[Zope] Dangerous permissions granted to Anonymous to allow ZClass instantiation?
Wed, 03 Jul 2002 18:04:37 +0200
The following looks like a Zope bug (Zope 2.5.1):
It seems that permissions such as Create class instances must be given
to Anonymous so that Authenticated can create class instances. It seems
impossible to only allow Authenticated to create class instances.
Error Type: Unauthorized
Error Value: You are not allowed to access ORL_Art in this context
The error above appears for the following Python Script line:
The error appears if Authenticated role has the following permissions
and Anonymous does not have them:
Add Documents, Images, and Files
Create class instances
The error disappears if Anonymous is given the above roles.
If this is not Zope bug, what might be causing it? The manage_addProduct
did not have this problem in Zope 2.4.4.