RE: [Zope] new 2.2.4 security/role bug ?? (ZCatalog related ??)
Brian, Le 18 Dec 2000, à 11:54, Brian Lloyd a écrit : Note that 'Manager' does not automatically give you "full authorization". It is only a convention that Manager often has all permissions. This is important, because in Zope 2.2, you can't give a proxy role unless you have *that role* yourself. OK. So if i understand well, i need to create a user with manager AND ALL the roles so i'll be able to set any proxy role with that user. Thanks for the explanation. So i guess my other weird problem with not accessing objects via the catalog and accessing them directly has something to do with some new security feature in 2.2 i didn't understood ? But i can't figure wich one, even in re-reading carefully the zope book. Anyway, thanks for your clear explanation. Regards. -- Didier Georgieff DDAF du Bas-Rhin - Cellule SIG 2, rue des Mineurs 67070 Strasbourg Cedex tél : 03.88.25.20.33 - fax : 03.88.25.20.01 email : [EMAIL PROTECTED] SIT du Bas-Rhin : http://www.bas-rhin.sit.gouv.fr GéoWeb http://sertit10.u-strasbg.fr ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
RE: [Zope] new 2.2.4 security/role bug ?? (ZCatalog related ??)
The second weird thing (should help for a diagnostic) is : While i have "manager" role (i can do whatever i want on the manage interface), i tried to give a proxy role to my test method, to see if i could investigate further. And trying to change the proxy role raised an execption, despite the fact i have manager role with full autorisations. Didier - Note that 'Manager' does not automatically give you "full authorization". It is only a convention that Manager often has all permissions. This is important, because in Zope 2.2, you can't give a proxy role unless you have *that role* yourself. For example, you can't give the proxy role "Editor" to a DTMLMethod unless you have it yourself (this is true even if you have the "Manager" role). The quick fix here is that you need to give yourself the roles you want to set as proxy roles, and then you will be allowed to set them. Brian Lloyd[EMAIL PROTECTED] Software Engineer 540.371.6909 Digital Creations http://www.digicool.com ___ Zope maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope-dev )
