[Zope-dev] RestrictedDTML w/isPrincipiaFolderish: error with CMF 1.1 and Zope 2.4.0

Joseph Wayne Norton norton@arseed.co.jp
Fri, 29 Jun 2001 14:20:38 +0900


Hello.

I'm getting the following error message (see below) while accessing the
contents of a folder (http://localhost/cmf/Portal/FolderD/folder_contents)
underneath a CMF site instance.

I was testing Python 2.1, and CMF 1.1/Zope 2.4.0 (latest cvs checked
out versions).  I do not have any problem while using CMF 1.1 (latest
cvs version), Zope 2.3.3, and Python 1.52.

The starting ZODB database is identical in both cases.  However, I'm
not using the ZDebug product with Zope 2.4.0.

I'm just not sure if the issue is due to:

  - CMF - isPrincipiaFolderish being used in the folder_contents skin
  or
  - Zope 2.4.0 - RestrictedDTML bug ?
  or
  - Zope 2.3.3 security mechanism bug ?
  or
  - bug in my acl setup 

I feel the following priviledges should be sufficient ...

  Access contents information
  List folder contents
  View

to access isPrincipiaFolderish.

Any pointers ???

- joe n.




 
<TD WIDTH="90%">
  <H2>Site Error</H2>
  <P>An error was encountered while publishing this resource.
  </P>
  <P><STRONG>Unauthorized</STRONG></P>
  
  You are not authorized to access <em>isPrincipiaFolderish</em>.
<!--
Traceback (innermost last):
  File /export/arseed/tfs-lib/zope/zope-2.4.0/lib/python/ZPublisher/Publish.py, line 223, in publish_module
  File /export/arseed/tfs-lib/zope/zope-2.4.0/lib/python/ZPublisher/Publish.py, line 187, in publish
  File /export/arseed/tfs-lib/zope/zope-2.4.0/lib/python/ZPublisher/Publish.py, line 171, in publish
  File /export/arseed/tfs-lib/zope/zope-2.4.0/lib/python/ZPublisher/mapply.py, line 160, in mapply
    (Object: RestrictedDTML)
  File /export/arseed/tfs-lib/zope/zope-2.4.0/lib/python/ZPublisher/Publish.py, line 112, in call_object
    (Object: RestrictedDTML)
  File /opt/arseed/tfs-lib/zope/zope-2.4.0/lib/python/Products/CMFCore/FSDTMLMethod.py, line 182, in __call__
    (Object: RestrictedDTML)
  File /export/arseed/tfs-lib/zope/zope-2.4.0/lib/python/DocumentTemplate/DT_String.py, line 544, in __call__
    (Object: RestrictedDTML)
  File /export/arseed/tfs-lib/zope/zope-2.4.0/lib/python/DocumentTemplate/DT_Let.py, line 148, in render
    (Object: filterString="REQUEST.get( 'folderfilter', '' )"
          filter="decodeFolderFilter( filterString )")
  File /export/arseed/tfs-lib/zope/zope-2.4.0/lib/python/DocumentTemplate/DT_In.py, line 661, in renderwb
    (Object: listFolderContents( filter=filter ))
  File /export/arseed/tfs-lib/zope/zope-2.4.0/lib/python/DocumentTemplate/DT_Let.py, line 146, in render
    (Object: obj="_.getitem('sequence-item', 0 )"
           folderish=isPrincipiaFolderish
           portalish="_.hasattr( obj, 'isPortalContent' )
                     and obj.isPortalContent"
           methodID="folderish and '/folder_contents' or ( portalish
                     and '/view' or '' )"
           getIcon="_.hasattr(obj, 'getIcon') and obj.getIcon()"
           icon="getIcon or _.getattr(obj, 'icon', '')")
  File /export/arseed/tfs-lib/zope/zope-2.4.0/lib/python/AccessControl/DTML.py, line 101, in guarded_getattr
    (Object: RestrictedDTML)
  File /export/arseed/tfs-lib/zope/zope-2.4.0/lib/python/AccessControl/ZopeGuards.py, line 120, in guarded_getattr
    (Object: DynamicType)
  File /export/arseed/tfs-lib/zope/zope-2.4.0/lib/python/AccessControl/ZopeGuards.py, line 103, in aq_validate
    (Object: DynamicType)
  File /export/arseed/tfs-lib/zope/zope-2.4.0/lib/python/AccessControl/SecurityManager.py, line 149, in validate
  File /export/arseed/tfs-lib/zope/zope-2.4.0/lib/python/AccessControl/ZopeSecurityPolicy.py, line 229, in validate
Unauthorized: (see above)