subject:"Re\: \[Zope\] Newbie question \: ZopeTime \& permissions"

Re: [Zope] Newbie question : ZopeTime & permissions

2000-10-16 Thread Manuel Amador (Rudd-O)



access contents information
I guess.
Aaron Straup Cope wrote:
Hi,
My name is Aaron.
I am trying to set up zope with (atleast) three roles : manager, admin,
user.
I'd like to give the last two the bare minimum Security permissions
possible and adding them as needed later on.
My problem is that I can't seem to figure out, specifically, which
permissions to give a user that will allow them to read ZopeTime().
(see below)
For the admin user, I have set the Access content information and View
*
options globally. I've tried guessing at some others, but there are
alot
of possible combinations to try so I thought maybe I would just ask.
Related, is there a detailed description of the default Security
settings? I've checked the mailing lists and the Zope docs and if it's
there, I guess I missed it.
Thanks,



Traceback (innermost last):
  File /usr/local/zope.old/lib/python/ZPublisher/Publish.py, line
222, in
publish_module
  File /usr/local/zope.old/lib/python/ZPublisher/Publish.py, line
187, in
publish
  File /usr/local/zope.old/lib/python/Zope/__init__.py, line 221,
in
zpublisher_exception_hook
    (Object: Traversable)
  File /usr/local/zope.old/lib/python/ZPublisher/Publish.py, line
171, in
publish
  File /usr/local/zope.old/lib/python/ZPublisher/mapply.py, line
160, in
mapply
    (Object: test)
  File /usr/local/zope.old/lib/python/ZPublisher/Publish.py, line
112, in
call_object
    (Object: test)
  File /usr/local/zope.old/lib/python/OFS/DTMLDocument.py, line
177, in
__call__
    (Object: test)
  File /usr/local/zope.old/lib/python/DocumentTemplate/DT_String.py,
line
528, in __call__
    (Object: test)
  File /usr/local/zope.old/lib/python/DocumentTemplate/DT_Util.py,
line
337, in eval
    (Object: REQUEST.set('ts', ZopeTime()))
    (Info: REQUEST)
  File , line 0, in ?
NameError: (see above)
___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists -
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev
)

-- 
Manuel Amador (Rudd-O)

Re: [Zope] Newbie question : ZopeTime & permissions

2000-10-10 Thread Dieter Maurer

Aaron Straup Cope writes:
 > I did not want to allow the Anonymous role *any* permissions, and the
 > site I am working in is contained in a folder beneath the root Zope
 > folder. 
 > 
 > The problem was that I had disabled the "Access contents
 > information" privilege for the Anonymous user (whose permissions I forgot
 > are inherited by all other users) at the root level, thus preventing Joe
 > User from being able to access internals(?) like
 > ZopeTime even if [it] had permissions at a sub-directory level.
Sorry, I was wrong, at least partially!

The fact, that "ZopeTime" returns an unprotected DateTime object,
does of cause not mean that "ZopeTime" itself is unprotected.

After your message, I reexamined your problem:

 * "ZopeTime" is defined in "OFS.Application.Application",
   i.e. the top level application object.

 * "ZopeTime" apparently is not protected by an explicit
   permission (neither mentioned in an "__ac_permissions__"
   nor is there a "ZopeTime__roles__" attribute nor
   is there a new SecurityManager assertion about
   "ZopeTime".

   As I understand Zope 2.2 security, this should mean
   "ZopeTime" is inaccessible from DTML.

 * However, magically, "ZopeTime" is protected by "Access Contents
   Information". 

I can not tell you why.
Both is astonishable:
  * that it is accessible by DTML at all
  * why "Access Contents Information" is required.

Apparently, the Zope security still has some hidden magic.

Dieter

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )

Re: [Zope] Newbie question : ZopeTime & permissions

2000-10-10 Thread Aaron Straup Cope

Yes, it was a misunderstanding regarding basic user permissions and the
Anonymous role on my part.

I did not want to allow the Anonymous role *any* permissions, and the
site I am working in is contained in a folder beneath the root Zope
folder. 

The problem was that I had disabled the "Access contents
information" privilege for the Anonymous user (whose permissions I forgot
are inherited by all other users) at the root level, thus preventing Joe
User from being able to access internals(?) like
ZopeTime even if [it] had permissions at a sub-directory level.

If I've got it wrong, I would be grateful if someone would correct
me. Otherwise, I hope that helps other newbies who find themselves in a
similar situation.

On Sun, 8 Oct 2000, Dieter Maurer wrote:

> Aaron Straup Cope writes:
>  > My problem is that I can't seem to figure out, specifically, which
>  > permissions to give a user that will allow them to read ZopeTime().
> Strange...
> 
> "DateTime.DateTime" objects (and therefore "ZopeTime") are
> explicitely unprotected (and can be used by everyone).
> 
> I tried your example as "Anonymous" (Zope 2.2.2) and
> it worked as expected (i.e. no NameError).
> 
> 
> Dieter
> 

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )

Re: [Zope] Newbie question : ZopeTime & permissions

2000-10-08 Thread Dieter Maurer

Aaron Straup Cope writes:
 > My problem is that I can't seem to figure out, specifically, which
 > permissions to give a user that will allow them to read ZopeTime().
Strange...

"DateTime.DateTime" objects (and therefore "ZopeTime") are
explicitely unprotected (and can be used by everyone).

I tried your example as "Anonymous" (Zope 2.2.2) and
it worked as expected (i.e. no NameError).

Dieter

___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )

Re: [Zope] Newbie question : ZopeTime & permissions

2000-10-06 Thread Aaron Straup Cope


Doh! Sorry.

Error Type: KeyError
Error Value: ZopeTime

On Fri, 6 Oct 2000, knight wrote:

> Aaron, you left out the error. What was it...
> 
> On Fri, 6 Oct 2000, Aaron Straup Cope wrote:
> 
> > Hi,
> > 
> > My name is Aaron.
> > 
> > I am trying to set up zope with (atleast) three roles : manager, admin,
> > user.
> > 
> > I'd like to give the last two the bare minimum Security permissions
> > possible and adding them as needed later on. 
> > 
> > My problem is that I can't seem to figure out, specifically, which
> > permissions to give a user that will allow them to read ZopeTime().
> > 
> > (see below)
> > 
> > For the admin user, I have set the Access content information and View *
> > options globally. I've tried guessing at some others, but there are alot
> > of possible combinations to try so I thought maybe I would just ask.
> > 
> > Related, is there a detailed description of the default Security
> > settings? I've checked the mailing lists and the Zope docs and if it's
> > there, I guess I missed it.
> > 
> > Thanks,
> > 
> > 
> > 
> > 
> > 
> > 
> > Traceback (innermost last):
> >   File /usr/local/zope.old/lib/python/ZPublisher/Publish.py, line 222, in
> > publish_module
> >   File /usr/local/zope.old/lib/python/ZPublisher/Publish.py, line 187, in
> > publish
> >   File /usr/local/zope.old/lib/python/Zope/__init__.py, line 221, in
> > zpublisher_exception_hook
> > (Object: Traversable)
> >   File /usr/local/zope.old/lib/python/ZPublisher/Publish.py, line 171, in
> > publish
> >   File /usr/local/zope.old/lib/python/ZPublisher/mapply.py, line 160, in
> > mapply
> > (Object: test)
> >   File /usr/local/zope.old/lib/python/ZPublisher/Publish.py, line 112, in
> > call_object
> > (Object: test)
> >   File /usr/local/zope.old/lib/python/OFS/DTMLDocument.py, line 177, in
> > __call__
> > (Object: test)
> >   File /usr/local/zope.old/lib/python/DocumentTemplate/DT_String.py, line
> > 528, in __call__
> > (Object: test)
> >   File /usr/local/zope.old/lib/python/DocumentTemplate/DT_Util.py, line
> > 337, in eval
> > (Object: REQUEST.set('ts', ZopeTime()))
> > (Info: REQUEST)
> >   File , line 0, in ?
> > NameError: (see above)
> > 
> > 
> > ___
> > Zope maillist  -  [EMAIL PROTECTED]
> > http://lists.zope.org/mailman/listinfo/zope
> > **   No cross posts or HTML encoding!  **
> > (Related lists - 
> >  http://lists.zope.org/mailman/listinfo/zope-announce
> >  http://lists.zope.org/mailman/listinfo/zope-dev )
> > 
> > 
> 
> 


___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )

Re: [Zope] Newbie question : ZopeTime & permissions

2000-10-06 Thread knight


Aaron, you left out the error. What was it...

On Fri, 6 Oct 2000, Aaron Straup Cope wrote:

> Hi,
> 
> My name is Aaron.
> 
> I am trying to set up zope with (atleast) three roles : manager, admin,
> user.
> 
> I'd like to give the last two the bare minimum Security permissions
> possible and adding them as needed later on. 
> 
> My problem is that I can't seem to figure out, specifically, which
> permissions to give a user that will allow them to read ZopeTime().
> 
> (see below)
> 
> For the admin user, I have set the Access content information and View *
> options globally. I've tried guessing at some others, but there are alot
> of possible combinations to try so I thought maybe I would just ask.
> 
> Related, is there a detailed description of the default Security
> settings? I've checked the mailing lists and the Zope docs and if it's
> there, I guess I missed it.
> 
> Thanks,
> 
> 
> 
> 
> 
> 
> Traceback (innermost last):
>   File /usr/local/zope.old/lib/python/ZPublisher/Publish.py, line 222, in
> publish_module
>   File /usr/local/zope.old/lib/python/ZPublisher/Publish.py, line 187, in
> publish
>   File /usr/local/zope.old/lib/python/Zope/__init__.py, line 221, in
> zpublisher_exception_hook
> (Object: Traversable)
>   File /usr/local/zope.old/lib/python/ZPublisher/Publish.py, line 171, in
> publish
>   File /usr/local/zope.old/lib/python/ZPublisher/mapply.py, line 160, in
> mapply
> (Object: test)
>   File /usr/local/zope.old/lib/python/ZPublisher/Publish.py, line 112, in
> call_object
> (Object: test)
>   File /usr/local/zope.old/lib/python/OFS/DTMLDocument.py, line 177, in
> __call__
> (Object: test)
>   File /usr/local/zope.old/lib/python/DocumentTemplate/DT_String.py, line
> 528, in __call__
> (Object: test)
>   File /usr/local/zope.old/lib/python/DocumentTemplate/DT_Util.py, line
> 337, in eval
> (Object: REQUEST.set('ts', ZopeTime()))
> (Info: REQUEST)
>   File , line 0, in ?
> NameError: (see above)
> 
> 
> ___
> Zope maillist  -  [EMAIL PROTECTED]
> http://lists.zope.org/mailman/listinfo/zope
> **   No cross posts or HTML encoding!  **
> (Related lists - 
>  http://lists.zope.org/mailman/listinfo/zope-announce
>  http://lists.zope.org/mailman/listinfo/zope-dev )
> 
> 


___
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )

Re: [Zope] Newbie question : ZopeTime & permissions

Re: [Zope] Newbie question : ZopeTime & permissions

Re: [Zope] Newbie question : ZopeTime & permissions

Re: [Zope] Newbie question : ZopeTime & permissions

Re: [Zope] Newbie question : ZopeTime & permissions

Re: [Zope] Newbie question : ZopeTime & permissions

6 matches

Site Navigation

Mail list logo

Footer information