[Zope-dev] Unauthorized - container has no security assertions
Morten W. Petersen
morten@thingamy.net
Wed, 7 Nov 2001 22:06:16 +0100 (CET)
Hi guys,
I'm trying to develop a request session class (delivers session on a
per-request basis), and during, get this error:
Error type: Unauthorized
Error value: Access denied for <method request_session.set of
request_session instance at 0x9185e5c> because its container,
<Products.warp_framework.request_session.request_session instance at
0x9185e5c>, has no security assertions.
Traceback (innermost last):
File
/home/morten/zope_instances/Zope-2.4.2-src/lib/python/ZPublisher/Publish.py,
line 223, in publish_module
File
/home/morten/zope_instances/Zope-2.4.2-src/lib/python/ZPublisher/Publish.py,
line 187, in publish
File
/home/morten/zope_instances/Zope-2.4.2-src/lib/python/ZPublisher/Publish.py,
line 171, in publish
File
/home/morten/zope_instances/Zope-2.4.2-src/lib/python/ZPublisher/mapply.py,
line 160, in mapply
(Object: abc)
File
/home/morten/zope_instances/Zope-2.4.2-src/lib/python/ZPublisher/Publish.py,
line 112, in call_object
(Object: abc)
File
/home/morten/zope_instances/Zope-2.4.2-src/lib/python/OFS/DTMLMethod.py,
line 195, in __call__
(Object: abc)
File
/home/morten/zope_instances/Zope-2.4.2-src/lib/python/DocumentTemplate/DT_String.py,
line 546, in __call__
(Object: abc)
File
/home/morten/zope_instances/Zope-2.4.2-src/lib/python/Products/ZDebug/DTMLDebug.py,
line 287, in debug_render_blocks
File
/home/morten/zope_instances/Zope-2.4.2-src/lib/python/Products/ZDebug/DTMLDebug.py,
line 237, in debugException
File
/home/morten/zope_instances/Zope-2.4.2-src/lib/python/Products/ZDebug/DTMLDebug.py,
line 285, in debug_render_blocks
File
/home/morten/zope_instances/Zope-2.4.2-src/lib/python/DocumentTemplate/DT_Util.py,
line 231, in eval
(Object: get_request_session().set('katt', 'mjau'))
(Info: get_request_session)
File <string>, line 2, in f
(Object: guarded_getattr)
File
/home/morten/zope_instances/Zope-2.4.2-src/lib/python/AccessControl/DTML.py,
line 101, in guarded_getattr
(Object: abc)
File
/home/morten/zope_instances/Zope-2.4.2-src/lib/python/AccessControl/ZopeGuards.py,
line 122, in guarded_getattr
File
/home/morten/zope_instances/Zope-2.4.2-src/lib/python/AccessControl/SecurityManager.py,
line 149, in validate
File
/home/morten/zope_instances/Zope-2.4.2-src/lib/python/Products/ZDebug/DebugSecurityPolicy.py,
line 185, in validate
Unauthorized: (see above)
The classes look like this:
class request_session:
"""Class used for storing data on a per-request basis."""
def __init__(self):
self.storage_ = {}
def set(self, key, value):
"""Hook for setting values via DTML."""
self.storage_[key] = value
__set_roles__ = None
def __getitem__(self, key):
return self.storage_[key]
def __getattr__(self, name):
try:
return self.__getitem__(name)
except KeyError:
raise AttributeError, name
class request_session_mixin:
"""Mixin class which will provide a request session."""
def get_request_session(self):
"""Returns the session for the request."""
try:
return self.get_request()['request_session_']
except KeyError:
self.get_request().set('request_session_', request_session())
return self.get_request_session()
Any help much appreciated.
Cheers,
Morten
-- About Thingamy:
http://www.thingamy.com - For the CEO
http://www.thingamy.org - The good stuff
http://www.thingamy.net - Rants