[Zope-dev] Security Confusion :-S
Chris Withers
chrisw@nipltd.com
Mon, 23 Oct 2000 15:59:24 +0100
If anyone can help me with this, it'd give me more faith in the new
security model :-S
Right, I have a Python Product Class (lots of bits left out ;-):
> class MyProduct(OFS.SimpleItem.SimpleItem):
> """...
> """
>
> __ac_permissions__=(
> ('Use MyProduct' , ('a_method',),('Manager',)),
> )
>
> a_methodisDocTemp=1
>
> def a_method(self,ignored,md):
> list = []
> for name in self.get_contents():
> list.append(DisplayClass(name,self))
>
> return list
The important bits of DisplayClass look like:
> class DisplayClass(Globals.Persistent):
> """ """
>
> __allow_access_to_unprotected_subobjects__=1
>
> meta_type = 'CaseDisplay'
>
> __ac_permissions__=(
> ('View', ('get_name',),('Anonymous',)),
> )
...
> def get_name(self):
> return self._name
Now, I have a DTML method which goes like:
> <dtml-with an_instance_of_MyProduct>
> <dtml-in a_method>
> <B><dtml-var sequence-item html_quote>:</B>
> <dtml-var get_name><BR>
> </dtml-in>
> </dtml-with>
Which _always_ throws up an authentication box when a_method returns
anything except an empty list. no matter what username or password I
use, that box still appears.
What I would like is for the get_name and a_method methods to be mapped
to permissions so I can manage access to them using the security tab.
How should I do that?
BTW, in an attempt to get the method accessible in _some_ way I have
tried:
- setting __allow_access_to_unprotected_subobjects__=1 in both the
MyProduct and DisplayClass classes.
- setting get_name__roles__=None in the DisplayClass.
- giving every conceivable permission to both the Anonymous and Manager
roles in the folder containing the MyProduct instance
None of which feel like a good way to go, but nevertheless, none of them
worked.
The only way I coudl solve the problem was to give the DTML Method the
'Manager' proxy role, then everything worked fine.
Why is that?
What's _is_ going on?
Confused and Frustrated (isn't that always the way with Zope security?!)
Chris