I am having trouble rendering a <DTML IN> in ZOPE 2.2.0 to any user regardless of roles.

I have allocated the proper rights to all objects used and nothing happens. The <IN> will not let any user view its contents.

Theodore - I bet you're running into the same problem as the folks using the ODBC adaptor. I've attached the post I made addressing this a few minutes ago. If this fixes your problem, could you send a note to the zope-list and let the folks there know that the fix works for the Oracle DA too? (I'm going out of town today, so I won't be able to forward it if you only reply to me) Thanks!

Hi guys -

For those of you (I've mostly heard ODBC adapter users) having authorization problems with your SQL methods, heres the scoop:

Database connections use one of two classes in the framework for wrapping up result data returned from queries. One of those classes (that understands results in RDB format) was missing a required security assertion.

The results returned by the ODBC adapter were bitten by this - probably there are other adapters that could be affected.

I've attached a patch file for the file: lib/python/Shared/DC/ZRDB/RDB.py

...as well as an updated version of the whole file (since I know a lot of you will be on Windows w/o patch :) Either patch or replace the file and restart Zope to fix the problem.

This is also checked in for a 2.2.1 release that will probably happen after a few weeks when enough people have upgraded to shake out any other problems.

Brian Lloyd brian@digicool.com Software Engineer 540.371.6909 Digital Creations http://www.digicool.com