robert rottermann schrieb:
Hi there, I try to find out, why in an intranet accessing an object from a link sendt by email is not possible. situation: a user from a plone intranet sends a link to a dokument within the intranet to a colleague. if that colleague clicks on the link while *not logged* into the intranet she is presented with the *browser* login box repeatedly. entering the credential does not help. the error log shows that access to the document is forbidden for the document for the user Anonymous
while debugging I found out, that the __roles__ property of a given document is a tuple of the form ('GroupMember', 'Guest', 'Manager', 'FolderManager', 'Owner')
if I copy the same document to a vanilla plone site its __roles__ property is ['Anonymous', 'Manager', 'Reviewer', 'Manager', 'Anonymous']
I found out more: this dropping of 'Anonymous' and converting to a tuple only happens when I use our own workflow. if I use the standard plone workflow so I wonder, what can provoke this? robert
I have the impression, that when 'Anonymous' is part of __roles__, access to the object is possible. without it, access fails.
now my questions: is the assumption, that the failed acces is caused by the missing 'Anonymous' role in __roles__ correct?
if yes: what controls the setting of __roles__
if not: what could be the reason of the fact, that users are not presented the cookieCrumbler-base plone login is not presented?
thanks very much for your help robert