[Zope] zope 2.7: Unauthorized "in this context"
Dieter Maurer
dieter at handshake.de
Wed Jun 15 14:14:45 EDT 2005
John Hunter wrote at 2005-6-15 09:48 -0500:
> ...
>I installed VerboseSecurity and now get a more helpful error message
>in the log (to refresh your memory, this is a pure ZClass based
>product which stopped working on an upgrade to 2.7). Here is the
>updated message
>
> Exception Type Unauthorized
>
> Exception Value The container has no security assertions. Access to
> 'mentor' of (FactoryDispatcher instance at 40aeafb0) denied.
>
>I googled this error message and found this thread,
>http://www.gossamer-threads.com/lists/zope/users/176379. You
>responded to the OP
> ...
> It is true that a "FactoryDispatcher"
> ("App.FactoryDispatcher.FactoryDispatcher") does not have security
> assertions....
> ...
> You can try to add a "__role__ = None" and maybe a
> "__allow_access_to_unprotected_subobjects__ = 1" to the
> "FactoryDispatcher" class (--> "App/FactoryDispatcher.py") to see
> whether the problem disappears. These two attributes will provide
> security assertions for the factory.
Note that this is only a hack!
All objects in the "FactoryDispatcher" should provide their
own security declarations. Then, they would not depend
on that of the container.
Thus, the primary problem is that "mentor" magically does
not have a "__roles__" attribute or (maybe) that it was never
expected to be accessed via the "FactoryDispatcher".
--
Dieter
More information about the Zope
mailing list