[Zope] RE: "ZopeTime" not defined error?

Dieter Maurer dieter@handshake.de
Thu, 1 Nov 2001 22:00:12 +0100


Dave Lehman writes:
 > Alright, I figured out that if I assign a user "Manager" rights, then my
 > custom "login_form" works. However, it does *not* work if I go to my root
 > Portal folder security tab and assign all rights to the "Member" role.
 > 
 > So does the "manager" role have other instrinsic rights? Obviously I can't
 > give everyone manager rights, just to work around this issue.
Seems as if a security declaration were missing or could no longer
be resolved (because the acquisition chain had been broken).
In this case, Zope would default to the "Manager" role.

 > If I stick the "login_form" in my "custom" skin folder, where would it be
 > trying to access "ZopeTime" from that is different than the "generic"
 > folder?
It should do it from the same place, the ApplicationObject.

 > And why does it think ZopeTime is not defined?
The security machinery tries to hide objects you have no access to
(it raises "KeyError" exceptions rather than "Unauthorized").
I doubt very much that this is a good idea, but ...

You may try to add:

    ZopeTime__roles__=None

in "OFS.Application" near the definition of "ZopeTime".

What you see may be the effect of the "Security Cleanup"
that removed the "Allow unless Protected" but apparently forgot
to add security declaration at many places...

In my Zope CVS (last updated shortly after 2.4.1), I have still
the old security setup.


Dieter