[Zope3-dev] Security mechanism finds permissions for Built-in principals, but not custom principals.

[Alec Munro]

Hi All,

I have created my own principal source, as a bare derivative of principalfolder.
My principals can log in, and are generally effective.

However, there seems to be some lacking to them. Whenever I access any
of a certain bunch of annotation adapters, I get a silent abort. That
is, it prints abort on the command line, but no more information. My
own personal experience is that these tend to be permission errors, so
I assume it is something like that.

What is especially odd is that I can assign the required permission to
zope.anybody, and I am able to access the adapters. Doing a heavy
sequence of print-based debugging, I found out that the error seems to
occur during a sequence of calls to my adapters __getattr__ method.
This method, in the case of my adapters, looks up the key in a
mapping, and raises an attribute error if it is not there. In each
case, the error occurs after it looks for a number of keys that aren't
there, a long sequence of "__parent__", and "__conform__". These occur
when I attempt to access a property of the adapter (any property).
They also occur even when it works, such as if I'm using zope.anybody,
so I don't think it is the calls themself that are causing there
error.

My impression is that the calls are related to zopes security
machinery, and that for some reason they end up being executed in a
place where they are unable to find the correct principal.

I'm sure you need more information, but I'm not sure what would be helpful.

Thanks,

Alec Munro