Timo Weggen wrote at 2003-1-9 11:19 +0100:
hello, this is my first post this list. Im am using: (Zope 2.5.0 (source release, python 2.1, linux2) [SuSE Linux], python 2.2.0, linux2) and have the following question:
Given that folder hierarchy: root +my_domain +scripts +generate_link (Python script) +projects +fooproject +index_html (DTML document) where everything but my_domain/p rojects/fooproject/index_html is owned by admin, only my_domain/projects/fooproject/index_html is owned by some standard user (Authenticated role). Ownership is essential only in the second place. The permissions and roles are more essential.
... Error Type: Unauthorized Error Value: You are not allowed to access devserv_link in this context ... Traceback ... File /opt/zope/lib/python/OFS/DTMLMethod.py, line 151, in validate (Object: index_html) Unauthorized: You are not allowed to access generate_link in this context This error message looks a bit confusing. Above, "devserv_link" access is unauthorized, below its "generate_link". Are you sure, that you got really this message? (Tracebacks usually have embedded newslines, unlike in your quotation)
Every folder has at least View and Access contents information set. ... granting access for the user for whom the access was denied?
Where (in what "acl_users") is the user defined. It can access non public objects only in the subhierarchy governed by this "acl_users".
What else can be required? (The script call even fails if it only consists of return "foo") You can try Shane's product "VerboseSecurity". It facilitates analysis of authorzation problems.
Dieter