Just for consistency, and in case anyone ever does a search ... This problem was due to the fact that /acl_users was replaced by an LDAPAdapter. LDAPAdapter does not implement the BasicUserFolder methods getUserById() and getUser() ... so these were being passed to the superclass, which had no idea about the users in the LDAP database. Therefore, None was returned as the owner, which somehwere along the line, was translated into 'Anonymous'... To fix the problem, a quick hack of a getUserById() method was written for LDAPAdapter ... and Zope was restarted ... bingo !!! On Mon, 30 Jul 2001 14:06:42 -0400 "John Ziniti" <john.ziniti@channing.harvard.edu> wrote:
I have a short DTML Method intended to handle file uploads to a folder. In order for it to work, however, I need to enable "View" for Anonymous, which I don't want to do, or the file upload fails with "You are not authorized to access manage_addFile." (trace below) ...
As I've delved into this problem however, I have come to notice that the class <AccesControl.Owned.Owned>, believes this item is owned by the anonymous user, which it is definitely not.
Anyone have any idea on why this upload request is eventually made in the name of the Anonymous?
Where is the method manage_addFile?
Any ideas that might help?
Thanks in advance
John Ziniti
An error was encountered while publishing this resource.
Unauthorized
You are not authorized to access manage_addFile. Traceback (innermost last): File /u01/zope/Zope-2.3.3-src/lib/python/ZPublisher/Publish.py, line 223, in publish_module File /u01/zope/Zope-2.3.3-src/lib/python/ZPublisher/Publish.py, line 187, in publish File /u01/zope/Zope-2.3.3-src/lib/python/ZPublisher/Publish.py, line 171, in publish File /u01/zope/Zope-2.3.3-src/lib/python/ZPublisher/mapply.py, line 160, in mapply (Object: post_new_document) File /u01/zope/Zope-2.3.3-src/lib/python/ZPublisher/Publish.py, line 112, in call_object (Object: post_new_document) File /u01/zope/Zope-2.3.3-src/lib/python/OFS/DTMLDocument.py, line 189, in __call__ (Object: post_new_document) File /u01/zope/Zope-2.3.3-src/lib/python/DocumentTemplate/DT_String.py, line 540, in __call__ (Object: post_new_document) File /u01/zope/Zope-2.3.3-src/lib/python/DocumentTemplate/DT_Let.py, line 149, in render (Object: fname="_.string.split(REQUEST.form['new_upload'].filename,'\\')[-1]") File /u01/zope/Zope-2.3.3-src/lib/python/DocumentTemplate/DT_With.py, line 151, in render (Object: Items) File /u01/zope/Zope-2.3.3-src/lib/python/DocumentTemplate/DT_Util.py, line 333, in eval (Object: manage_addFile(_['fname'], REQUEST.form['new_upload'], REQUEST=REQUEST)) (Info: manage_addFile) File /u01/zope/Zope-2.3.3-src/lib/python/OFS/DTMLMethod.py, line 261, in validate (Object: post_new_document) File /u01/zope/Zope-2.3.3-src/lib/python/AccessControl/SecurityManager.py, line 144, in validate File /u01/zope/Zope-2.3.3-src/lib/python/AccessControl/ZopeSecurityPolicy.py, line 206, in validate Unauthorized: (see above) "
_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
-- John Ziniti Channing Laboratory Brigham and Women's Hospital 181 Longwood Avenue Brookline, MA 02115 john.ziniti@channing.harvard.edu