[Zope3-Users] Security declarations on OOBTreeItems

hass hassan at dc4.so-net.ne.jp
Wed Mar 31 11:34:03 EDT 2010


Hello all,

I'm experiencing a problem with security declarations in OOBTreeItems.
The following setting which used to worked with an older version of 
zope.security failed after upgrading to 3.7.2.

$$.py
-------------------
class IPDFProfileHolder(IFolder):
    """ """

class PDFProfileHolder(Folder):
    implements(IPDFProfileHolder)


$$.zcml
------------------
  <interface interface=".IPDFProfileHolder"/>
 
  <class class=".PDFProfileHolder">
     <implements 
interface="zope.annotation.interfaces.IAttributeAnnotatable"/>
     <require permission="pdfprofile.view" interface=".IPDFProfileHolder" />
     <require permission="pdfprofile.edit" 
set_schema=".IPDFProfileHolder" />
  </class>


the error occurs in a view when I try to see if a filename is already in 
self.context.keys():
------------------
  File "pdfprofile/browser.py", line 151, in extractData
    if data['filename'] in self.context.keys():
ForbiddenAttribute: ('__contains__', <OOBTreeItems object at 0xb71c7570>)

Now I believe I have correct declarations on the self.context. The 
problem only arises when I try to look inside the self.context.keys() 
which is a OOBTreeItems object.

When I try to check the security declarations, I get an empty list 
meaning no declarations at all.

 >>from zope.security.proxy import getTestProxyItems
 >>getTestProxyItems(self.context.keys())
 >>[]

Do I have to declare them myself? shouldn't these declarations come as 
default?
Thanks a lot in advance for any help!
Cheers, Hass

 








More information about the Zope3-users mailing list