[Zope] Problem with Zope 2.5.1, Linux, Permissions of DTML variables

Daniel Paul paul@bitubi.de
Wed, 3 Jul 2002 12:41:14 +0200 

This is a multi-part message in MIME format.

------=_NextPart_000_0000_01C2228E.EB0AF720
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit

Hello,

I have the following problem:

If I try to access an particular Object (Folder) in Zope with a login I
created and

verified personally only minutes ago, I get the following error:

<!--
Traceback (innermost last):
  File /opt/Zope-2.5.1-linux2-x86/lib/python/ZPublisher/Publish.py, line
150, in publish_module
  File /opt/Zope-2.5.1-linux2-x86/lib/python/ZPublisher/Publish.py, line
114, in publish
  File /opt/Zope-2.5.1-linux2-x86/lib/python/Zope/__init__.py, line 159, in
zpublisher_exception_hook
    (Object: Neue_Produkte)
  File /opt/Zope-2.5.1-linux2-x86/lib/python/ZPublisher/Publish.py, line 98,
in publish
  File /opt/Zope-2.5.1-linux2-x86/lib/python/ZPublisher/mapply.py, line 88,
in mapply
    (Object: index_html)
  File /opt/Zope-2.5.1-linux2-x86/lib/python/ZPublisher/Publish.py, line 39,
in call_object
    (Object: index_html)
  File /opt/Zope-2.5.1-linux2-x86/lib/python/OFS/DTMLMethod.py, line 127, in
__call__
    (Object: index_html)
  File /opt/Zope-2.5.1-linux2-x86/lib/python/DocumentTemplate/DT_String.py,
line 473, in __call__
    (Object: index_html)
  File /opt/Zope-2.5.1-linux2-x86/lib/python/OFS/DTMLMethod.py, line 120, in
__call__
    (Object: standard_html_header)
  File /opt/Zope-2.5.1-linux2-x86/lib/python/DocumentTemplate/DT_String.py,
line 473, in __call__
    (Object: standard_html_header)
  File /opt/Zope-2.5.1-linux2-x86/lib/python/AccessControl/DTML.py, line 29,
in guarded_getattr
    (Object: index_html)
  File /opt/Zope-2.5.1-linux2-x86/lib/python/AccessControl/ZopeGuards.py,
line 58, in guarded_getattr
    (Object: Neue_Produkte)
  File /opt/Zope-2.5.1-linux2-x86/lib/python/AccessControl/ZopeGuards.py,
line 40, in aq_validate
    (Object: Neue_Produkte)
  File
/opt/Zope-2.5.1-linux2-x86/lib/python/AccessControl/SecurityManager.py, line
83, in validate
  File
/opt/Zope-2.5.1-linux2-x86/lib/python/AccessControl/ZopeSecurityPolicy.py,
line 200, in validate
Unauthorized: You are not allowed to access title_or_id in this context

-->

If I do this with an other login which is defined at a higher level of our
Zope tree, everything works

fine. I had a similar problem with a property which was defined at a higher
level (directory) so that

some users had no access to it. But the dtml-var title_or_id is no property
I think. Right?



I hope to find a solution to this soon.

Thank you in advance,

Daniel Paul

bitubi.de GmbH

(e-Mail: dpaul_NOSPAM_@gmx.net)




------=_NextPart_000_0000_01C2228E.EB0AF720
Content-Type: text/html;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2716.2200" name=3DGENERATOR></HEAD>
<BODY>
<DIV>
<P><SPAN class=3D786523310-03072002><FONT face=3DArial=20
size=3D2>Hello,</FONT></SPAN></P>
<P><SPAN class=3D786523310-03072002><FONT face=3DArial size=3D2>I have =
the following=20
problem:</FONT></SPAN></P>
<P><SPAN class=3D786523310-03072002><FONT face=3DArial size=3D2>If I try =
to access an=20
particular Object (Folder) in Zope with a login I created =
and</FONT></SPAN></P>
<P><SPAN class=3D786523310-03072002><FONT face=3DArial size=3D2>verified =
personally=20
only minutes ago, I get the following error:</FONT></SPAN></P>
<P><FONT face=3DArial size=3D2>&lt;!--<BR>Traceback (innermost =
last):<BR>&nbsp; File=20
/opt/Zope-2.5.1-linux2-x86/lib/python/ZPublisher/Publish.py, line 150, =
in=20
publish_module<BR>&nbsp; File=20
/opt/Zope-2.5.1-linux2-x86/lib/python/ZPublisher/Publish.py, line 114, =
in=20
publish<BR>&nbsp; File =
/opt/Zope-2.5.1-linux2-x86/lib/python/Zope/__init__.py,=20
line 159, in zpublisher_exception_hook<BR>&nbsp;&nbsp;&nbsp; (Object:=20
Neue_Produkte)<BR>&nbsp; File=20
/opt/Zope-2.5.1-linux2-x86/lib/python/ZPublisher/Publish.py, line 98, in =

publish<BR>&nbsp; File=20
/opt/Zope-2.5.1-linux2-x86/lib/python/ZPublisher/mapply.py, line 88, in=20
mapply<BR>&nbsp;&nbsp;&nbsp; (Object: index_html)<BR>&nbsp; File=20
/opt/Zope-2.5.1-linux2-x86/lib/python/ZPublisher/Publish.py, line 39, in =

call_object<BR>&nbsp;&nbsp;&nbsp; (Object: index_html)<BR>&nbsp; File=20
/opt/Zope-2.5.1-linux2-x86/lib/python/OFS/DTMLMethod.py, line 127, in=20
__call__<BR>&nbsp;&nbsp;&nbsp; (Object: index_html)<BR>&nbsp; File=20
/opt/Zope-2.5.1-linux2-x86/lib/python/DocumentTemplate/DT_String.py, =
line 473,=20
in __call__<BR>&nbsp;&nbsp;&nbsp; (Object: index_html)<BR>&nbsp; File=20
/opt/Zope-2.5.1-linux2-x86/lib/python/OFS/DTMLMethod.py, line 120, in=20
__call__<BR>&nbsp;&nbsp;&nbsp; (Object: standard_html_header)<BR>&nbsp; =
File=20
/opt/Zope-2.5.1-linux2-x86/lib/python/DocumentTemplate/DT_String.py, =
line 473,=20
in __call__<BR>&nbsp;&nbsp;&nbsp; (Object: =
standard_html_header)<BR>&nbsp; File=20
/opt/Zope-2.5.1-linux2-x86/lib/python/AccessControl/DTML.py, line 29, in =

guarded_getattr<BR>&nbsp;&nbsp;&nbsp; (Object: index_html)<BR>&nbsp; =
File=20
/opt/Zope-2.5.1-linux2-x86/lib/python/AccessControl/ZopeGuards.py, line =
58, in=20
guarded_getattr<BR>&nbsp;&nbsp;&nbsp; (Object: Neue_Produkte)<BR>&nbsp; =
File=20
/opt/Zope-2.5.1-linux2-x86/lib/python/AccessControl/ZopeGuards.py, line =
40, in=20
aq_validate<BR>&nbsp;&nbsp;&nbsp; (Object: Neue_Produkte)<BR>&nbsp; File =

/opt/Zope-2.5.1-linux2-x86/lib/python/AccessControl/SecurityManager.py, =
line 83,=20
in validate<BR>&nbsp; File=20
/opt/Zope-2.5.1-linux2-x86/lib/python/AccessControl/ZopeSecurityPolicy.py=
, line=20
200, in validate<BR>Unauthorized: You are not allowed to access =
title_or_id in=20
this context</FONT></P>
<P><FONT face=3DArial size=3D2>--&gt;</FONT></P>
<P><SPAN class=3D786523310-03072002><FONT face=3DArial size=3D2>If I do =
this with an=20
other login which is defined at a higher level of our Zope tree, =
everything=20
works</FONT></SPAN></P>
<P><SPAN class=3D786523310-03072002><FONT face=3DArial size=3D2>fine. I =
had a similar=20
problem with a property which was defined at a higher level (directory) =
so=20
that</FONT></SPAN></P>
<P><SPAN class=3D786523310-03072002><FONT face=3DArial size=3D2>some =
users had no=20
access to it. But the dtml-var title_or_id is no property I think.=20
Right?</FONT></SPAN></P>
<P><SPAN class=3D786523310-03072002><FONT face=3DArial=20
size=3D2></FONT></SPAN>&nbsp;</P>
<P><SPAN class=3D786523310-03072002><FONT face=3DArial size=3D2>I hope =
to find a=20
solution to this soon.</FONT></SPAN></P>
<P><SPAN class=3D786523310-03072002><FONT face=3DArial size=3D2>Thank =
you in=20
advance,</FONT></SPAN></P></DIV>
<P><FONT face=3DArial size=3D2>Daniel Paul<BR><BR>bitubi.de =
GmbH</FONT></P>
<P><SPAN class=3D786523310-03072002><FONT face=3DArial size=3D2>(e-Mail: =
<A=20
href=3D"mailto:dpaul_NOSPAM_@gmx.net">dpaul_NOSPAM_@gmx.net</A>)</FONT></=
SPAN></P>
<P><SPAN class=3D786523310-03072002></SPAN>&nbsp;</P></BODY></HTML>

------=_NextPart_000_0000_01C2228E.EB0AF720--