Hi, I've got two questions. 1.Is Zope 2.2.0 masking the length of the passwords? 2. the more important-> I'm using a method to change properties by form. The user i.e. Tim has the role manager in the highest user_folder and acquisition is kept but Zope tells me that the user is not authorized. Why??? Thanks!
Sven Hohage wrote:
Hi, I've got two questions. 1.Is Zope 2.2.0 masking the length of the passwords? 2. the more important-> I'm using a method to change properties by form. The user i.e. Tim has the role manager in the highest user_folder and acquisition is kept but Zope tells me that the user is not authorized. Why??? Thanks!
in 2.2 proxy roles are that of the object owner. Therefore, the role(s) of the user that calls the object aren't relevant. If you need it to execute with higher permissions you need to give ownership of it to someone with the proper permissions. you may then restrict access to the method according to the authenticated user. hope that helps, -- ethan mindlace fremen Zopatista Community Liason Abnegate I!
participants (2)
-
ethan mindlace fremen -
Sven Hohage