Webmaster Expert RH wrote at 2003-8-27 12:17 +0200:
... It works perfectly well for me when I'm logged in as manager, but my users get an error (prompted for password again)
In the zope log I get : Module OFS.CopySupport, line 268, in manage_clone Module OFS.CopySupport, line 349, in _verifyObjectPaste Unauthorized: <zExceptions.unauthorized.Unauthorized instance at 0x8e83bec>
It seems (thank you Dieter) that this is a know bug
It only gets a bug when your script has proxy roles which would allow it to create the new object in the target. The bug is: proxy roles are not considered in the authorization check.
In searching the archives I found a solution with external method. Unfortunately, my configuration doesn't allow me to use those easily. I must find a workaround in python_script only.
You may be able to relax the object creation permissions in the target folder (that would be the easiest solution). If this is not an option, then you may clone the object yourself: create a new instance and transfer all relevant data. Of course, this is highly type specific. It is feasible only for a small number of relative easy types. You will need to give your script a proxy role such that it is able to create the objects in the target.
Of course I have set the proxy role of the script to 'Manager'
Then, it is the well known bug... Dieter