[Zope] subscribe

Khachatur Yengibaryan xach at freenet.am
Fri Feb 17 02:21:53 EST 2006 

zope-request at zope.org wrote:

>Send Zope mailing list submissions to
>	zope at zope.org
>
>To subscribe or unsubscribe via the World Wide Web, visit
>	http://mail.zope.org/mailman/listinfo/zope
>or, via email, send a message with subject or body 'help' to
>	zope-request at zope.org
>
>You can reach the person managing the list at
>	zope-owner at zope.org
>
>When replying, please edit your Subject line so it is more specific
>than "Re: Contents of Zope digest..."
>
>
>Today's Topics:
>
>   1. Re: Error Value: 'File' object has	no	attribute
>      'manage_fixupOwnershipAfterAdd' (Jens Vagelpohl)
>   2. Re: Re: restricting permissions for direct access only
>      (Chris Withers)
>   3. Re: Zope 2.9 and SSL (Chris Withers)
>   4. Re: Granting access by reading http headers (Chris Withers)
>   5. Re: Re: restricting permissions for direct access only
>      (Chris Withers)
>   6. Re: installing PIL on Window Zope (Josef Meile)
>   7. SSL & Digest Auth (Chris Withers)
>   8. Re: Re: installing PIL on Window Zope (Tino Wildenhain)
>   9. Re: Zope 2.9 and SSL (Janusz Zamecki)
>  10. Re: Re: restricting permissions for direct access only
>      (Chris Withers)
>  11. Re: Re: restricting permissions for direct access only
>      (Chris Withers)
>  12. Re: Zope 2.9 and SSL (Michael Haubenwallner)
>  13. Re: installing PIL on Window Zope (Allen Huang)
>  14. Re: SSL & Digest Auth (michael nt milne)
>  15. Re: Error Value: 'File' object	has	no	attribute
>      'manage_fixupOwnershipAfterAdd' (Roman Klesel)
>  16. Re: SSL & Digest Auth (Andrew Milton)
>  17. Re: Re: Re: major problems placing authentication on an
>      extranet site-security flaw? (michael nt milne)
>  18. Re: Error Value: 'File' object	has	no	attribute
>      'manage_fixupOwnershipAfterAdd' (Stefan H. Holek)
>  19. Re: SSL & Digest Auth (michael nt milne)
>  20. Re: Error Value: 'File' object	has	no	attribute
>      'manage_fixupOwnershipAfterAdd' (Roman Klesel)
>  21. Re: installing PIL on Window Zope (Josef Meile)
>  22. Re: Error Value: 'File'	object	has	no	attribute
>      'manage_fixupOwnershipAfterAdd' (Roman Klesel)
>  23. Re: restricting permissions for direct access only
>      (Michael Shulman)
>  24. Re: restricting permissions for direct access only (Tres Seaver)
>  25. Re: Re: Re: major problems placing authentication on an
>      extranet site-security flaw? (Floyd May)
>  26. Re: Error Value: 'File' object	has	no	attribute
>      'manage_fixupOwnershipAfterAdd' (Roman Klesel)
>
>
>----------------------------------------------------------------------
>
>Message: 1
>Date: Thu, 16 Feb 2006 09:59:58 +0000
>From: Jens Vagelpohl <jens at dataflake.org>
>Subject: Re: [Zope] Error Value: 'File' object has	no	attribute
>	'manage_fixupOwnershipAfterAdd'
>To: zope list user <zope at zope.org>
>Message-ID: <F7446EF5-44B9-42DE-BB5A-BF4EDDF4FB98 at dataflake.org>
>Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
>
>
>On 16 Feb 2006, at 09:33, Roman Klesel wrote:
>
>  
>
>>Hello Bruno,
>>
>>bruno desthuilliers schrieb:
>>    
>>
>>>What's wrong with:
>>>
>>>container.manage_addProduct['OFSP'].manage_addFile(id, file='',
>>>title='', precondition='', content_type='', REQUEST=None)
>>>      
>>>
>>Well, in a fs product I don't have container nor  
>>self.manage_addProduct or something (AFAIK).
>>
>>Therefore I use the ._setObject() method.
>>    
>>
>
>Instead of "container" you substitute the object that you called  
>_setObject on before. No rocket science here. If that object  
>subclasses from the normal Zope Folder class (or is a Zope Folder)  
>you *will* have manage_addProduct.
>
>jens
>
>
>
>------------------------------
>
>Message: 2
>Date: Thu, 16 Feb 2006 08:27:43 +0000
>From: Chris Withers <chris at simplistix.co.uk>
>Subject: Re: [Zope] Re: restricting permissions for direct access only
>To: Tres Seaver <tseaver at palladion.com>
>Cc: public-zope-CWUwpEBWKX0 at ciao.gmane.org, zope at zope.org
>Message-ID: <43F4377F.5050503 at simplistix.co.uk>
>Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>
>Tres Seaver wrote:
>  
>
>>The prior behavior (allowing users to access protected resources "above"
>>the domain of their user folders) was a security hole caused by a bug,
>>and was never documented as allowable:  correcting it was a matter for a
>>rather urgent fix, as it broke the explicitly-documented model.
>>    
>>
>
>I don't think that's what Michael and I were commenting on...
>
>IIRC, if you had scripta calling scriptb, you used to be able to give 
>scripta a proxy role and scriptb would also execute with that role. 
>However, again IIRC, in current Zope releases, if you give scripta a 
>proxy role, when it calls scriptb, scriptb will just run with the roles 
>of the current user.
>
>Have I got this right? If so, I wonder why the change was made...
>
>Chris
>
>  
>

More information about the Zope mailing list