[Zope] Re: Anonymous users can download files stored in a restricted folder

Tres Seaver tseaver at zope.com
Mon Apr 11 12:16:54 EDT 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Barbara Harris wrote:

> I'm still using the default_workflow (Simple Review / Publish Policy)
> because it meets the content owner's requirements.  I didn't look in
> this area because I thought I could only apply a workflow to ALL
> folders, and I want this security restriction on only one of the site's
> folders.  Have I missed your point?

Please look at the "Security" tab of one of your documents:  I'm willing
to bet that, after publication, the "View" permission is granted to the
Anonymous role.  In that case, the settings on the folder are irrelevant.

To make those settings relevant, you are going to have to change
something:  using a DCWorkflow (there is one available which mimics the
'default_workflow') and tweaking the security settings for the
"published" state is your likeliest bet.

In that case, you would:

 1. Delete the 'default_workflow' from the 'portal_workflow' tool.

 2. Create a DCWorkflow in the tool, selecting the option labelled
    "default_workflow (Web-configurable workflow [Classic])".

 3. Change the security settings settngs on the "published" state,
    turning on the "acquire" flag for the "View" permisison and turning
    off the grant to "Anonymous".

 4. Use the "Update security settings" button on the "Workflows" tab of
    the workflow tool to re-apply the settings you have just tweaked.

I've readded the Zope list to the address;  note that, since this is
workflow-related, the zope-cmf list would be a more appropriate forum.


Tres.
- --
===============================================================
Tres Seaver                                tseaver at zope.com
Zope Corporation      "Zope Dealers"       http://www.zope.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCWqL2GqWXf00rNCgRAuCSAJ9wEupLuCk/pK9799IMa8BE1Q7P+gCfWJIR
1pqFYNrz3SfHqYio1+690yU=
=N0LV
-----END PGP SIGNATURE-----


More information about the Zope mailing list