Anthu Nguyen wrote at 2004-11-17 13:16 -0800:
... *Unauthorized* ... * Module OFS.DTMLMethod, line 123, in __call__ *<DTMLMethod instance at ddfe30>* *URL: http://nwsops38.sfbay/header/manage_main* *Physical Path:*/header * Module DocumentTemplate.DT_String, line 474, in __call__ * Module DocumentTemplate.DT_In, line 703, in renderwob * Module DocumentTemplate.DT_With, line 76, in render * Module Products.VerboseSecurity.VerboseSecurityPolicy, line 151, in validate
Unauthorized: The container has no security assertions. Access to 'title_or_id' of (FactoryDispatcher instance at e68510) denied. (Also, an error occurred while attempting to render the standard error message.)
This is very strange: It is true that a "FactoryDispatcher" ("App.FactoryDispatcher.FactoryDispatcher") does not have security assertions. But usually, it does not have a "title_or_id" either. Therefore, it should not be relevant with respect to "title_or_id" access that it lacks security assertions. Maybe, it is a bug introduced with the security tighening introduced in Zope 2.7.3 (there was some discussion about such a bug in the mailing list (zope-dev, I think)). You can try to add a "__role__ = None" and maybe a "__allow_access_to_unprotected_subobjects__ = 1" to the "FactoryDispatcher" class (--> "App/FactoryDispatcher.py") to see whether the problem disappears. These two attributes will provide security assertions for the factory. Your "header/manage_main" DTML Method seems a bit strange, too. Why does it use a "dtml-in" and in it a "dtml-with" and in it access to "title_or_id". This is somewhat unexpected in the add form of a ZClass. -- Dieter