Hi!<br>I don't understand quite well this explanation but it interest me a lot (as you can read if you search for my all questions about __bobo_traverse__)<br>do it need I put the __allow_access_to_unprotected_subobjects__=1 in the __bobo_traverse__ or in other place?<br>
<br>I my last try to solve this issue in my case I try the __roles__ = None but this was an uncomplete solution<br><br>Please can you complete my information?<br><br>Thanks!<br><br><div><span class="gmail_quote">2008/1/25, Dieter Maurer <<a href="mailto:dieter@handshake.de">dieter@handshake.de</a>>:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Gerhard Schmidt wrote at 2008-1-25 12:04 +0100:<br>>Dieter Maurer schrieb:<br>> ...<br>>> I expect that the "message" object implements a "__bobo_traverse__"<br>>> method (or gets one through "Five").<br>
>> Zope is a bit stupid when "__bobo_traverse__" returns an object<br>>> without security declarations -- such as e.g. a string.<br>>> In this case, it insists that "getattr" must return the same object<br>
>> and raise "Unauthorized" otherwise.<br>><br>>Time 2008/01/25 12:01:53.125 GMT+1<br>>User Name (User Id) DC83D1F1DB88CDE8 (DC83D1F1DB88CDE8)<br>>Request URL <a href="http://devportal:6080/portal_communications/manage_messagequeue">http://devportal:6080/portal_communications/manage_messagequeue</a><br>
>Exception Type Unauthorized<br>>Exception Value You are not allowed to access 'a particular str' in<br>>this context<br>> ...<br>> - __traceback_info__: message<br>> Module Products.PageTemplates.Expressions, line 338, in restrictedTraverse<br>
> - __traceback_info__: {'path': ['ID'], 'TraversalRequestNameStack': []}<br>>Unauthorized: You are not allowed to access 'a particular str' in this<br>>context<br><br>This may be compatible with my assumption.<br>
<br>Check line 338 in "Products/PageTemplates/Expressions.py".<br>When this line is in the block handling the "__bobo_traverse__",<br>then you have confirmed my assumption.<br><br><br>In this case, you must either get rid of the message's "__bobo_traverse__"<br>
or let it return an object with security declarations (such<br>as an "str" wrapper with an "__allow_access_to_unprotected_subobjects__=1"<br>and "__roles__=None") or ensure that a "getattr" results in the same<br>
str or fix Zope.<br><br><br>--<br>Dieter<br>_______________________________________________<br>Zope maillist - <a href="mailto:Zope@zope.org">Zope@zope.org</a><br><a href="http://mail.zope.org/mailman/listinfo/zope">http://mail.zope.org/mailman/listinfo/zope</a><br>
** No cross posts or HTML encoding! **<br>(Related lists -<br> <a href="http://mail.zope.org/mailman/listinfo/zope-announce">http://mail.zope.org/mailman/listinfo/zope-announce</a><br> <a href="http://mail.zope.org/mailman/listinfo/zope-dev">http://mail.zope.org/mailman/listinfo/zope-dev</a> )<br>
</blockquote></div><br><br clear="all"><br>-- <br>Mis Cosas<br><a href="http://blogs.sistes.net/Garito">http://blogs.sistes.net/Garito</a><br>Zope Smart Manager<br><a href="http://blogs.sistes.net/Garito/670">http://blogs.sistes.net/Garito/670</a>