[Zope-CMF] Re: Trouble with .metadata files and security settings

[Tres Seaver]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Floyd May wrote:
 I have a set of files - page templates, python scripts, and zsql
 methods - that are set up as filesystem objects.  I'm having trouble
 getting the security set the way I want it to be with the .metadata
 files.  Here is the content of my .metadata files:
 --8-
 [security]
 View = 0:Manager
 Access contents information = 0:Manager
 Access Contents Information = 0:Manager
 -8--
 
 However, I can still access my content through an anonymous context.
 Can anyone give me some ideas about debugging my situation?  Thanks!
 
 Zope 2.7.7-final, python 2.3.5, freebsd5
 CMF 1.4.8
 
 fm
 
 (My mail client is wigging I think, so I'm resending with a new
 subject, sorry for the double post)
 ___
 Zope-CMF maillist  -  Zope-CMF@lists.zope.org
 http://mail.zope.org/mailman/listinfo/zope-cmf
 
 See http://collector.zope.org/CMF for bug reports and feature requests
 

A couple of things:

 - The last line is invalid.  I get the following in my error log with
   that line included, when running under CMF 1.5:

   2005-11-07 12:08:30 ERROR DirectoryView Error setting permissions
   Traceback (most recent call last):
 File
/home/tseaver/projects/CMF/cmf_test/z27_cmf14/Products/CMFCore/DirectoryView.py,
line 269, in prepareContents
   ob.manage_permission(name,roles,acquire)
 File
/home/tseaver/projects/Zope-CVS/Zope-2_7-branch/lib/python/AccessControl/Role.py,
line 188, in manage_permission
   raise ValueError, (
   ValueError: The permission emAccess Contents Information/em is
invalid.

 - When I look at the skin method's 'manage_access' (I have to hack the
   URL to make it happen, e.g.:

http://localhost:8080/test_14/portal_skins/foobar/foobar_template/manage_access
   the (valid) permissions *are* set correctly.

 - When I attempt to view the template under CMF 1.5, it raises
   Unauthorized with or without the invalid permission.  Under CMF 1.4,
   the invalid permission causes the View permission *not* to be set.

So:  remove the invalid permission setting and try again.


Tres.
- --
===
Tres Seaver  +1 202-558-7113  [EMAIL PROTECTED]
Palladion Software   Excellence by Designhttp://palladion.com
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDb5BT+gerLs4ltQ4RAq5pAJwJwZMZNzF9co5TOQ4bsbXTGLYkNQCguY2e
F1TzCYeyPKqEzvh+Vpnal+4=
=XNek
-END PGP SIGNATURE-

___
Zope-CMF maillist  -  Zope-CMF@lists.zope.org
http://mail.zope.org/mailman/listinfo/zope-cmf

See http://collector.zope.org/CMF for bug reports and feature requests

Re: [Zope-CMF] Re: Trouble with .metadata files and security settings

[Floyd May]

That worked beautifully!  Thanks!

fm

On 11/7/05, Tres Seaver [EMAIL PROTECTED] wrote:
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1

 Floyd May wrote:
  I have a set of files - page templates, python scripts, and zsql
  methods - that are set up as filesystem objects.  I'm having trouble
  getting the security set the way I want it to be with the .metadata
  files.  Here is the content of my .metadata files:
  --8-
  [security]
  View = 0:Manager
  Access contents information = 0:Manager
  Access Contents Information = 0:Manager
  -8--
 
  However, I can still access my content through an anonymous context.
  Can anyone give me some ideas about debugging my situation?  Thanks!
 
  Zope 2.7.7-final, python 2.3.5, freebsd5
  CMF 1.4.8
 
  fm
 
  (My mail client is wigging I think, so I'm resending with a new
  subject, sorry for the double post)
  ___
  Zope-CMF maillist  -  Zope-CMF@lists.zope.org
  http://mail.zope.org/mailman/listinfo/zope-cmf
 
  See http://collector.zope.org/CMF for bug reports and feature requests
 

 A couple of things:

  - The last line is invalid.  I get the following in my error log with
that line included, when running under CMF 1.5:

2005-11-07 12:08:30 ERROR DirectoryView Error setting permissions
Traceback (most recent call last):
  File
 /home/tseaver/projects/CMF/cmf_test/z27_cmf14/Products/CMFCore/DirectoryView.py,
 line 269, in prepareContents
ob.manage_permission(name,roles,acquire)
  File
 /home/tseaver/projects/Zope-CVS/Zope-2_7-branch/lib/python/AccessControl/Role.py,
 line 188, in manage_permission
raise ValueError, (
ValueError: The permission emAccess Contents Information/em is
 invalid.

  - When I look at the skin method's 'manage_access' (I have to hack the
URL to make it happen, e.g.:

 http://localhost:8080/test_14/portal_skins/foobar/foobar_template/manage_access
the (valid) permissions *are* set correctly.

  - When I attempt to view the template under CMF 1.5, it raises
Unauthorized with or without the invalid permission.  Under CMF 1.4,
the invalid permission causes the View permission *not* to be set.

 So:  remove the invalid permission setting and try again.


 Tres.
 - --
 ===
 Tres Seaver  +1 202-558-7113  [EMAIL PROTECTED]
 Palladion Software   Excellence by Designhttp://palladion.com
 -BEGIN PGP SIGNATURE-
 Version: GnuPG v1.4.1 (GNU/Linux)
 Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

 iD8DBQFDb5BT+gerLs4ltQ4RAq5pAJwJwZMZNzF9co5TOQ4bsbXTGLYkNQCguY2e
 F1TzCYeyPKqEzvh+Vpnal+4=
 =XNek
 -END PGP SIGNATURE-

 ___
 Zope-CMF maillist  -  Zope-CMF@lists.zope.org
 http://mail.zope.org/mailman/listinfo/zope-cmf

 See http://collector.zope.org/CMF for bug reports and feature requests

___
Zope-CMF maillist  -  Zope-CMF@lists.zope.org
http://mail.zope.org/mailman/listinfo/zope-cmf

See http://collector.zope.org/CMF for bug reports and feature requests