[Zope] Unauthorized fixed--now the page is blank

Chris Africa cafrica@engin.umich.edu
Fri, 13 Sep 2002 08:27:34 -0400 

I never figured out the source of the unauthorized error, despite playing
around with local roles, proxy settings, and security settings (Thanks,
Deiter & Clemens for your suggestions). However, I fixed it by creating a
new document and copying/pasting the contents of the old into the new, then
adjusting the security settings as necessary.

Now I get a blank page with header and footer. The code is simple, and it
works other places. It is supposed to list the local file systems for which
the logged in user has been assigned a local role called "Local," which has
only viewing privileges.

<dtml-var standard_html_header>

<dtml-in expr="aq_parent.objectValues('[Local File System]')" sort="id"
skip_unauthorized>
  
  <ul>  
    <dtml-if "AUTHENTICATED_USER.has_role('Local',this())">
    <li><a href ="/Financials/<dtml-var getId>">#<dtml-var getId></a>
    </dtml-if>
   </ul>

</dtml-in>

<dtml-var standard_html_footer>

I found an page on using DTML with LocalFS
(http://www.zope.org/Members/jfarr/HowTo/DTML_with_LocalFS) but I'm only a
beginning programmer and I'm not sure what modifications need to be made
exactly. (Someone else wrote the original.) Searching the 200 MB Zope
archive didn't yield any helpful hints.

Zope-2.5.1, Mac OSX 10.1.5

Many thanks.

Chris


On 9/12/02 4:44 PM, "Dieter Maurer" <dieter@handshake.de> wrote:

> Chris Africa writes:
>> Well, my student programmer is gone and now suddenly my financials site is
>> not working. 
>> 
>> It spontaneously asks me to log in, and then gives me an error when I try to
>> view the page. Here's the traceback in the HTML source:
> 
> We (always!) want "Error type" and "Error value" in addition to a traceback
> (for the future).
> 
>> Traceback (innermost last):
>> ...
>>   File /Applications/Zope-2.5.1/lib/python/OFS/DTMLMethod.py, line 127, in
>> __call__
>>     (Object: index_html)
>>   File /Applications/Zope-2.5.1/lib/python/DocumentTemplate/DT_String.py,
>> line 473, in __call__
>>     (Object: index_html)
>> Unauthorized: (see above)
> Check the "View permission" of the respective "index_html".
> Explicitely add "Manager", if it is not there and try again.
> 
> If the problem remains, use Shanes "VerboseSecurity" product to find
> out precisely, what goes wrong.
> 
> 
> Dieter