[Zope] FW: Security question - precision

[Dieter Maurer]

Bocquillon  Philippe writes:
 > Zope refuses "add object" permission to any user having a role other than
 > Manager, i.e. Zope refuses to add objects in containers whose classes are my
 > proper classes (inheriting ObjectManager), even if I give all permissions to
 > these other roles, at root level and acquiring them.
 > When a role adds these objects in _standard_ Zope Folders, no problem, Zope
 > permits it.
Looks as if your classes do not inherit from
"Acquisition.Implicit" (probably "Acquisition.Explicit" will
work, too).

In such a case, the Zope security machinery is no longer able
to traverse back to the root. Consequently, it rejects the
request (more precisely, it uses its default role assignment,
"Manager").


Dieter