[Zope] FW: Security question - precision

Bocquillon Philippe Philippe.Bocquillon@trasys.be
Sat, 27 Oct 2001 19:35:27 +0200


Hello again,

Precisions to my e-mail here after:

Zope refuses "add object" permission to any user having a role other than
Manager, i.e. Zope refuses to add objects in containers whose classes are my
proper classes (inheriting ObjectManager), even if I give all permissions to
these other roles, at root level and acquiring them.
When a role adds these objects in _standard_ Zope Folders, no problem, Zope
permits it.

What do I have forgotten to declare in my python classes ? Is it necessary
to define security assertions on methods like manage_addObject() ...?

Thanks,

Philippe

> -----Original Message-----
> From:	Bocquillon  Philippe 
> Sent:	samedi 27 octobre 2001 17:36
> To:	'zope@zope.org'
> Subject:	Security question
> 
> Hello,
> 
> I have defined a new role. Zope is refusing me to add an 
> object (of my own Python class), even if I check on all the 
> permission settings for that role in the Security tab of the 
> container folder (in a first step I turned only on some 
> obvious permissions that role should have, but as Zope 
> refused access to that role, I decided to try with setting on 
> all the permission settings: it does not work better).
> Can someone help me and give some hints of why Zope is 
> requiring that role to give password even when all 
> permissions are checked on for that role ?
> 
> Thanks in advance,
> 
> Philippe Bocquillon
>