[Zope-dev] Failing Zen, acquisition surprises or a (documentation) bug???
Rik Hoekstra
hoekstra@fsw.leidenuniv.nl
Mon, 18 Oct 1999 21:47:16 +0100
After struggling for a long time with a denial to use
manage_changeProperties in clone methods for some (in fact all but me
because I'm superuser) of the developers of our Zope site, I found
today that I had to set the proxy securities of the cloning method to
solve these problems. The developers have manager rights from the
root - that is to say right to do everything.
The problems only occur from methods acquired from other folders, as
follows:
folder1
item_to_be_cloned
cloneMethod (including changeProperties on the cloneditem)
folder2
cloneForm calling cloneMethod
While under the proxy tab it is stated that
"Proxy Roles allow a DTML Document or Method to access restricted
Zope resources. Normally a DTML Method or Document can only access
resources for which the user is authorized. By adding Proxy Roles,
you allow the DTML Document or Method to act with additional roles,
beyond what the user may have."
This either is a misleading text, or this is a bug or an unexpected
feature, or once more I have to deepen my Zen.
The developers _do_ have the rights to manage properties, that's
obvious. So changing the proxy roles should not make any difference,
or should it?
Is it acquisition that is interfering here, and if so, how? Could
someone who is closer to Nirvana than me explain this. Please
enligten me.
Rik