[ZCM] [ZC] 316/ 2 Reject "Renaming objects breaks ownership"

Collector: Zope Bugs, Features, and Patches ... zope-coders-admin at zope.org
Mon Mar 8 02:18:28 EST 2004 

Issue #316 Update (Reject) "Renaming objects breaks ownership"
 Status Rejected, Zope/bug medium
To followup, visit:
  http://zope.org/Collectors/Zope/316

==============================================================
= Reject - Entry #2 by mcdonc on Mar 8, 2004 2:18 am

 Status: Pending => Rejected

> = Request - Entry #1 by Anonymous User on Mar 27, 2002 5:07 pm
> 
> 1) Got a folderish object A
> 2) Object A container a userfolder (exUserFolder in my case). e.g. A.acl_users
> 3) Userfolder contains user X (A.acl_users.X)
> 4) Subobjects of A are owned by X
> 5) Rename A to B
> 6) Ownership information will be (A.acl_users.X)
> 7) User A.acl_users.X can't be found (Because now it's B.acl_users.X
> 8) ZopeSecurityPolicy can't find the owner's userobject and objects are
>   owned by 'Anonymous User'.
> 9) Taking away permissions from 'Anonymous User' (e.g. 'View') makes
>   Object *somehow* inaccessable (can be managed, but can't be 'View'ed.

Yes.  This is an unfortunate limitation of how Zope ownership works.  Zope stores object ownership info in a tuple of (userdb_path, user_id).  Objects which are owned are not notified when the userdb_path changes (when the folder containing the user folder is renamed, for instance), so when the security machinery tries to find the user it fails.

> As a workaround, you can reclaim ownership of the renamed object (B
>   formerly known as A) and all it's subobjects with some user who's got the
>   'Manager' role. 

Yes.  It would be nice if Zope did this automatically, but it's probably not in the cards for Zope 2 unless someone really, desperately needs it and contributes it.  Thus I am rejecting this (after two years, it's time ;-)


________________________________________
= Request - Entry #1 by Anonymous User on Mar 27, 2002 5:07 pm

1) Got a folderish object A
2) Object A container a userfolder (exUserFolder in my case). e.g. A.acl_users
3) Userfolder contains user X (A.acl_users.X)
4) Subobjects of A are owned by X
5) Rename A to B
6) Ownership information will be (A.acl_users.X)
7) User A.acl_users.X can't be found (Because now it's B.acl_users.X
8) ZopeSecurityPolicy can't find the owner's userobject and objects are owned by 'Anonymous User'.
9) Taking away permissions from 'Anonymous User' (e.g. 'View') makes Object *somehow* inaccessable (can be managed, but can't be 'View'ed.

As a workaround, you can reclaim ownership of the renamed object (B formerly known as A) and all it's subobjects with some user who's got the 'Manager' role. 

It sucks somehow, though I'm relieved I found a workaround and will sleep well tonight :-)

I'm not marking this as security related, because it doesn't make objects accessible but rather inaccessible instead. 
==============================================================

More information about the Zope-Collector-Monitor mailing list