Greetings. I'm having a few problems with a mini application I recently developed with Zope. It has to do with the permissions settings. The idea behind my application is that it will only be used by one person. This person has his own username and password (there is an ACL Users folder within my application's folder, with this person's name, password and role). My applicaction's directory hierarcy is as follows: ---- Application main folder. ---- Pages ---- Lib ---- Python ---- SQL methods The Application main folder has "View" permission for the role to which the user in the ACL Users folder belongs. Everything seems to work right at first. This user is able to access the index page of the application,... but when he tries to navigate to a specific page (let's call it "main_gestion_html", he gets an insufficient permissions message. The problem may lay in the fact that "main_gestion_html" uses data session variables, and most important of all, python methods from another application (let's call it ZVVB2), which is located outside the Application main folder. I tried creating a new ACL user in this other ZVVB2 folder... but I still get the same access denied message. I really need help on this. I've been stuck with this for the last few days and I don't know what else to try. Any input will be highly appreciated. Thank you so much for your time. Jose Carlos.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --On 11. Dezember 2006 09:50:33 +0100 Jose Carlos Balderas Alberico <josecarlos.balderas@gmail.com> wrote:
Everything seems to work right at first. This user is able to access the index page of the application,... but when he tries to navigate to a specific page (let's call it "main_gestion_html", he gets an insufficient permissions message.
<http://plone.org/documentation/how-to/debug-unauthorized> - -aj -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (Darwin) iD8DBQFFfRxQCJIWIbr9KYwRAmb/AKC1Dy+uE/TrU47NVtg7igYwvpMWSQCg66X5 jP3+vOGPgApg1s5HxzayPSg= =pGgB -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Jose Carlos Balderas Alberico wrote:
Greetings.
I'm having a few problems with a mini application I recently developed with Zope. It has to do with the permissions settings. The idea behind my application is that it will only be used by one person. This person has his own username and password (there is an ACL Users folder within my application's folder, with this person's name, password and role).
My applicaction's directory hierarcy is as follows:
---- Application main folder. ---- Pages ---- Lib ---- Python ---- SQL methods
The Application main folder has "View" permission for the role to which the user in the ACL Users folder belongs.
Everything seems to work right at first. This user is able to access the index page of the application,... but when he tries to navigate to a specific page (let's call it "main_gestion_html", he gets an insufficient permissions message.
The problem may lay in the fact that "main_gestion_html" uses data session variables, and most important of all, python methods from another application (let's call it ZVVB2), which is located outside the Application main folder. I tried creating a new ACL user in this other ZVVB2 folder... but I still get the same access denied message.
I really need help on this. I've been stuck with this for the last few days and I don't know what else to try.
Any input will be highly appreciated. Thank you so much for your time. Jose Carlos.
The Zope security policy requires that users accessing a protected resource be defined in a user folder which is "in scope" -- i.e., the user folder must be in a containment path which is "above" ZVV82 as a parent or grandparent. Tres. - -- =================================================================== Tres Seaver +1 540-429-0999 tseaver@palladion.com Palladion Software "Excellence by Design" http://palladion.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFfVCR+gerLs4ltQ4RAl6eAJ9dhErXkvJdvSK6SKy+fbXq7RkIKgCeLACk hVr7tCbChQ1Ri9qTG0NAIWA= =Sn/J -----END PGP SIGNATURE-----
participants (3)
-
Andreas Jung -
Jose Carlos Balderas Alberico -
Tres Seaver