[Zope] a problem with "skip_unauthorized"
Sylvain Boureliou
sylvain.boureliou@msg-software.com
Tue, 7 Aug 2001 08:04:22 +0100
Hi,
No, it's not a problem with my "publish" method, this code works with an
older zope.
It's perhaps a bug with zope 2.4, like says Joachim Werner.
The solution? Use a bloc try-except in the dtml-in tag? it's not clean.
Sylvain
> > I use zope 2.4.0 and i have a problem with "skip_unauthorized".
> > I want to publish some documents, but obviously, anonymous users are not
> > allowed to view administrator's documents.
> > So i use "skip_unauthorized" in the "in" tag, but an error is raised :
> > You are not authorized to access xxx
> > Which means that "skip_unauthorized" does not work !. I dont understand.
> > Have you an idea ?
> >
> > <dtml-in "arch_actualites.objectValues('doc')" reverse sort="Date"
> > skip_unauthorized>
> > <dtml-var "publish('actutitle','actucontent',_['html_resume'],1)">
> > </dtml-in>
>"dtml-in" checks "object access", an operation usually
>protected by "Access contents information" and sometimes
>by "View". If it fails, the "skip_unauthorized" would take
>effect and omit the element.
>Your "publish" method, however, may need different permissions.
>In this case, you would get an "Unauthorized" later in your "publish".
>If you need different permissions, you could use "ZopeFind"
>to filter objects that do not have the required permissions.
>Dieter
_______________________________________________
Zope maillist - Zope@zope.org
http://lists.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://lists.zope.org/mailman/listinfo/zope-announce
http://lists.zope.org/mailman/listinfo/zope-dev )