[Zope] Re-post of a roles problem: please help
Dieter Maurer
dieter@handshake.de
Fri, 21 Jun 2002 23:32:12 +0200
Aseem Mohanty writes:
> Sorry for the repost, I desperately need help on this and any help would
> be greatly appreciated.
>
> The problem being that I have a custom User Folder loosely based on
> mysqluserfolder, without the cookies and session stuff, for that I use
> Cookie Crumbler and CST. Otherwise the code is pretty much the same with
> modifications to suit my purposes.
>
> Now lets say I have a user with role "X". I set up a folder that is
> veiwable only be ppl with role X via the security tab. When I try to
> view it, zope refuses entry to me. When I do a
> AUTHENTICATED_USER.getRoles or
> _.SecurityGetUser().getRoles() I get alist that has Authenticated User,
> Anonymous and X in it. I looked up and walked through the validate
> function in my UF and printed out roles just before it calls authorize
> and the list of roles is the same there too.
> ....
Disable cookie mode in Cookie Crumbler (remove the "login_form")
and analyse the "Unauthorized" error response.
Probably, you are not allowed to access something outside your
current object.
Dieter