Eddy Ilg wrote at 2005-3-9 10:18 +0100:
... When I execute the script, I keep getting a login dialog. When I remove the line container.members.manage_addProduct["Member"].Member_add(Vorname,Nachname) it works (but of course does not create the Member instance).
Reconfigure your "error_log" object not to ignore "Unauthorized" exceptions. Reproduce the error and look at the resulting traceback in your "error_log". Come back (with the traceback) in case, the information is not easily understandable (this will probably be the case).
-- Dieter
Hi, it says: "Unauthorized: You are not allowed to access Member in this context". Member is a product. How can I authorize the user to access the product? (The user has permission "Add Members"). Eddy
Eddy Ilg wrote at 2005-3-11 20:57 +0100:
... it says: "Unauthorized: You are not allowed to access Member in this context". Member is a product. How can I authorize the user to access the product? (The user has permission "Add Members").
We also need the traceback (always! when there is one!). Are you sure that in this context "Member" is really a (Zope) product (this has a precise meaning!)? You are not supposed to access products directly but through a "ProductsDispatcher" ("dest.manage_addProduct[product_name]"). -- Dieter
Dieter Maurer wrote:
Eddy Ilg wrote at 2005-3-11 20:57 +0100:
... it says: "Unauthorized: You are not allowed to access Member in this context". Member is a product. How can I authorize the user to access the product? (The user has permission "Add Members").
We also need the traceback (always! when there is one!). Here is the full traceback:
Site Error Log at /error_log Exception traceback Time 2005/03/16 17:45:20.354 GMT+1 User Name (User Id) Eddy.Ilg (Eddy.Ilg) Request URL http://guinies.fericom.net/newMemberAction Exception Type Unauthorized Exception Value You are not allowed to access manage_changeProperties in this context Traceback (innermost last): Module ZPublisher.Publish, line 98, in publish Module ZPublisher.mapply, line 88, in mapply Module ZPublisher.Publish, line 39, in call_object Module Shared.DC.Scripts.Bindings, line 306, in __call__ Module Shared.DC.Scripts.Bindings, line 343, in _bindAndExec Module Products.PythonScripts.PythonScript, line 307, in _exec Module None, line 28, in newMemberAction <PythonScript at /guinies/newMemberAction> Line 28 Module Shared.DC.Scripts.Bindings, line 306, in __call__ Module Shared.DC.Scripts.Bindings, line 343, in _bindAndExec Module Products.PythonScripts.PythonScript, line 307, in _exec Module None, line 4, in GuinieMember_add <PythonScript at /guinies/members/GuinieMember_add> Line 4 Unauthorized: You are not allowed to access manage_changeProperties in this context
Are you sure that in this context "Member" is really a (Zope) product (this has a precise meaning!)? Yes, it is. You are not supposed to access products directly but through a "ProductsDispatcher" ("dest.manage_addProduct[product_name]"). I am using that, here is the portion of my script:
container.members.manage_addProduct["GuinieMember"].GuinieMember_add(Vorname,Nachname) Password=generatePassword() container.acl_users.manage_users('Add',{"name":Vorname+'.'+Nachname,"password":Password,"confirm":Password,"roles":[],"domains":[],}) Already the first line raises an error. The user is a user of the local acl folder (Does this matter?). The script has the proxy role manager set. Eddy
Eddy Ilg wrote at 2005-3-16 17:48 +0100:
... Exception traceback Time 2005/03/16 17:45:20.354 GMT+1 User Name (User Id) Eddy.Ilg (Eddy.Ilg) Request URL http://guinies.fericom.net/newMemberAction Exception Type Unauthorized Exception Value You are not allowed to access manage_changeProperties in this context
This tells you that an access to "manage_changeProperties" is rejected...
... Module None, line 4, in GuinieMember_add <PythonScript at /guinies/members/GuinieMember_add> Line 4 Unauthorized: You are not allowed to access manage_changeProperties in this context
This tells you that the problem is in line 4 of the PythonScript "GuinieMember_add".
Are you sure that in this context "Member" is really a (Zope) product (this has a precise meaning!)? Yes, it is.
But, you can access it and the problems is elsewhere.
... container.members.manage_addProduct["GuinieMember"].GuinieMember_add(Vorname,Nachname) Password=generatePassword() container.acl_users.manage_users('Add',{"name":Vorname+'.'+Nachname,"password":Password,"confirm":Password,"roles":[],"domains":[],})
Already the first line raises an error.
As your traceback tells you, you must look inside "GuinieMember_add". Note that proxy roles are not passed on to callees. They must have their own proxy role when they access objects not granted for the current user. -- Dieter
Eddy Ilg wrote:
it says: "Unauthorized: You are not allowed to access Member in this context". Member is a product. How can I authorize the user to access the product? (The user has permission "Add Members").
I'd suggest using Shane Hathaway's VerboseSecurity product to give you more information, it may even suggest what you need to do to fix the problem... cheers, Chris -- Simplistix - Content Management, Zope & Python Consulting - http://www.simplistix.co.uk
participants (3)
-
Chris Withers -
Dieter Maurer -
Eddy Ilg