[Zope] Object Permissions

John Ziniti John Ziniti" <john.ziniti@channing.harvard.edu
Mon, 30 Jul 2001 14:06:42 -0400 

I have a short DTML Method  intended to handle file uploads
to a folder.   In order for it to work, however, I need to enable
"View" for Anonymous, which I don't want to do, or the file
upload fails with "You are not authorized to access manage_addFile."
(trace below) ...

As I've delved into this problem however, I have come to notice
that the class <AccesControl.Owned.Owned>, believes this item is
owned by the anonymous user, which it is definitely not.

Anyone have any idea on why this upload request is eventually made
in the name of the Anonymous?

Where is the method manage_addFile?

Any ideas that might help?

Thanks in advance

John Ziniti

An error was encountered while publishing this resource.

Unauthorized

You are not authorized to access manage_addFile.
Traceback (innermost last):
  File /u01/zope/Zope-2.3.3-src/lib/python/ZPublisher/Publish.py, line 223,
in publish_module
  File /u01/zope/Zope-2.3.3-src/lib/python/ZPublisher/Publish.py, line 187,
in publish
  File /u01/zope/Zope-2.3.3-src/lib/python/ZPublisher/Publish.py, line 171,
in publish
  File /u01/zope/Zope-2.3.3-src/lib/python/ZPublisher/mapply.py, line 160,
in mapply
    (Object: post_new_document)
  File /u01/zope/Zope-2.3.3-src/lib/python/ZPublisher/Publish.py, line 112,
in call_object
    (Object: post_new_document)
  File /u01/zope/Zope-2.3.3-src/lib/python/OFS/DTMLDocument.py, line 189, in
__call__
    (Object: post_new_document)
  File /u01/zope/Zope-2.3.3-src/lib/python/DocumentTemplate/DT_String.py,
line 540, in __call__
    (Object: post_new_document)
  File /u01/zope/Zope-2.3.3-src/lib/python/DocumentTemplate/DT_Let.py, line
149, in render
    (Object:
fname="_.string.split(REQUEST.form['new_upload'].filename,'\\')[-1]")
  File /u01/zope/Zope-2.3.3-src/lib/python/DocumentTemplate/DT_With.py, line
151, in render
    (Object: Items)
  File /u01/zope/Zope-2.3.3-src/lib/python/DocumentTemplate/DT_Util.py, line
333, in eval
    (Object: manage_addFile(_['fname'], REQUEST.form['new_upload'],
REQUEST=REQUEST))
    (Info: manage_addFile)
  File /u01/zope/Zope-2.3.3-src/lib/python/OFS/DTMLMethod.py, line 261, in
validate
    (Object: post_new_document)
  File /u01/zope/Zope-2.3.3-src/lib/python/AccessControl/SecurityManager.py,
line 144, in validate
  File
/u01/zope/Zope-2.3.3-src/lib/python/AccessControl/ZopeSecurityPolicy.py,
line 206, in validate
Unauthorized: (see above)
"