Authorization error with for missing values ??
Hi! I've been trying to use DateTime values with ZSybaseDA, and have come across the following strange behavior: I'm doing a query to my database to get out data which includes a datetime field which can in some cases be NULL. (The field name is 'birthdate'; let's call the table, for the example, 'User'). I have a Z SQL Method selectUsers which does something like: select * from User which is referenced from a DTML Document like this: <dtml-in selectUsers> <dtml-var birthdate> </dtml-in> This works fine if none of the birthdates are NULL; however if birthdate is NULL, then I get an authorization dialog, even though I am already logged into Zope as a Manager in the top-level acl_users folder. The only way to get past the authentication dialog is to log in as the Zope superuser. What's going on here? I traced code to RDB.py, where it looks like Missing.MV should be substituted for any values which don't come back in the query results for a given field. The test() method of the selectUsers Z SQL Method handles things OK, but I don't seem to have permission to look at Missing.MV in a regular document... --Brian
In article <37BD187F63.62E6BRIAN@smtp.garage.co.jp>, Brian Hooper <brian@garage.co.jp> writes
This works fine if none of the birthdates are NULL; however if birthdate is NULL, then I get an authorization dialog, even though I am already logged into Zope as a Manager in the top-level acl_users folder. The only way to get past the authentication dialog is to log in as the Zope superuser.
I think this is an old unaddressed bug. Any Zsql method that returns a set containing nulls brings up the authentication challenge. Goes back at least to 1.11pr1. ------- Regards, Graham Chiu gchiu<at>compkarori.co.nz
participants (2)
-
Brian Hooper -
Graham Chiu