I have problems with proxy-roles. I have a script like this one:
<!--#var standard_html_header--> <!--#with "manage_clone(Person,REQUEST['new_id'],REQUEST)"--> <!--#call "manage_changeProperties( title=REQUEST['new_title'], tfn=REQUEST['new_tfn'], email=REQUEST['new_email'], icq=REQUEST['new_icq'], )"--> <!--#call "photo.manage_upload(REQUEST['new_photo'])"--> <!--#/with--> <!--#var index_html-->
... and I want it to be run by an anonymous users who have no rights to add folders. However, even if i set the proxy role of the script to Manager, the script will give the following error when used by anonymous:
<error message snipped>
How "deep" are proxy roles? I thought the script would function exactly as it would for Manager... Are there any other ways make the script work, except from setting the Add Folder permission for Anonymous? Or is it safe to set the Add Folder permission for anonymous?
/Anders
This sounds like a bug, so I've added to the Collector on zope.org to make sure it doesn't fall through the cracks. We'll take a look at it. Brian Lloyd brian@digicool.com Software Engineer 540.371.6909 Digital Creations http://www.digicool.com