Michael Shulman wrote:
Okay, I must be the most moronic user ever. The default text in a newly created Python Script, which I did not bother to change for my test case, accesses meta_type, but I did not notice this; thus I was confused. (Just out of curiosity, what permissions are required to access meta_type?)
Depends, should be 'View', or most likely not protected at all, but I guess you found an object where it was protected with something else...
But... it's still not working for my real site. I think the issue is this. If script1 has proxy role Manager, and script2 has view permissions set only for Manager, then script1 can call script2, no problem. But if script1 instead calls script3, which then calls script2, it doesn't work unless script3 *also* has proxy role Manager.
Yes, this was a deliberate change made a few major releases ago. I've never mich liked it myself for exactly the reason you describe. I wonder if anyone who knows could point out why this change was made, I'm sure the reasons were good...
Is there a way to make scripts inherit proxy roles from their callers?
Both I and you wish there was ;-) cheers, Chris -- Simplistix - Content Management, Zope & Python Consulting - http://www.simplistix.co.uk