[Zope-CMF] invokeFactory and security
Dieter Maurer
dieter at handshake.de
Tue Aug 26 23:07:22 EDT 2003
Reverend Matt wrote at 2003-8-22 20:38 -0000:
> I have a portal tool that I want to allow anonymous users to use,
> which means allowing invokeFactory for anonymous users. My problem is
> that I figured I could do this by simply proxying the python script
> that runs when they hit "submit", but it still indicates "you are not
> authorized to access invokeFactory in this context". The tool works
> fine when logged in.
In some contexts, the code makes its own security checks
(most prominent example: pasting) which does not honour
execution oriented permissions such as proxy roles.
Try to get a traceback and look where the exception is raised.
Dieter
More information about the Zope-CMF
mailing list