aquisition system : how is it possible not to have rights on it ?
UTSL !-)
AFAIK, aq_self, aq_parent, aq_inner, etc, are under control of the security mechansim and are not accessible from the 'restricted' environment (scripts, ZPT, DTML etc.). You can only use'em from Products or External Methods.
Actually, the ZopeSecurity policy normally prohibits accessfrom untrusted code to any acquisition methods *except* 'aq_parent', 'aq_inner', and 'aq_explicit'
(some test later...) You're right. I had a similar symptom with aq_self, and I wrongfully concluded that all aq_XXX methods were prohibited. for i in range(100): print "I'll UTS myself before telling others to do so" Is that's ok ?-) (snip)
Try adding Shane Hathaway's VerboseSecurity product to your Zope (while debugging such issues); it often gives you many more clues to what triggers and Unauthorized exception:
Thank for the tip. -- Bruno Desthuilliers - Analyste-programmeur bruno@modulix.org www.modulix.com