Hello, I am newbie. My Zope security works in a strange way: The security tab says as follows: When the Acquire permission settings checkbox is selected then the containing objects's permission settings are used. It took me some time to understand, that the settings are USED, when the Acquire permission settings checkbox is UNchecked. All checked settings are ignored. For example, if I want to prevent Anonymous user seeing something, I must uncheck in the View row "Acquire permission setting" and "Anonymous user" columns. What is wrong? Zope Version: Zope 2.3.1 (binary release, python 1.5.2, linux2-x86) Python Version: 1.5.2 (#10, Dec 6 1999, 12:16:27) [GCC 2.7.2.3] System Platform: linux2 Andres Punning
Hi Andres, on my point of view it works exactly as it should be. "Aquire permission settings" means use whatever is set in the containing object (folder, folders folder and so on) is used combined with the local settings, e.g. manager can view etc. If you dont want Annonymous user to view a page you have to take the right either at the root-folder (so it cannot be acquired) or you must prevent acquise with unchecking. Regards Tino Wildenhain --On Donnerstag, 17. Mai 2001 11:15 +0300 Punn <andres.punning@ksk.edu.ee> wrote:
Hello,
I am newbie.
My Zope security works in a strange way: The security tab says as follows: When the Acquire permission settings checkbox is selected then the containing objects's permission settings are used.
It took me some time to understand, that the settings are USED, when the Acquire permission settings checkbox is UNchecked. All checked settings are ignored.
For example, if I want to prevent Anonymous user seeing something, I must uncheck in the View row "Acquire permission setting" and "Anonymous user" columns.
What is wrong?
Zope Version: Zope 2.3.1 (binary release, python 1.5.2, linux2-x86) Python Version: 1.5.2 (#10, Dec 6 1999, 12:16:27) [GCC 2.7.2.3] System Platform: linux2
Andres Punning
_______________________________________________ Zope maillist - Zope@zope.org http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
Punn wrote:
Hello,
I am newbie.
My Zope security works in a strange way: The security tab says as follows: When the Acquire permission settings checkbox is selected then the containing objects's permission settings are used.
This means that when it is checked, the permission settings on the containing folders up to the root also apply to this object.
It took me some time to understand, that the settings are USED, when the Acquire permission settings checkbox is UNchecked. All checked settings are ignored.
No, checking permissions along with "Acquire permission settings" checked means you are adding permissions to any ones also acquired from above.
For example, if I want to prevent Anonymous user seeing something, I must uncheck in the View row "Acquire permission setting" and "Anonymous user" columns.
This is the way it works. Because View is a permission set for the Anonymous role in the root folder (check the security tab there), it is in affect here when "Acquire permission settings" is checked. To revoke this permission, you must uncheck "Acquire permission settings" so that the root folder's View setting does not affect the object.
What is wrong?
[snip]
Andres Punning
hth, -- | Casey Duncan | Kaivo, Inc. | cduncan@kaivo.com `------------------>
participants (3)
-
Casey Duncan -
Punn -
Tino Wildenhain