[Zope-CMF] Zope 2.7.5 and proxy role for workflow scripts
Sune B. Woeller
sune at syntetisk.dk
Wed Mar 30 15:22:33 EST 2005
Hi,
After upgrading to Zope 2.7.5 I experience the following behaviour:
In a dcwokflow, i have a script with the following
content, narrowed down for simplicity:
# get the object and its ID
obj = state_change.object
The script is set to be called after a transition.
Without proxy roles the
script runs fine.
If this script gets the proxy role manager (or all roles except anonymous),
it fails, it has not got access to 'object'.
This is the VerboseSecurity-enhanced message:
2005-03-30T22:13:38 ERROR(200) SiteError http://intranet.blaagaard.lokal:8280/Members/sune/dok1/content_status_modify
Traceback (most recent call last):
File "C:\zope275\lib\python\ZPublisher\Publish.py", line 101, in publish
request, bind=1)
File "C:\zope275\lib\python\ZPublisher\mapply.py", line 88, in mapply
if debug is not None: return debug(object,args,context)
File "C:\zope275\lib\python\ZPublisher\Publish.py", line 39, in call_object
result=apply(object,args) # Type s<cr> to step into published object.
File "c:\zope275\instance2\Products\CMFFormController\FSControllerPythonScript.py", line 105, in __call__
result = FSControllerPythonScript.inheritedAttribute('__call__')(self, *args, **kwargs)
File "c:\zope275\instance2\Products\CMFFormController\Script.py", line 141, in __call__
return BaseFSPythonScript.__call__(self, *args, **kw)
File "c:\zope275\instance2\Products\CMFCore\FSPythonScript.py", line 104, in __call__
return Script.__call__(self, *args, **kw)
File "C:\zope275\lib\python\Shared\DC\Scripts\Bindings.py", line 306, in __call__
return self._bindAndExec(args, kw, None)
File "C:\zope275\lib\python\Shared\DC\Scripts\Bindings.py", line 343, in _bindAndExec
return self._exec(bound_data, args, kw)
File "c:\zope275\instance2\Products\CMFCore\FSPythonScript.py", line 160, in _exec
result = apply(f, args, kw)
File "Script (Python)", line 38, in content_status_modify
File "c:\zope275\instance2\Products\CMFPlone\WorkflowTool.py", line 36, in doActionFor
result=BaseTool.doActionFor(self, ob, action, wf_id, *args, **kw)
File "c:\zope275\instance2\Products\CMFCore\WorkflowTool.py", line 306, in doActionFor
return self._invokeWithNotification(
File "c:\zope275\instance2\Products\CMFCore\WorkflowTool.py", line 621, in _invokeWithNotification
res = apply(func, args, kw)
File "c:\zope275\instance2\Products\DCWorkflow\DCWorkflow.py", line 274, in doActionFor
self._changeStateOf(ob, tdef, kw)
File "c:\zope275\instance2\Products\DCWorkflow\DCWorkflow.py", line 439, in _changeStateOf
sdef = self._executeTransition(ob, tdef, kwargs)
File "c:\zope275\instance2\Products\DCWorkflow\DCWorkflow.py", line 542, in _executeTransition
script(sci) # May throw an exception.
File "C:\zope275\lib\python\Shared\DC\Scripts\Bindings.py", line 306, in __call__
return self._bindAndExec(args, kw, None)
File "C:\zope275\lib\python\Shared\DC\Scripts\Bindings.py", line 343, in _bindAndExec
return self._exec(bound_data, args, kw)
File "C:\zope275\lib\python\Products\PythonScripts\PythonScript.py", line 323, in _exec
result = f(*args, **kw)
File "Script (Python)", line 2, in test
File "c:\zope275\instance2/DevProducts\VerboseSecurity\VerboseSecurityPolicy.py", line 225, in validate
raise Unauthorized(info)
Unauthorized: The owner of the executing script is defined outside the context of the object being accessed. The script has
proxy roles, but they do not apply in this context.. Access to 'object' of (Products.DCWorkflow.Expression.StateChangeInfo i
nstance at 0x03B85F80) denied. Access requires View_Permission, granted to the following roles: ['Manager', 'Member', 'Owner'
, 'Reviewer']. The executing script is (PythonScript at /blaagaard/portal_workflow/plone_workflow/scripts/test), owned by sun
e.
Is this a bug in Zope 2.7.5, DCWorkflow, or a 'feature' ?
regards,
Sune W.
More information about the Zope-CMF
mailing list