Replying to my own post as I just found the answer to my problem (which
had nothing to do with the version of zope).
The problem was that when I mass-imported some folders to the new
instance, I didn't check to retain the ownership information; thus the
templates where executed whith the credentials of the Anonymous role.
Sorry for bothering, I hope someone finds this post usefull in the future,
Pablo
PS: setting the verbose-security on was of great help in order to
address this issue
Pablo Ziliani wrote:
Hello,
I am having a very tough time with permissions after I have upgraded
to 2.8.4 from 2.8.1, and I would really appreciate some help as I have
exhausted my imagination trying to figure what's wrong.
I have the following structure in my zope instance:
zope root
|---- sites
|----|---- admin
|----|---- website
Inside the folder admin I have some templates using a macro named
"page" in a sibling template.
The folder "sites" has some checks marked in the security tab, but
this is supposed to be ineffective since all the permissions are also
acquiring from the root folder.
The folder "admin" has the default permissions but for the "View" and
"Access Content Information", which I only made available for Managers
and some other irrelevant roles.
Pages inside admin (i.e.: "users.html") have additional security
configurations, but in all cases Managers are explicitly allowed.
The "website" folder is the virtual domain, so when I call
http://mywebsite.com/admin I am in fact acquiring the folder from
above the site root (website). However, this doesn't seem to be the
problem: the same occurs if I move admin inside website.
My user is defined in the zope root and although there's another
acl_folder in "sites" there's no user there with my same id.
The odd thing is that if I (also) check all the "Acquire permissions
settings" checkbox in admin, I will be able to access the macro but
then the macro page won't be able to access some methods
i.e."template/title_or_id". I think this should not happen, Managers
are always (explicitly!) allowed all along the path from the root to
each page.
As said, this was working fine in 2.8.1.
Any help or hint would be greatly appreciated,
TIA, Pablo
PS: this is the traceback:
Request URL http://mywebsite.com/admin/users.html
Exception Type Unauthorized
Exception Value Not authorized to access binding: context
Traceback (innermost last):
* Module ZPublisher.Publish, line 113, in publish
* Module ZPublisher.mapply, line 88, in mapply
* Module ZPublisher.Publish, line 40, in call_object
* Module Shared.DC.Scripts.Bindings, line 311, in __call__
* Module Shared.DC.Scripts.Bindings, line 348, in _bindAndExec
* Module Products.PageTemplates.ZopePageTemplate, line 256, in _exec
* Module Products.PageTemplates.PageTemplate, line 104, in pt_render
<ZopePageTemplate at /sites/admin/users.html>
* Module TAL.TALInterpreter, line 206, in __call__
* Module TAL.TALInterpreter, line 250, in interpret
* Module TAL.TALInterpreter, line 697, in do_useMacro
* Module Products.PageTemplates.TALES, line 221, in evaluate
URL: /sites/admin/users.html
Line 4, Column 0
Expression: standard:'here/template_admin.html/macros/page'
Names:
{'container': <UnauthorizedBinding: container>,
'context': <UnauthorizedBinding: context>,
'default': <Products.PageTemplates.TALES.Default instance at 0xb7516c4c>,
'here': <UnauthorizedBinding: context>,
'loop': <Products.PageTemplates.TALES.SafeMapping object at 0xb3ee062c>,
'modules': <Products.PageTemplates.ZRPythonExpr._SecureModuleImporter
instance at 0xb7528b4c>,
'nothing': None,
'options': {'args': ()},
'repeat': <Products.PageTemplates.TALES.SafeMapping object at
0xb3ee062c>,
'request': <HTTPRequest, URL=http://mywebsite.com/admin/users.html>,
'root': <Application at >,
'template': <ZopePageTemplate at /sites/admin/users.html>,
'traverse_subpath': [],
'user': pablo}
* Module Products.PageTemplates.Expressions, line 185, in __call__
* Module Products.PageTemplates.Expressions, line 173, in _eval
* Module Products.PageTemplates.Expressions, line 127, in _eval
__traceback_info__: here
* Module Products.PageTemplates.Expressions, line 284, in
restrictedTraverse
__traceback_info__: {'path': ['template_admin.html', 'macros',
'page'], 'TraversalRequestNameStack': ['page', 'macros']}
* Module Shared.DC.Scripts.Bindings, line 180, in __getattr__
* Module Shared.DC.Scripts.Bindings, line 187, in __you_lose
Unauthorized: Not authorized to access binding: context
_______________________________________________
Zope maillist - Zope@zope.org
http://mail.zope.org/mailman/listinfo/zope
** No cross posts or HTML encoding! **
(Related lists -
http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope-dev )
