[Zope] Weird things happen when Manager does not have View
permission
Dieter Maurer
dieter at handshake.de
Wed Sep 1 15:34:06 EDT 2004
Damien Baty wrote at 2004-9-1 15:28 +0200:
> ...
> All objects belong to "manager".
> ...
> But if I unselect the 'Manager' role for the 'View' permission of
>'/folder/subfolder', user 'viewer' is now unauthorized. Error is:
> Traceback (innermost last):
> ...
> * Module DocumentTemplate.DT_String, line 474, in __call__
> Unauthorized: You are not allowed to access 'title_or_id' \
> in this context
You probably should read about "executable ownership"
and the restrictions associated with it.
It was introduced with Zope 2.2 and the "Zope 2.2 Security" document
explains how it works and why it has been introduced.
It explains what you observe.
--
Dieter
More information about the Zope
mailing list