[Zope-dev] intSet and the new security model
Chris Withers
chrisw@nipltd.com
Mon, 21 Aug 2000 17:41:34 +0100
Hi,
Squishdot uses an intSet called 'thread' to store some information.
Items in this intSet are used in several DTML methods, for example:
<A HREF="<dtml-var site_url >/<dtml-var expr="thread[0]"
>/index_html#<dtml-var id >">Return to main thread</A>
Now, in Zope 2.2 this throws an unauthorized error as show in the PS.
How can I make this go away in a non-hacky fashion?
cheers,
Chris
PS:
<!--
Traceback (innermost last):
File E:\Zope\227194~1.0\lib\python\ZPublisher\Publish.py, line 222, in
publish_module
File E:\Zope\227194~1.0\lib\python\ZPublisher\Publish.py, line 187, in
publish
File E:\Zope\227194~1.0\lib\python\ZPublisher\Publish.py, line 171, in
publish
File E:\Zope\227194~1.0\lib\python\ZPublisher\mapply.py, line 160, in
mapply
(Object: addPostingForm)
File E:\Zope\227194~1.0\lib\python\ZPublisher\Publish.py, line 112, in
call_object
(Object: addPostingForm)
File E:\Zope\227194~1.0\lib\python\OFS\DTMLMethod.py, line 167, in
__call__
(Object: addPostingForm)
File E:\Zope\227194~1.0\lib\python\DocumentTemplate\DT_String.py, line
502, in __call__
(Object: addPostingForm)
File E:\Zope\227194~1.0\lib\python\DocumentTemplate\DT_Util.py, line
337, in eval
(Object: thread[0])
(Info: thread)
File <string>, line 0, in ?
File E:\Zope\227194~1.0\lib\python\DocumentTemplate\DT_Util.py, line
168, in careful_getitem
File E:\Zope\227194~1.0\lib\python\OFS\DTMLMethod.py, line 189, in
validate
(Object: addPostingForm)
File E:\Zope\227194~1.0\lib\python\AccessControl\SecurityManager.py,
line 139, in validate
File
E:\Zope\227194~1.0\lib\python\AccessControl\ZopeSecurityPolicy.py, line
159, in validate
Unauthorized
-->