context.user at ImplPython.py
Hi! I debug ImplPython.py to try to understand why my code don't work ok If you remember my last threat I wonder why some actions marked as Manager execute ok but other not You could refresh your mind about it at: http://archives.free.net.ph/message/20070312.184003.211597ad.en.html When validate (line 237) try to evaluate if the user is autenthicated and has right roles (line 436) the self._authenticated is set to TRUE but context.user is Anonymous User even when I'm authenticated to Garito Is this normal? (this is what causes the error for me) Thanks! -- Mis Cosas http://blogs.sistes.net/Garito
On 3/22/07, Garito <garito@sistes.net> wrote:
I debug ImplPython.py to try to understand why my code don't work ok
If you remember my last threat I wonder why some actions marked as Manager execute ok but other not You could refresh your mind about it at: http://archives.free.net.ph/message/20070312.184003.211597ad.en.html
When validate (line 237) try to evaluate if the user is autenthicated and has right roles (line 436) the self._authenticated is set to TRUE but context.user is Anonymous User even when I'm authenticated to Garito
Is this normal? (this is what causes the error for me)
I've seen this happen when creating views in combination with PlonePAS. The issue is that the user authentication hasn't taken place yet at traversal time (when the view is instanciated). Moving the user-dependant code to render time (view.__call__ and methods used in the view template or somesuch) the problem is circumvented. -- Martijn Pieters
Hi, Martijn! I think I understand what you say but I have a problem: I don't use any view or object to the render time. Is a method (__call__). Then I can't return the view object at traversal time. How can I then avoid this problem? And If this is correct, why don't work the same with the creation method? If you read the link I put, you could read I can create (with CrearFuncionalidad) but not delete it (with BorrarFuncionalidad) that seems to have the same security necessities Weired think, isn't it? Thank you so much for your help! 2007/3/23, Martijn Pieters <mj@zopatista.com>:
On 3/22/07, Garito <garito@sistes.net> wrote:
I debug ImplPython.py to try to understand why my code don't work ok
If you remember my last threat I wonder why some actions marked as Manager execute ok but other not You could refresh your mind about it at: http://archives.free.net.ph/message/20070312.184003.211597ad.en.html
When validate (line 237) try to evaluate if the user is autenthicated and has right roles (line 436) the self._authenticated is set to TRUE but context.user is Anonymous User even when I'm authenticated to Garito
Is this normal? (this is what causes the error for me)
I've seen this happen when creating views in combination with PlonePAS. The issue is that the user authentication hasn't taken place yet at traversal time (when the view is instanciated). Moving the user-dependant code to render time (view.__call__ and methods used in the view template or somesuch) the problem is circumvented.
-- Martijn Pieters
-- Mis Cosas http://blogs.sistes.net/Garito
On 3/23/07, Garito <garito@sistes.net> wrote:
I don't use any view or object to the render time. Is a method (__call__). Then I can't return the view object at traversal time. How can I then avoid this problem?
At traversal time you indeed cannot rely on the right security context.
And If this is correct, why don't work the same with the creation method?
The creation happens *after* traversal?
If you read the link I put, you could read I can create (with CrearFuncionalidad) but not delete it (with BorrarFuncionalidad) that seems to have the same security necessities
Return a callable from your traverser (so return the __call__, don't call it yourself). The publisher will call it for you after the user has been authenticated. -- Martijn Pieters
participants (2)
-
Garito -
Martijn Pieters