[Zope-dev] proxy roles dont jive w/ new security model

alan runyan runyaga@thisbox.com
Fri, 6 Jul 2001 11:46:57 -0500


ok.  thanks for a nudge from Martijn I whipped out the trusty debugger and
confirmed my worse fears.

I have a DTML Method that is a view of a object.  I'm using CMF and dont
want the person to have to log in to submit content.  so what I did was..
say ok.  I will create 2 Script (Pythons) that are Proxied at a Management
Role, A) creates a new content object, then displays the edit_form, B)
submits the edit_form and updates the new instances ;).  This is a valid
use-case of the CMF.  How I think this should be done is creating a PUBLIC
user where unreviewed objects go, when they are submitted they are set to
review_status of pending.  when they are published they are moved into
another folder.

My Script (Python) -- which is Proxied w/ all roles: creates the new object
and then calls a method, getEditView (which is accessible by Public) on my
instance, which returns the edit_form, DTML Method called with the instance
as the client and the current REQUEST.  Now when this DTML Method is called
it gets a new SecurityContext.  and the new SecurityContext doesnt care
about my Proxied roles.  (it takes in 0 consideration of this, and this
should be noted in the developer guide).  Because the Context only cares
about *who is calling*, which isnt the Proxy role but the actual user,
Anonymous User. ** Thus when its rendering the DTML Method its rendering as
Anonymous not as my Proxied Script (Python) and when it hits a this() it
horks with a Not Authorized.** <- I'm quite sure how True this is.  It
appears that when i'm going through the security machinery the
'anExecutableObject' (which is the DTML Method) *has* my proxies roles.
BTW: I cant call manage_proxy on the DTML Method, because that also only
cares about *who is calling* and the Anonymous Role doesnt do much good for
me (if I try 'Manager' or something it correctly complains that I do not
have that proxy role).

It appears that my DTML Method needs a _customSecurityPolicy.   It seems the
publishing machinery publishes: Script (Python), then MyDTMLMethod, then the
header that MyDTMLMethod uses.  do I need a customSecurityPolicy to attach
to my DTMLMethods so that they can run in the same security context (which I
would like to be, God -- remember they are submitting to a Script(Python)
which is doing all the heavy lifting, the rendering is being returned by the
Script(Python), so it would be fine if I had a "lets this Publishing Event
occur as God"

Q: when my header says _.hasattr(this(), 'someAttr') <- this() is the
dtml_method(client, request) client reference, correct?

this has caused me very much heartache.  ;(   and emotional damage ;'(

I'm very confused and discourgaged right now.  If I told you how long i've
spent on this you would cringe.  My end goal is to make a CMF product where
peopel submit resumes/job postings (this works just fine w/ members logged
in).  but I need people who are not members to be able to submit job
postings.  ( so they need to be able to create and edit the entry for it to
be pushed to a review status.  )  I am trying to do this w/o changing my
Objects because I want to be able to come up w/ a idiom of doing this for
all CMF objects (since you may want people who are not members to submit
Calendar Events, for instance).

if im not giving enough information please help.  I'm willing to spend time
doing this.  I am so far down this road and I've committed to someone i
would have it done.

any help would be appreciated,
~runyaga