[Zope] How to debug access denials?

Stephane Bortzmeyer bortzmeyer@pasteur.sn
Thu, 14 Dec 2000 15:27:53 +0000 

On Thu, Dec 14, 2000 at 12:21:19PM +0100, Jerome Alet wrote:

> > a python traceback in there which should provide the information you're
> > looking for...

Great, I missed it.
 
> May I add: "... in an incredibly unreadable and hardly understandable
> format." ? 

Indeed. What am I supposed to do with that? Why is the 'title'
property of the object unauthorized? (The object itself is viewable by
Anonymous.)

The relevant line seems to be:

  File /usr/lib/python1.5/site-packages/DocumentTemplate/DT_Util.py, line 331, in eval
    (Object: title != '' and
                   AUTHENTICATED_USER.has_permission('View',_.getitem('id',1)))
    (Info: title)

and the full traceback is:

  You are not authorized to access <em>title</em>.
<!--
Traceback (innermost last):
  File /usr/lib/python1.5/site-packages/ZPublisher/Publish.py, line 222, in publish_module
  File /usr/lib/python1.5/site-packages/ZPublisher/Publish.py, line 187, in publish
  File /usr/lib/python1.5/site-packages/ZPublisher/Publish.py, line 171, in publish
  File /usr/lib/python1.5/site-packages/ZPublisher/mapply.py, line 160, in mapply
    (Object: Map)
  File /usr/lib/python1.5/site-packages/ZPublisher/Publish.py, line 112, in call_object
    (Object: Map)
  File /usr/share/zope/lib/python/OFS/DTMLMethod.py, line 172, in __call__
    (Object: Map)
  File /usr/lib/python1.5/site-packages/DocumentTemplate/DT_String.py, line 528, in __call__
    (Object: Map)
  File /usr/lib/python1.5/site-packages/DocumentTemplate/DT_With.py, line 146, in render
    (Object: aq_parent)
  File /usr/share/zope/lib/python/OFS/DTMLMethod.py, line 168, in __call__
    (Object: recurseFolder)
  File /usr/lib/python1.5/site-packages/DocumentTemplate/DT_String.py, line 528, in __call__
    (Object: recurseFolder)
  File /usr/lib/python1.5/site-packages/DocumentTemplate/DT_In.py, line 691, in renderwob
    (Object: objectItems(['Folder']))
  File /usr/lib/python1.5/site-packages/DocumentTemplate/DT_Util.py, line 331, in eval
    (Object: title != '' and
                   AUTHENTICATED_USER.has_permission('View',_.getitem('id',1)))
    (Info: title)
  File /usr/share/zope/lib/python/OFS/DTMLMethod.py, line 194, in validate
    (Object: Map)
  File /usr/share/zope/lib/python/AccessControl/SecurityManager.py, line 139, in validate
  File /usr/share/zope/lib/python/AccessControl/ZopeSecurityPolicy.py, line 209, in validate
Unauthorized: (see above)

-->

I had to drop most of my DTML methods for the experimental sites I use
to "sell" Zope to other people, they're too hard to use. DTML methods
brings me back to sendmail.cf editing: great in theory but only a few
people (after an agreement with the devil?) can do what they want with
it.