[Zope] Object permissions in External Methods
Chris McDonough
chrism@zope.com
Mon, 8 Jul 2002 17:30:56 -0400
You need to put "security declarations" on the instance that you
return for it to be able to be used by "untrusted code" like DTML
and Python scripts. For more info, see the Zope developer's guide
security chapter at
http://www.zope.org/Documentation/ZDG/Security.stx .
----- Original Message -----
From: "J. Joy" <kyroraz@yahoo.com>
To: <zope@zope.org>
Sent: Monday, July 08, 2002 5:25 PM
Subject: [Zope] Object permissions in External Methods
> I'm not quite sure how to do this, and the documentation that I
have been browsing through hasn't
> been all that helpful, so I hope someone out here can help me with
this seemingly simple
> situation.
>
> I want to read an XML file (currently read as a textfile, but will
be passed as a parameter) and
> then change it into a Python Object where one can then dtml-in
through the Heirarchy of the
> Document... this is what I have...
>
>
> --
> import gnosis.xml.objectify as xp
> from AccessControl import ClassSecurityInfo
> from Acquisition import Implicit
> import Globals
>
>
> def xml_to_py(self):
> object = xp.XML_Objectify('/tmp/sample.xml')
> returning = object._PyObject
>
> return (returning)
> --
>
> Whenever I run this, I keep getting an unauthorized error with no
acceptable login correcting
> this. I've run into this before, but it was only fixed when I
redefined an object that I have
> created before, not something that is pushed out from a library
like this.
>
> Suggestions?
>
> Jason
>
>
> __________________________________________________
> Do You Yahoo!?
> Sign up for SBC Yahoo! Dial - First Month Free
> http://sbc.yahoo.com
>
>
> _______________________________________________
> Zope maillist - Zope@zope.org
> http://lists.zope.org/mailman/listinfo/zope
> ** No cross posts or HTML encoding! **
> (Related lists -
> http://lists.zope.org/mailman/listinfo/zope-announce
> http://lists.zope.org/mailman/listinfo/zope-dev )
>