[Zope3-Users] Permission problem on adapter
Marius Gedminas
mgedmin at b4net.lt
Sun Feb 11 17:05:49 EST 2007
On Sun, Feb 11, 2007 at 09:24:34AM +0100, FB wrote:
> On Sun, Feb 11, 2007 at 01:16:51AM +0100, Dominique Lederer wrote:
> > i created a trusted adapter on a content object.
> > then i created a formlib edit page for the ZMI, to be able to edit the
> > new attributes on the adapted content object. the adapters interface is
> > correctly rendered to the form.
> >
> > if i try to edit, an unauthorized error is shown, which i also get, when
> > i register the user as Site Manager via Grant in the ZMI.
> > The global admin *can* edit the adapters attributes (the one which is
> > set globally via ZCML).
For future reference, when you get into a situation when the global
manager can do something, but a local manager cannot, know what you have
a broken __parent__ chain somewhere. Every object that has security
declarations and can be security proxied must have a valid __parent__
chain leading to the ZODB root, or you will have problems like this.
> > i registered the adapter like this:
> > <adapter factory=".MyClassAnnotations"
> > trusted="true" />
>
> Try to add the attribute 'locate="true"' to the adapter-statement.
Cool, I didn't know about that one. I'd've suggested setting the
adapter's __parent__ manually in the constructor.
Marius Gedminas
--
Where do you think you're going today?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://mail.zope.org/pipermail/zope3-users/attachments/20070212/1c3cec42/attachment.bin
More information about the Zope3-users
mailing list