[Zope] Re-post of a roles problem: please help

Aseem Mohanty aseem@neurobehavioralsystems.com
Wed, 19 Jun 2002 23:27:45 -0700

Sorry for the repost, I desperately need help on this and any help would 
be greatly appreciated.

The problem being that I have a custom User Folder loosely based on 
mysqluserfolder, without the cookies and session stuff, for that I use 
Cookie Crumbler and CST. Otherwise the code is pretty much the same with 
modifications to suit my purposes.

Now lets say I have a user with role "X". I set  up a folder that is 
veiwable only be ppl with role X via the security tab. When I try to 
view it, zope refuses entry to me. When I do a 
_.SecurityGetUser().getRoles() I get alist that has Authenticated User, 
Anonymous and X in it. I looked up and walked through the validate 
function in my UF and printed out roles just before it calls authorize 
and the list of roles is the same there too.

My authorize function is the following:

   authorize__roles__ = ()
   def authorize (Self, user, roles, REQUEST):
       v = REQUEST ['PUBLISHED']     # the published object
       a, c, n, v = Self._getobcontext(v, REQUEST)
       allowed = AccessControl.User.BasicUserFolder.authorize (Self, 
user, a, c, n, v, roles)
       if not allowed: return None
       else: return user

Its essentially the same as in mysqluserfolder.

The authorize() function in my UF also seems to be letting me (allowed = 
1) in if I have the right role but I still get kicked out. As I said I 
am using Cookie crumbler and CST (I dont think this has anything to do 
with it) So who is kicking me out?? If my UF says I am cool and I have 
the right roles why am I getting kicked out??
Any pointers.


 Aseem Mohanty							   
 Neurobehavioral Systems Inc, 828 San Pablo Ave, Albany, CA 94706 
 (R) 510 7696011 (M) 510 3014871 (O) 510 5279231		  	
 "I saw `cout' being shifted "Hello world" times to the left and  
  stopped right there!!"                        -- Steve Gonedes