Re: [Zope-CMF] Workflowable folders traversing issues
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 6 Jun 2007, at 19:42, Doyon, Jean-Francois wrote: Hello, I would like to have folders (and/or folder-ish content, if you prefer), fully wokflowable. That is, when a folder is set private, it shouldn't be traversable, and nothing under it should be accessible to anonymous users (assuming your standard workflow persmissions). As it stands this isn't the case, and folders are not workflowed. I've looked at using __boob_traverse__ on my Folder class, but that seems to mess with the security context, as I suddenly start getting unauthorized errors with something like: def __bobo_traverse__(self, REQUEST, name=None): print 'GOT HERE' return getattr(self, name, self) (Specifically, I can't access properties() on the Folder instance for example?) If you have your own folder class already you are free to attach any workflow or security settings to it you want. I'm not sure where the problem is. You clearly should not try to enforce security by hacking methods like __bobo_traverse__. jens -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (Darwin) iD8DBQFGZ8ZnRAx5nvEhZLIRAlVKAKC4bqHGP7p4f+8bb86A04xzq7OXUgCfc7Wg 5nm1kBuDuvcYZ7DOwlLxCVc= =aOHo -END PGP SIGNATURE- ___ Zope-CMF maillist - Zope-CMF@lists.zope.org http://mail.zope.org/mailman/listinfo/zope-cmf See http://collector.zope.org/CMF for bug reports and feature requests
RE: [Zope-CMF] Workflowable folders traversing issues
OK, so which security setting do I set/unset to prevent traversal then? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jens Vagelpohl Sent: June 7, 2007 04:49 To: Zope-CMF List Subject: Re: [Zope-CMF] Workflowable folders traversing issues -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 6 Jun 2007, at 19:42, Doyon, Jean-Francois wrote: Hello, I would like to have folders (and/or folder-ish content, if you prefer), fully wokflowable. That is, when a folder is set private, it shouldn't be traversable, and nothing under it should be accessible to anonymous users (assuming your standard workflow persmissions). As it stands this isn't the case, and folders are not workflowed. I've looked at using __boob_traverse__ on my Folder class, but that seems to mess with the security context, as I suddenly start getting unauthorized errors with something like: def __bobo_traverse__(self, REQUEST, name=None): print 'GOT HERE' return getattr(self, name, self) (Specifically, I can't access properties() on the Folder instance for example?) If you have your own folder class already you are free to attach any workflow or security settings to it you want. I'm not sure where the problem is. You clearly should not try to enforce security by hacking methods like __bobo_traverse__. jens -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (Darwin) iD8DBQFGZ8ZnRAx5nvEhZLIRAlVKAKC4bqHGP7p4f+8bb86A04xzq7OXUgCfc7Wg 5nm1kBuDuvcYZ7DOwlLxCVc= =aOHo -END PGP SIGNATURE- ___ Zope-CMF maillist - Zope-CMF@lists.zope.org http://mail.zope.org/mailman/listinfo/zope-cmf See http://collector.zope.org/CMF for bug reports and feature requests ___ Zope-CMF maillist - Zope-CMF@lists.zope.org http://mail.zope.org/mailman/listinfo/zope-cmf See http://collector.zope.org/CMF for bug reports and feature requests
[Zope-CMF] Workflowable folders traversing issues
Hello, I would like to have folders (and/or folder-ish content, if you prefer), fully wokflowable. That is, when a folder is set private, it shouldn't be traversable, and nothing under it should be accessible to anonymous users (assuming your standard workflow persmissions). As it stands this isn't the case, and folders are not workflowed. I've looked at using __boob_traverse__ on my Folder class, but that seems to mess with the security context, as I suddenly start getting unauthorized errors with something like: def __bobo_traverse__(self, REQUEST, name=None): print 'GOT HERE' return getattr(self, name, self) (Specifically, I can't access properties() on the Folder instance for example?) I've looksed at using the registerBeforeTraverse friends hooks, but those rely on *calling the object* as fas I know (With NameCaller), and I'm not sure overriding __call__ on my Folder class would be such a good idea. I imagine this has been done before? Any thoughts/ideas/solutions? Oh and I didn't see any permission setting that seem to control this also ... that would be ideal of course :) Thanks! Jean-François Doyon Data Dissemination Division | Division de la diffusion des données Data Management and Dissemination Branch | Direction de la gestion et de la diffusion des données Earth Sciences Sector | Secteur des sciences de la Terre Natural Resources Canada | Ressources naturelles Canada Ottawa, Canada K1A 0E9 [EMAIL PROTECTED] Telephone | Téléphone 613-992-4902 Facsimile | Télécopieur 613-947-2410 Teletypewriter | Téléimprimeur 613-996-4397 Government of Canada | Gouvernement du Canada ___ Zope-CMF maillist - Zope-CMF@lists.zope.org http://mail.zope.org/mailman/listinfo/zope-cmf See http://collector.zope.org/CMF for bug reports and feature requests
Re: [Zope-CMF] Workflowable folders traversing issues
Previously Doyon, Jean-Francois wrote: I've looked at using __boob_traverse__ on my Folder class, but that seems to mess with the security context, as I suddenly start getting unauthorized errors I can imagine authorisation problems when trying boob traversal :) (couldn't resist..) Wichert. -- Wichert Akkerman [EMAIL PROTECTED]It is simple to make things. http://www.wiggy.net/ It is hard to make things simple. ___ Zope-CMF maillist - Zope-CMF@lists.zope.org http://mail.zope.org/mailman/listinfo/zope-cmf See http://collector.zope.org/CMF for bug reports and feature requests