[Zope3-dev] ForbiddenAttribute error using vocabulary

[Steve Alexander]

> The unit tests clearly aren't strong enough, or this would have been
> caught.  ;-(

This isn't a unit test issue. It is a functional test issue, because it 
involves security proxies and factories and zcml registered views.

I've come across this problem in my own project that uses vocabulary 
fields. I didn't have time to fully analyse what is going on, so I 
stopped when I'd fixed my immediate problem.

IIRC, basically the widget is being security wrapped when it shouldn't 
be. Actually, it was getting two layers of security wrapping. I think 
this is caused by the double-dispatch kind of way that vocabulary 
widgets are looked up.

--
Steve Alexander