Asked for authentication when reading property after upgrade from 2.6 to 2.7
This problem occurs in a project that works perfectly with ZOPE 2.6. After the upgrade to ZOPE 2.7.4 the user is asked for permission when ZClass code references a property defined in a property sheet. More detailed: A tal command of a ZPT inside a ZClass tries to access a property that is defined in a property sheet of the same ZClass, but is - of course - given a value in the instance of the class. In ZOPE 2.7.4 the user is asked to authenticate, and if he cancels authentication he gets the message: "Error > Value: You are not allowed to access 'teillisten_laenge' in this context". where teillisten_laenge is the property in question. This is just one example - the problem seems to occur in all similar cases. Here's the code fragment that tries to read the value of teillisten_laenge: <span tal:define="listen_laenge here/propertysheets/listenstil/teillisten_laenge"> <span tal:define="sort_kriterium string:id"> ... </span> </span> Someone confronted with the same problem? Seems to be a bug, or could it be wanted behaviour? Any proposals for a workaround? Thanks, Uli
Uli Franke wrote at 2005-2-18 00:18 +0100:
This problem occurs in a project that works perfectly with ZOPE 2.6. After the upgrade to ZOPE 2.7.4 the user is asked for permission when ZClass code references a property defined in a property sheet.
The 2.7.2 to 2.7.3 transition introduced quite a few authorization problems (things are unauthorized that should not be). Several knowledgable people are working on a fix. There are good chances that the next release will do the right things again... -- Dieter
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dieter Maurer wrote: | Uli Franke wrote at 2005-2-18 00:18 +0100: | |>This problem occurs in a project that works perfectly with ZOPE 2.6. |>After the upgrade to ZOPE 2.7.4 the user is asked for permission when |>ZClass code references a property defined in a property sheet. | | | The 2.7.2 to 2.7.3 transition introduced quite a few | authorization problems (things are unauthorized that should not be). | | Several knowledgable people are working on a fix. | There are good chances that the next release will | do the right things again... Adventurous souls might try updating to the head of the Zope-2_7-branch, and verifying that the work done there resolves the issue. Tres. - -- =============================================================== Tres Seaver tseaver@zope.com Zope Corporation "Zope Dealers" http://www.zope.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFCFmIwGqWXf00rNCgRAo2uAKCdsXhvZcHIwH/9aad/ncfhxuAh/QCfble8 iJPjg2gBiHSx2oF7iGeCnts= =2RPD -----END PGP SIGNATURE-----
participants (3)
-
Dieter Maurer -
Tres Seaver -
Uli Franke