[Zope3-Users] Where unauthorized is raised?
darryl at darrylcousins.net.nz
Fri Jul 21 05:46:21 EDT 2006
def __init__ ...
self.context = self.__parent__ = context
That's what I was missing in the adapter. Can I clarify this?
The adapter is adapting an object (`self.context=context` in
The field is getting an attribute from the security-proxied adapter.
The permission is found on the adapter ('tfws.view') and the principal
has this permission in the context, **but**; not on the adapter because
the adapter has no 'location'. Only when I gave it a location with
`self.__parent__` was the principal's possesion of the permission
recognised as applying also to the adapter.
Baiju: Probably one for your faq? Pester me.
Likely be it, that somewhere is text that would have informed me. Damned
if I could find it though. Excuse the noise.
Where is that Unauthorized raised?
# grep -R Unauthorized /usr/lib/python2.4/site-packages/zope/ | grep raise | uniq
/usr/lib/python2.4/site-packages/zope/security/checker.py: raise Unauthorized(object, name, permission)
That's the only one that matches, but I don't believe that is it. Maybe
then in a .so? Curious.
On Fri, 2006-07-21 at 20:26 +1200, Darryl Cousins wrote:
> An update on this.
> When I change the permission on IMemberEditForm to zope.Public or
> zope.View then the form is displayed. Which is why I want to find the
> permission checker. The principal can view other objects protected by
> tfws.view but not this one.
> If I can find where the permission is being checked then perhaps I will
> find out why my principal is not passing the security checker and how I
> can fix it.
> Sorry if I'm getting hysterical.
> On Fri, 2006-07-21 at 19:33 +1200, Darryl Cousins wrote:
> > Hi All,
> > I'm having a permissions problem with a formlib form and an adapter.
> > I have put the following in zope/schema/_bootstrapfields.py
> > class Field ...
> > def get(self, object):
> > try:
> > getattr(object, self.__name__)
> > except:
> > import sys
> > print sys.exc_type, sys.exc_value
> > return getattr(object, self.__name__)
> > the print I get is:
> > zope.security.interfaces.Unauthorized
> > (<tfws.portal.member.adapters.MemberEditFormForMember object at
> > 0xb5b5bc8c>, 'clear_photo', 'tfws.view')
> > What I need to know is where is this Unauthorized being raised to debug
> > further (as my principal indeed has the permission tfws.view). I need to
> > pinpoint why.
> > the only raise I can find that matches is in zope/security/checker but
> > 'print's that I have added there give me nothing.
> > Thanks,
> > Darryl
> > _______________________________________________
> > Zope3-users mailing list
> > Zope3-users at zope.org
> > http://mail.zope.org/mailman/listinfo/zope3-users
> Zope3-users mailing list
> Zope3-users at zope.org
More information about the Zope3-users