[Zope] CopySupport methods permissions - do they make sense?
Brian Lloyd
Brian@digicool.com
Thu, 4 Nov 1999 15:51:45 -0500
> Yup, it should, but it doesn't (even tried doing proxy Manager on the
> method). I think something is really honestly broken here. There's a
> blurb in the CopySupport module that refers to the fact that
> the various
> copy methods do their own security, and you can see it in
> _verifyObjectPaste().
>
> In particular, the statement:
>
> ...
>
> (and the fact that I get stopped here all the time) suggests
> that it is
> currently impossible for a user that does not have some role
> or another
> to actually perform a copy. Proxy roles don't seem to get
> past this, and
> I don't know of a way to assign a role (temporary or otherwise) to an
> anonymous user.
The _verifyObjectPaste code does its own validation for a
reason - to paste or rename an object, you *must have the
permission to add that particular kind of object*. There
is a bug report in the Collector with regard to proxy roles
not always percolating down the call stack the way they
should - I suspect that's the reason that your proxy approach
didn't work (we'll be looking into that). Note that you
should be able to go to the "Security" tab of a Folder and
give "Anonymous" the "Add xxx permission" for those types
of objects that they will need to be able to copy...
Brian Lloyd brian@digicool.com
Software Engineer 540.371.6909
Digital Creations http://www.digicool.com