[Zope-CMF] newbie question

Joćo Neves joao@fabricadeideias.com
Wed, 05 Sep 2001 12:23:33 -0300 

OK. - After lots of banging my head around here's where I am:
I added several CMF Links to a folder. One of them is _NOT_ published.
I display them using:

  <dtml-in expr="objectValues( 'Link' )" skip_unauthorized>
    <a href="<dtml-var remote_url>"><dtml-var Title></a><br>
    <dtml-var Description><br>&nbsp;<br>
  </dtml-in>

and I get the following error (after removing cookie authentication):

Unauthorized

              You are not authorized to access remote_url.

              Traceback (innermost last):
                File /usr/local/zope/lib/python/ZPublisher/Publish.py, line 223, in
publish_module
                File /usr/local/zope/lib/python/ZPublisher/Publish.py, line 187, in
publish
                File /usr/local/zope/lib/python/ZPublisher/Publish.py, line 171, in
publish
                File /usr/local/zope/lib/python/ZPublisher/mapply.py, line 160, in
mapply
                  (Object: index_html)
                File /usr/local/zope/lib/python/ZPublisher/Publish.py, line 112, in
call_object
                  (Object: index_html)
                File /usr/local/zope/lib/python/OFS/DTMLMethod.py, line 194, in
__call__
                  (Object: index_html)
                File /usr/local/zope/lib/python/DocumentTemplate/DT_String.py, line
544, in __call__
                  (Object: index_html)
                File /usr/local/zope/lib/python/DocumentTemplate/DT_In.py, line 770,
in renderwob
                  (Object: objectValues( 'Link' ))
                File /usr/local/zope/lib/python/AccessControl/DTML.py, line 101, in
guarded_getattr
                  (Object: index_html)
                File /usr/local/zope/lib/python/AccessControl/ZopeGuards.py, line
120, in guarded_getattr
                  (Object: DynamicType)
                File /usr/local/zope/lib/python/AccessControl/ZopeGuards.py, line
103, in aq_validate
                  (Object: DynamicType)
                File /usr/local/zope/lib/python/AccessControl/SecurityManager.py,
line 149, in validate
                File /usr/local/zope/lib/python/AccessControl/ZopeSecurityPolicy.py,
line 229, in validate
              Unauthorized: (see above)

I would think if one of the objects is not accessible by the current user, then the
code inside the dtml-in loop would not even be executed for that object.
If all the object are published, then no errors occur.

TIA!

--
-------------------------------------------
Joćo Neves
joao@fabricadeideias.com
Fabrica de Ideias
SBS - Ed. Empire Center - bl. S - sala 508
cep 70070-904 - Brasilia - DF - Brazil
tel: (61) 321 1357
fax: (61) 223 1712
-------------------------------------------