I have made two products, one news-product and one product for
pressreleases. The products are exactly equal except that they have a
bit different properties. All the code for processing these two products
are equal (except then for the handling of their different properties).
Everything works fine except when I want to update the properties of an
object. For news this works perfectly but for pressreleases this doesnt
work. I am completely puzzled because the code for doing this is the
same for both of them. Here is how it looks:
For news:
<dtml-with "newsEntries">
<dtml-if "_.getitem(objId,0).approved == 0">
<dtml-call "REQUEST.set('approved', 1)">
<dtml-call
"_[objId].propertysheets[1].manage_editProperties(REQUEST)">
<dtml-call "RESPONSE.redirect('approveNews')">
<dtml-else>
<dtml-call "REQUEST.set('approved', 1)">
<dtml-call
"_[objId].propertysheets[1].manage_editProperties(REQUEST)">
<dtml-call "RESPONSE.redirect('administerNews')">
</dtml-if>
</dtml-with>
For pressreleases:
<dtml-with "pressEntries">
<dtml-call
"_[objId].propertysheets[1].manage_editProperties(REQUEST)">
<dtml-call "RESPONSE.redirect('administerPress')">
</dtml-with>
So the updating of both of the products are done by <dtml-call
"_[objId].propertysheets[1].manage_editProperties(REQUEST)"> but when I
try to update pressreleases is says I am unauthorized. However I am
pretty sure this is not the problem. I cant set any proxy rules for the
products, I am the manager and manager has got all permissions on those
objects. I am still unauthorized when I try to login as superuser. I
have been told I am unauthorized before when I in fact has tried to call
the objects wrong so thats why I dont think this is a security-problem.
Does any1 have a clue of what is wrong here? How can the same code work
in one method and not in another? I am running 2.2 final. This is the
traceback I get:
Traceback (innermost last):
File
/usr/local/new.test.version.of.zope.DO.NOT.REMOVE/lib/python/ZPublisher/Publish.py,
line 222, in publish_module
File
/usr/local/new.test.version.of.zope.DO.NOT.REMOVE/lib/python/ZPublisher/Publish.py,
line 187, in publish
File
/usr/local/new.test.version.of.zope.DO.NOT.REMOVE/lib/python/ZPublisher/Publish.py,
line 171, in publish
File
/usr/local/new.test.version.of.zope.DO.NOT.REMOVE/lib/python/ZPublisher/mapply.py,
line 160, in mapply
(Object: handleAdministration)
File
/usr/local/new.test.version.of.zope.DO.NOT.REMOVE/lib/python/ZPublisher/Publish.py,
line 112, in call_object
(Object: handleAdministration)
File
/usr/local/new.test.version.of.zope.DO.NOT.REMOVE/lib/python/OFS/DTMLMethod.py,
line 167, in __call__
(Object: handleAdministration)
File
/usr/local/new.test.version.of.zope.DO.NOT.REMOVE/lib/python/DocumentTemplate/DT_String.py,
line 502, in __call__
(Object: handleAdministration)
File
/usr/local/new.test.version.of.zope.DO.NOT.REMOVE/lib/python/DocumentTemplate/DT_With.py,
line 146, in render
(Object: pressEntries)
File /usr/local/zope/lib/python/DocumentTemplate/DT_Util.py, line 342,
in eval
(Object: _[objId].propertysheets[1].manage_editProperties(REQUEST))
(Info: REQUEST)
File <string>, line 0, in ?
File /usr/local/zope/lib/python/DocumentTemplate/DT_Util.py, line 168,
in careful_getitem
File
/usr/local/new.test.version.of.zope.DO.NOT.REMOVE/lib/python/OFS/DTMLMethod.py,
line 189, in validate
(Object: handleAdministration)
File
/usr/local/new.test.version.of.zope.DO.NOT.REMOVE/lib/python/AccessControl/SecurityManager.py,
line 139, in validate
File
/usr/local/new.test.version.of.zope.DO.NOT.REMOVE/lib/python/AccessControl/ZopeSecurityPolicy.py,
line 159, in validate
Unauthorized: webdav
Since I am completely puzzled of what the issue could be here I would
really appreciate if someone could solve this for me. Thanks.