[Zope] Newbie question about proxy roles
Anders Brun
andbr512@student.liu.se
Sun, 25 Apr 1999 13:31:47 +0200
I have problems with proxy-roles. I have a script like this one:
<!--#var standard_html_header-->
<!--#with "manage_clone(Person,REQUEST['new_id'],REQUEST)"-->
<!--#call "manage_changeProperties(
title=REQUEST['new_title'],
tfn=REQUEST['new_tfn'],
email=REQUEST['new_email'],
icq=REQUEST['new_icq'],
)"-->
<!--#call "photo.manage_upload(REQUEST['new_photo'])"-->
<!--#/with-->
<!--#var index_html-->
... and I want it to be run by an anonymous users who have no rights to
add folders. However, even if i set the proxy role of the script to
Manager, the script will give the following error when used by
anonymous:
Error type: Unauthorized Error value: You are not authorized to perform
this operation.
Traceback (innermost last):
File lib/python/ZPublisher/Publish.py, line 877, in publish_module
File lib/python/ZPublisher/Publish.py, line 590, in publish
(Info: /y/personer/Builder)
File lib/python/OFS/DTMLMethod.py, line 155, in __call__
(Object: Builder)
File lib/python/OFS/DTMLMethod.py, line 151, in __call__
(Object: Builder)
File lib/python/DocumentTemplate/DT_String.py, line 513, in __call__
(Object: Builder)
File lib/python/DocumentTemplate/DT_With.py, line 131, in render
(Object: manage_clone(Person,REQUEST['new_id'],REQUEST))
File lib/python/DocumentTemplate/DT_Util.py, line 266, in eval
(Object: manage_clone(Person,REQUEST['new_id'],REQUEST))
File <string>, line 0, in ?
File lib/python/OFS/CopySupport.py, line 254, in manage_clone
(Object: Navigation)
File lib/python/OFS/CopySupport.py, line 329, in _verifyObjectPaste
(Object: Navigation)
(Info: ('manage_addFolderForm', Anonymous User))
Unauthorized: (see above)
How "deep" are proxy roles? I thought the script would function exactly
as it would for Manager... Are there any other ways make the script
work, except from setting the Add Folder permission for Anonymous? Or is
it safe to set the Add Folder permission for anonymous?
/Anders