[Zope-CMF] Workflowable folders & traversing issues

Doyon, Jean-Francois jdoyon at NRCan.gc.ca
Thu Jun 7 08:57:49 EDT 2007


OK, so which security setting do I set/unset to prevent traversal then? 

-----Original Message-----
From: zope-cmf-bounces at lists.zope.org
[mailto:zope-cmf-bounces at lists.zope.org] On Behalf Of Jens Vagelpohl
Sent: June 7, 2007 04:49
To: Zope-CMF List
Subject: Re: [Zope-CMF] Workflowable folders & traversing issues

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On 6 Jun 2007, at 19:42, Doyon, Jean-Francois wrote:

> Hello,
>
> I would like to have folders (and/or folder-ish content, if you 
> prefer), fully wokflowable.
>
> That is, when a folder is set private, it shouldn't be traversable, 
> and nothing under it should be accessible to anonymous users (assuming

> your standard workflow persmissions).  As it stands this isn't the 
> case, and folders are not workflowed.
>
> I've looked at using __boob_traverse__ on my Folder class, but that 
> seems to mess with the security context, as I suddenly start getting 
> unauthorized errors with something like:
>
>     def __bobo_traverse__(self, REQUEST, name=None):
>         print 'GOT HERE'
>         return getattr(self, name, self)
>
> (Specifically, I can't access properties() on the Folder instance for 
> example?)

If you have your own folder class already you are free to attach any
workflow or security settings to it you want. I'm not sure where the
problem is. You clearly should not try to enforce security by hacking
methods like __bobo_traverse__.

jens


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (Darwin)

iD8DBQFGZ8ZnRAx5nvEhZLIRAlVKAKC4bqHGP7p4f+8bb86A04xzq7OXUgCfc7Wg
5nm1kBuDuvcYZ7DOwlLxCVc=
=aOHo
-----END PGP SIGNATURE-----
_______________________________________________
Zope-CMF maillist  -  Zope-CMF at lists.zope.org
http://mail.zope.org/mailman/listinfo/zope-cmf

See http://collector.zope.org/CMF for bug reports and feature requests


More information about the Zope-CMF mailing list