[Zope] Security problem
Casey Duncan
cduncan@kaivo.com
Thu, 17 May 2001 08:53:06 -0600
Punn wrote:
>
> Hello,
>
> I am newbie.
>
> My Zope security works in a strange way:
> The security tab says as follows:
> When the Acquire permission settings checkbox is selected
> then the containing objects's permission settings are used.
This means that when it is checked, the permission settings on the
containing folders up to the root also apply to this object.
>
> It took me some time to understand, that
> the settings are USED, when the Acquire permission settings checkbox is
> UNchecked.
> All checked settings are ignored.
No, checking permissions along with "Acquire permission settings"
checked means you are adding permissions to any ones also acquired from
above.
>
> For example, if I want to prevent Anonymous user seeing something,
> I must uncheck in the View row "Acquire permission setting" and "Anonymous
> user" columns.
This is the way it works. Because View is a permission set for the
Anonymous role in the root folder (check the security tab there), it is
in affect here when "Acquire permission settings" is checked. To revoke
this permission, you must uncheck "Acquire permission settings" so that
the root folder's View setting does not affect the object.
>
> What is wrong?
[snip]
>
> Andres Punning
>
hth,
--
| Casey Duncan
| Kaivo, Inc.
| cduncan@kaivo.com
`------------------>