[Zope] proxy roles in 2.2

ethan mindlace fremen mindlace@digicool.com
Mon, 21 Aug 2000 16:28:55 -0400


Sven Hohage wrote:
> 
> Hi,
> I've got two questions.
> 1.Is Zope 2.2.0 masking the length of the passwords?
> 2. the more important->
> I'm using a method to change properties by form. The user i.e. Tim has
> the role manager in the highest user_folder and acquisition is kept but
> Zope tells me that the user is not authorized.  Why???
>  Thanks!

in 2.2 proxy roles are that of the object owner.  Therefore, the role(s)
of the user that calls the object aren't relevant.  If you need it to
execute with higher permissions you need to give ownership of it to
someone with the proper permissions.  you may then restrict access to
the method according to the authenticated user.

hope that helps,
-- 
ethan mindlace fremen
Zopatista Community Liason
Abnegate I!