Massimo, there are two things to consider. The rights of the first script which is manager and should therefore be enough for what ever you want to do. BUT: the maximum rights it can acquire when running the second script are the ones the owner of that script has. To avoid cross scripting attacks a script will always run with the rights of the script owner. Otherwise you could try to trick some manager to execute a malicious script you do not have enough credentials to run. Robert massimop@users.berlios.de wrote:

Hi

I would like to call script (the one called 'Script (python)', it should manage the properties of a Folder) from another that have a proxy of Manager

My guess was that in this way the first one would be executed with Manager role, but actually I was wrong... it complain that I'm not "allowed to access 'manage_changeProperties' in this context"

Am I doing something weird, or is this the way it should work?

P.S. the same (first) script, called on the same Folder object whe the authenticated user is the owner of the Folder, works

thanks massimo

_______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )

massimop@users.berlios.de wrote at 2004-11-25 19:28 +0100:

I would like to call script (the one called 'Script (python)', it should manage the properties of a Folder) from another that have a proxy of Manager

Proxy roles are not passed on to called objects. Each single object (script, template) must have its own proxy roles necessary for its work. -- Dieter