subject:"\[Zope\] Newbie question \: ZopeTime permissions"

Re: [Zope] Newbie question : ZopeTime permissions

2000-10-16 Thread Manuel Amador (Rudd-O)



access contents information
I guess.
Aaron Straup Cope wrote:
Hi,
My name is Aaron.
I am trying to set up zope with (atleast) three roles : manager, admin,
user.
I'd like to give the last two the bare minimum Security permissions
possible and adding them as needed later on.
My problem is that I can't seem to figure out, specifically, which
permissions to give a user that will allow them to read ZopeTime().
(see below)
For the admin user, I have set the Access content information and View
*
options globally. I've tried guessing at some others, but there are
alot
of possible combinations to try so I thought maybe I would just ask.
Related, is there a detailed description of the default Security
settings? I've checked the mailing lists and the Zope docs and if it's
there, I guess I missed it.
Thanks,
dtml-call "REQUEST.set('ts', ZopeTime())">
dtml-call "REQUEST.set('foo',_.str(_.int(ts)))">
dtml-var foo>
Traceback (innermost last):
 File /usr/local/zope.old/lib/python/ZPublisher/Publish.py, line
222, in
publish_module
 File /usr/local/zope.old/lib/python/ZPublisher/Publish.py, line
187, in
publish
 File /usr/local/zope.old/lib/python/Zope/__init__.py, line 221,
in
zpublisher_exception_hook
 (Object: Traversable)
 File /usr/local/zope.old/lib/python/ZPublisher/Publish.py, line
171, in
publish
 File /usr/local/zope.old/lib/python/ZPublisher/mapply.py, line
160, in
mapply
 (Object: test)
 File /usr/local/zope.old/lib/python/ZPublisher/Publish.py, line
112, in
call_object
 (Object: test)
 File /usr/local/zope.old/lib/python/OFS/DTMLDocument.py, line
177, in
__call__
 (Object: test)
 File /usr/local/zope.old/lib/python/DocumentTemplate/DT_String.py,
line
528, in __call__
 (Object: test)
 File /usr/local/zope.old/lib/python/DocumentTemplate/DT_Util.py,
line
337, in eval
 (Object: REQUEST.set('ts', ZopeTime()))
 (Info: REQUEST)
 File string>, line 0, in ?
NameError: (see above)
___
Zope maillist - [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://lists.zope.org/mailman/listinfo/zope-announce
http://lists.zope.org/mailman/listinfo/zope-dev
)

--
Manuel Amador (Rudd-O)

Re: [Zope] Newbie question : ZopeTime permissions

2000-10-10 Thread Aaron Straup Cope


Yes, it was a misunderstanding regarding basic user permissions and the
Anonymous role on my part.

I did not want to allow the Anonymous role *any* permissions, and the
site I am working in is contained in a folder beneath the root Zope
folder. 

The problem was that I had disabled the "Access contents
information" privilege for the Anonymous user (whose permissions I forgot
are inherited by all other users) at the root level, thus preventing Joe
User from being able to access internals(?) like
ZopeTime even if [it] had permissions at a sub-directory level.

If I've got it wrong, I would be grateful if someone would correct
me. Otherwise, I hope that helps other newbies who find themselves in a
similar situation.

On Sun, 8 Oct 2000, Dieter Maurer wrote:

 Aaron Straup Cope writes:
   My problem is that I can't seem to figure out, specifically, which
   permissions to give a user that will allow them to read ZopeTime().
 Strange...
 
 "DateTime.DateTime" objects (and therefore "ZopeTime") are
 explicitely unprotected (and can be used by everyone).
 
 I tried your example as "Anonymous" (Zope 2.2.2) and
 it worked as expected (i.e. no NameError).
 
 
 Dieter
 


___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )

Re: [Zope] Newbie question : ZopeTime permissions

2000-10-10 Thread Dieter Maurer


Aaron Straup Cope writes:
  I did not want to allow the Anonymous role *any* permissions, and the
  site I am working in is contained in a folder beneath the root Zope
  folder. 
  
  The problem was that I had disabled the "Access contents
  information" privilege for the Anonymous user (whose permissions I forgot
  are inherited by all other users) at the root level, thus preventing Joe
  User from being able to access internals(?) like
  ZopeTime even if [it] had permissions at a sub-directory level.
Sorry, I was wrong, at least partially!

The fact, that "ZopeTime" returns an unprotected DateTime object,
does of cause not mean that "ZopeTime" itself is unprotected.

After your message, I reexamined your problem:

 * "ZopeTime" is defined in "OFS.Application.Application",
   i.e. the top level application object.

 * "ZopeTime" apparently is not protected by an explicit
   permission (neither mentioned in an "__ac_permissions__"
   nor is there a "ZopeTime__roles__" attribute nor
   is there a new SecurityManager assertion about
   "ZopeTime".

   As I understand Zope 2.2 security, this should mean
   "ZopeTime" is inaccessible from DTML.
   
 * However, magically, "ZopeTime" is protected by "Access Contents
   Information". 

I can not tell you why.
Both is astonishable:
  * that it is accessible by DTML at all
  * why "Access Contents Information" is required.

Apparently, the Zope security still has some hidden magic.


Dieter

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )

Re: [Zope] Newbie question : ZopeTime permissions

2000-10-08 Thread Dieter Maurer


Aaron Straup Cope writes:
  My problem is that I can't seem to figure out, specifically, which
  permissions to give a user that will allow them to read ZopeTime().
Strange...

"DateTime.DateTime" objects (and therefore "ZopeTime") are
explicitely unprotected (and can be used by everyone).

I tried your example as "Anonymous" (Zope 2.2.2) and
it worked as expected (i.e. no NameError).


Dieter

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )

[Zope] Newbie question : ZopeTime permissions

2000-10-06 Thread Aaron Straup Cope


Hi,

My name is Aaron.

I am trying to set up zope with (atleast) three roles : manager, admin,
user.

I'd like to give the last two the bare minimum Security permissions
possible and adding them as needed later on. 

My problem is that I can't seem to figure out, specifically, which
permissions to give a user that will allow them to read ZopeTime().

(see below)

For the admin user, I have set the Access content information and View *
options globally. I've tried guessing at some others, but there are alot
of possible combinations to try so I thought maybe I would just ask.

Related, is there a detailed description of the default Security
settings? I've checked the mailing lists and the Zope docs and if it's
there, I guess I missed it.

Thanks,

dtml-call "REQUEST.set('ts', ZopeTime())"
dtml-call "REQUEST.set('foo',_.str(_.int(ts)))"

dtml-var foo

Traceback (innermost last):
  File /usr/local/zope.old/lib/python/ZPublisher/Publish.py, line 222, in
publish_module
  File /usr/local/zope.old/lib/python/ZPublisher/Publish.py, line 187, in
publish
  File /usr/local/zope.old/lib/python/Zope/__init__.py, line 221, in
zpublisher_exception_hook
(Object: Traversable)
  File /usr/local/zope.old/lib/python/ZPublisher/Publish.py, line 171, in
publish
  File /usr/local/zope.old/lib/python/ZPublisher/mapply.py, line 160, in
mapply
(Object: test)
  File /usr/local/zope.old/lib/python/ZPublisher/Publish.py, line 112, in
call_object
(Object: test)
  File /usr/local/zope.old/lib/python/OFS/DTMLDocument.py, line 177, in
__call__
(Object: test)
  File /usr/local/zope.old/lib/python/DocumentTemplate/DT_String.py, line
528, in __call__
(Object: test)
  File /usr/local/zope.old/lib/python/DocumentTemplate/DT_Util.py, line
337, in eval
(Object: REQUEST.set('ts', ZopeTime()))
(Info: REQUEST)
  File string, line 0, in ?
NameError: (see above)


___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )

Re: [Zope] Newbie question : ZopeTime permissions

2000-10-06 Thread knight


Aaron, you left out the error. What was it...

On Fri, 6 Oct 2000, Aaron Straup Cope wrote:

 Hi,
 
 My name is Aaron.
 
 I am trying to set up zope with (atleast) three roles : manager, admin,
 user.
 
 I'd like to give the last two the bare minimum Security permissions
 possible and adding them as needed later on. 
 
 My problem is that I can't seem to figure out, specifically, which
 permissions to give a user that will allow them to read ZopeTime().
 
 (see below)
 
 For the admin user, I have set the Access content information and View *
 options globally. I've tried guessing at some others, but there are alot
 of possible combinations to try so I thought maybe I would just ask.
 
 Related, is there a detailed description of the default Security
 settings? I've checked the mailing lists and the Zope docs and if it's
 there, I guess I missed it.
 
 Thanks,
 
 dtml-call "REQUEST.set('ts', ZopeTime())"
 dtml-call "REQUEST.set('foo',_.str(_.int(ts)))"
 
 dtml-var foo
 
 Traceback (innermost last):
   File /usr/local/zope.old/lib/python/ZPublisher/Publish.py, line 222, in
 publish_module
   File /usr/local/zope.old/lib/python/ZPublisher/Publish.py, line 187, in
 publish
   File /usr/local/zope.old/lib/python/Zope/__init__.py, line 221, in
 zpublisher_exception_hook
 (Object: Traversable)
   File /usr/local/zope.old/lib/python/ZPublisher/Publish.py, line 171, in
 publish
   File /usr/local/zope.old/lib/python/ZPublisher/mapply.py, line 160, in
 mapply
 (Object: test)
   File /usr/local/zope.old/lib/python/ZPublisher/Publish.py, line 112, in
 call_object
 (Object: test)
   File /usr/local/zope.old/lib/python/OFS/DTMLDocument.py, line 177, in
 __call__
 (Object: test)
   File /usr/local/zope.old/lib/python/DocumentTemplate/DT_String.py, line
 528, in __call__
 (Object: test)
   File /usr/local/zope.old/lib/python/DocumentTemplate/DT_Util.py, line
 337, in eval
 (Object: REQUEST.set('ts', ZopeTime()))
 (Info: REQUEST)
   File string, line 0, in ?
 NameError: (see above)
 
 
 ___
 Zope maillist  -  [EMAIL PROTECTED]
 http://lists.zope.org/mailman/listinfo/zope
 **   No cross posts or HTML encoding!  **
 (Related lists - 
  http://lists.zope.org/mailman/listinfo/zope-announce
  http://lists.zope.org/mailman/listinfo/zope-dev )
 
 


___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )

Re: [Zope] Newbie question : ZopeTime permissions

2000-10-06 Thread Aaron Straup Cope


Doh! Sorry.

Error Type: KeyError
Error Value: ZopeTime

On Fri, 6 Oct 2000, knight wrote:

 Aaron, you left out the error. What was it...
 
 On Fri, 6 Oct 2000, Aaron Straup Cope wrote:
 
  Hi,
  
  My name is Aaron.
  
  I am trying to set up zope with (atleast) three roles : manager, admin,
  user.
  
  I'd like to give the last two the bare minimum Security permissions
  possible and adding them as needed later on. 
  
  My problem is that I can't seem to figure out, specifically, which
  permissions to give a user that will allow them to read ZopeTime().
  
  (see below)
  
  For the admin user, I have set the Access content information and View *
  options globally. I've tried guessing at some others, but there are alot
  of possible combinations to try so I thought maybe I would just ask.
  
  Related, is there a detailed description of the default Security
  settings? I've checked the mailing lists and the Zope docs and if it's
  there, I guess I missed it.
  
  Thanks,
  
  dtml-call "REQUEST.set('ts', ZopeTime())"
  dtml-call "REQUEST.set('foo',_.str(_.int(ts)))"
  
  dtml-var foo
  
  Traceback (innermost last):
File /usr/local/zope.old/lib/python/ZPublisher/Publish.py, line 222, in
  publish_module
File /usr/local/zope.old/lib/python/ZPublisher/Publish.py, line 187, in
  publish
File /usr/local/zope.old/lib/python/Zope/__init__.py, line 221, in
  zpublisher_exception_hook
  (Object: Traversable)
File /usr/local/zope.old/lib/python/ZPublisher/Publish.py, line 171, in
  publish
File /usr/local/zope.old/lib/python/ZPublisher/mapply.py, line 160, in
  mapply
  (Object: test)
File /usr/local/zope.old/lib/python/ZPublisher/Publish.py, line 112, in
  call_object
  (Object: test)
File /usr/local/zope.old/lib/python/OFS/DTMLDocument.py, line 177, in
  __call__
  (Object: test)
File /usr/local/zope.old/lib/python/DocumentTemplate/DT_String.py, line
  528, in __call__
  (Object: test)
File /usr/local/zope.old/lib/python/DocumentTemplate/DT_Util.py, line
  337, in eval
  (Object: REQUEST.set('ts', ZopeTime()))
  (Info: REQUEST)
File string, line 0, in ?
  NameError: (see above)
  
  
  ___
  Zope maillist  -  [EMAIL PROTECTED]
  http://lists.zope.org/mailman/listinfo/zope
  **   No cross posts or HTML encoding!  **
  (Related lists - 
   http://lists.zope.org/mailman/listinfo/zope-announce
   http://lists.zope.org/mailman/listinfo/zope-dev )
  
  
 
 


___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )

Re: [Zope] Newbie question : ZopeTime permissions

Re: [Zope] Newbie question : ZopeTime permissions

Re: [Zope] Newbie question : ZopeTime permissions

Re: [Zope] Newbie question : ZopeTime permissions

[Zope] Newbie question : ZopeTime permissions

Re: [Zope] Newbie question : ZopeTime permissions

Re: [Zope] Newbie question : ZopeTime permissions

7 matches

Site Navigation

Mail list logo

Footer information