[Zope] You are not authorized to access ... exception has me baffled
Brad Clements
bkc@murkworks.com
Fri, 23 Nov 2001 13:58:18 -0500
I've broken my site, and can't figure it out. This is Zope 2.4.3 binary on Linux
I have
/ (root) with acl_users
/Strader public without an acl_users (all permissions are "acquire from above")
/Strader/P not public, has an LDAPUserFolder for acl_users
local roles are defined in the root /acl_users
Security for /Strader/P has disabled acquisition of "access contents information" and
"view", and enabled these permissions for the roles Manager, SFCustomer and
SFManager
Logging in as a Manager defined in root /acl_users works for management, but when I
attempt to view a ZPT in /Strader/P using the Test tab, I get "you are not authorized to
access title"
My manager userid is also defined in the LDAP adapter as well, so I'm authenticated by
the LDAPUserFolder in /Strader/P or /acl_users depending on what I'm accessing.
So "view" in /Strader works okay for me
-- But the real problem is --
Logging in as a user who is only defined in LDAP adapter, who has the roles
SFCustomer and SFManager still gives the same error "not authorized to access title"
on /Strader/P/Master (page template when viewing)
I'm totally stumped, it's as if LDAPUserFolder is not returning the correct list of roles.
However, if I temporarily enable acquisition of view and "access contents", I can get this
output from viewing the ZPT
roles are ('SFCustomer', 'SFManager', 'Anonymous', 'Authenticated')
(the Master template has )
roles are <span tal:content="user/getRoles">roles</span>
Anyone have any ideas how to diagnose this so I can see where to fix it?
I've searched the archives, there are some grumblings about this in the past but no
obvious silver bullet.
Brad Clements, bkc@murkworks.com (315)268-1000
http://www.murkworks.com (315)268-9812 Fax
netmeeting: ils://ils.murkworks.com AOL-IM: BKClements