[Zope] Product security and OFS.CopySupport
Michael R. Schwab
Michael.Schwab-mail.zope.org at icantbelieveididthat.com
Mon Oct 25 20:31:55 EDT 2004
Hi,
I've encountered problems when adding security declarations to a Zope
folderish object product on Zope 2.7.2/Python 2.3.4/RH Linux 9.0.
My folderish object 'CustomFolder' (see
http://files.englesh.org/CustomFolder.tgz for source) has permissions on
its methods. For example, I'm declaring:
security.declarePublic('index_html')
index_html = PageTemplateFile(
os.path.join('zpt', 'default_index_html'),
globals())
I then initialize the permissions for my object calling:
InitializeClass(CustomFolder)
When I instantiate a 'CustomFolder', I can add new sub objects. I am,
however, unable to paste or rename objects within the 'CustomFolder'
instance. I've been able to trace the error to the call to
_verifyObjectPaste (line 352) in OFS.CopySupport. It appears that
_verifyObjectPaste fails on the call to
self.restrictedTraverse(method_name). The comments following the call
seem to indicate that an Unauthorized exception is thrown if the factory
method by name cannot be obtained.
Is there something that I am missing in my security declarations for
'CustomFolder' or is this a bug in OFS.CopySupport or OFS.Traversable?
I've goggled on this but the results I have found have not fixed the
problem I am seeing.
Thanks,
Michael
--
Michael R. Schwab
All those who believe in psychokinesis, raise my hand.
More information about the Zope
mailing list