I did check with a fresh 2.6 xxJeremy Hylton wrote:
What if you used a special object that would produce a useful errorI like this. Make it a singleton, and put it in the global namespace for Scripts, so that we can write:
message if the user tries to access the container.
if context is Inaccessible:
# Do without access to context
I've checked in the changes to the 2.6 branch, 2.7 branch and the head to change the binding behavior for 'container' and 'context':
- If the user does not have access to the item, the script will bind an UnauthorizedBinding object instead of the real object, rather than throw an exception at binding time.
- Any attribute or item access on the UnauthorizedBinding will throw an Unauthorized, including the name of the binding that the user didn't have access to.
The result is that if you have scripts where the script container is inaccessible to the users of the script:
- If the script does not reference 'container' in its code, things will work without any action on the part of the site admin
- If the script *does* reference 'container' then a meaningful Unauthorized error will be raised. Site admins can either give users the appropriate roles on the script container or give appropriate proxy roles to the scripts to fix any problems.
Note that I *didn't* put the UnauthorizedBinding in the script globals to implement the Inaccessible idea above, because:
- it is kind of 'featurish', at least in that it really should have some associated documentation etc.
- I want to make only absolutely necessary changes at this point and get 2.6.4 and 2.7.0 finalized.
If any of the Plone folk who have been running into this issue can try the changes from cvs, I'd appreciate it.
thx,
Brian Lloyd [EMAIL PROTECTED]
V.P. Engineering 540.361.1716 Zope Corporation http://www.zope.com
_______________________________________________
Zope-Dev maillist - [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists - http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )
A DCWorkflow script that was not not called with the version from a few hours ago is now called but produces the following traceback
This happens when the container binding is set to "container" and also when it is cleared.
Traceback (innermost last):
Module ZPublisher.Publish, line 98, in publish
Module ZPublisher.mapply, line 88, in mapply
Module ZPublisher.Publish, line 39, in call_object
Module Products.CMFCore.FSPythonScript, line 92, in __call__
Module Shared.DC.Scripts.Bindings, line 298, in __call__
Module Shared.DC.Scripts.Bindings, line 329, in _bindAndExec
Module Products.CMFCore.FSPythonScript, line 126, in _exec
- __traceback_info__: ({'traverse_subpath': [], 'container': <PloneSite instance at 95efa58>,
'context': <PloneFolder instance at 9615280>, 'script': <FSPythonScript at
/zehnder/zehnder/createObject used for /zehnder/zehnder/tasklist/Task.2004-01-21.1914/Attachments>},
(None, 'File', None), {}, (None, None, None))
Module None, line 12, in createObject
Module Products.CMFCore.PortalFolder, line 362, in invokeFactory
Module Products.CMFCore.TypesTool, line 824, in constructContent
Module Products.CMFCore.TypesTool, line 516, in constructInstance
Module Products.CMFCore.TypesTool, line 420, in _finishConstruction
Module Products.CMFCore.CMFCatalogAware, line 101, in notifyWorkflowCreated
Module Products.CMFPlone.WorkflowTool, line 26, in notifyCreated
Module Products.CMFCore.WorkflowTool, line 362, in notifyCreated
Module Products.DCWorkflow.DCWorkflow, line 367, in notifyCreated
Module Products.DCWorkflow.DCWorkflow, line 440, in _changeStateOf
Module Products.DCWorkflow.DCWorkflow, line 543, in _executeTransition
Module Shared.DC.Scripts.Bindings, line 298, in __call__
Module Shared.DC.Scripts.Bindings, line 329, in _bindAndExec
Module Products.PythonScripts.PythonScript, line 311, in _exec
Module None, line 1, in setTaskOwner
- <PythonScript at /zehnder/zehnder/portal_workflow/ZWorkflow/scripts/setTaskOwner>
- Line 1
AttributeError: StateChangeInfo instance has no attribute 'getPhysicalRoot'Robert
_______________________________________________
Zope-Dev maillist - [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists - http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )
