[Zope] Not authorised to assign proxy role
Ng Pheng Siong
ngps@post1.com
Thu, 22 Feb 2001 00:22:27 +0800
On Tue, Feb 20, 2001 at 08:53:51PM +0100, Dieter Maurer wrote:
> 1. Move the role up to the root folder and give it there to the user
The role is created dynamically, specifically to allow access to
a GuardedFile in the current folder. Does not feel right to move the
role upwards.
> 2. Give the user a "local role" in "sub".
This works. Thanks for the suggestion.
> It might make the security implementation more difficult however.
I agree. This part of Zope does not give me warm fuzzies at the moment.
I need to think more about this. Something along the lines of capabilities.
(See www.erights.org.) A refactoring browser for Python would also be
helpful. (Yeah, I should check out Bicycle Repair Man.)
Cheers.
--
Ng Pheng Siong <ngps@post1.com> * http://www.post1.com/home/ngps