[Zope3-Users] Security between Context and View
Klaus Bremer
klaus.bremer at bmcct.de
Sat May 13 04:07:18 EDT 2006
You can try to bypass the zope security mechanism by using
'removeSecurityProxy':
from zope.security.proxy import removeSecurityProxy
...
def doTransaction(self):
transaction = removeSecurityProxy(self.context.produceTransaction())
...
hth
-klaus
----Ursprüngliche Nachricht----
am: Fri, 12 May 2006 10:14:29 -0500
von: David Johnson : djohnson at jsatech.com
>I have a view object which calls it's content object to return another
>object. The view object does not have access to the returned object, and I
>receive a forbidden attribute error.
>
>
>
>***Content***
>
>
>
>class Transaction(object):
>
>
>
> transid=u''
>
>
>
>class TransactionFactory(Persistent,Contained):
>
>
>
> implements(ITransactionFactory)
>
>
>
> def produceTransaction(self):
>
> transaction = Transaction()
>
> transaction.transid = 'abcd'
>
> return transaction
>
>
>
>***View***
>
>
>
>class Transaction:
>
>
>
> def doTransaction(self):
>
> transaction = self.context.produceTransaction()
>
> self.session['transid'] = transaction.transid
>
> transaction.commit()
>
>
>
>This generates a forbidden attribute error on
>transaction.Transaction.transid
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>--
>
>David Johnson
>
>
>
>_______________________________________________
>Zope3-users mailing list
>Zope3-users at zope.org
>http://mail.zope.org/mailman/listinfo/zope3-users
More information about the Zope3-users
mailing list