[ZPT] accessing object attributes from python expression raises error

Michael R. Bernstein webmaven@lvcm.com
07 Jan 2002 15:35:31 -0800 

The following code raises Unauthorized:

<div tal:repeat="object root/objectValues">
 <div tal:condition="python: object.meta_type == 'Folder'">
  <b tal:content="object/getId">The folder id</b>
  <div tal:repeat="object root/objectValues">
   <i tal:content="object/getId">The object id</i>
  </div>
 </div>
 <div tal:condition="python: object.meta_type != 'Folder'">
  <i tal:content="object/getId">The object id</i>
 </div>
</div>

Specifically, the traceback says that I don't have permission to access
the meta_type of browser_id_manager:

 Error Type: Unauthorized
 Error Value: You are not allowed to access meta_type in this context

Traceback (innermost last):
  File C:\Program Files\Zope2.5b3\lib\python\ZPublisher\Publish.py, line
151, in publish_module
  File C:\Program Files\Zope2.5b3\lib\python\ZPublisher\Publish.py, line
115, in publish
  File C:\Program Files\Zope2.5b3\lib\python\Zope\__init__.py, line 158,
in zpublisher_exception_hook
    (Object: tests)
  File C:\Program Files\Zope2.5b3\lib\python\ZPublisher\Publish.py, line
99, in publish
  File C:\Program Files\Zope2.5b3\lib\python\ZPublisher\mapply.py, line
88, in mapply
    (Object: options)
  File C:\Program Files\Zope2.5b3\lib\python\ZPublisher\Publish.py, line
40, in call_object
    (Object: options)
  File C:\Program
Files\Zope2.5b3\lib\python\Shared\DC\Scripts\Bindings.py, line 252, in
__call__
    (Object: options)
  File C:\Program
Files\Zope2.5b3\lib\python\Shared\DC\Scripts\Bindings.py, line 283, in
_bindAndExec
    (Object: options)
  File C:\Program
Files\Zope2.5b3\lib\python\Products\PageTemplates\TALES.py, line 247, in
evaluate
  File C:\Program
Files\Zope2.5b3\lib\python\Products\PageTemplates\ZRPythonExpr.py, line
49, in __call__
    (Info: object.meta_type == 'Folder')
  File Python expression "object.meta_type == 'Folder'", line 2, in f
  File C:\Program
Files\Zope2.5b3\lib\python\AccessControl\ZopeGuards.py, line 58, in
guarded_getattr
    (Object: browser_id_manager)
  File C:\Program
Files\Zope2.5b3\lib\python\AccessControl\ZopeGuards.py, line 40, in
aq_validate
    (Object: browser_id_manager)
  File C:\Program
Files\Zope2.5b3\lib\python\AccessControl\SecurityManager.py, line 83, in
validate
  File C:\Program
Files\Zope2.5b3\lib\python\AccessControl\ZopeSecurityPolicy.py, line
145, in validate
Unauthorized: (see above)

Can anyone suggest what I'm doing wrong?

Michael Bernstein.