After many tests, the feature works only when anonymous can view the content. Or the picture will not show even I login at admin.
I traced it, and found it fails at the last step: it returns the correct wrapper object, but fails when call the following __call__ method(no permission). It is quite strange since the __allow_access_to_unprotected_subobjects__ is already in the Wrapper class.
Any hint for me?
# the Wrapper class in BaseObject.py: class Wrapper: """wrapper object for access to sub objects """ __allow_access_to_unprotected_subobjects__ = 1
def __init__(self, data, filename, mimetype): self._data = data self._filename = filename self._mimetype = mimetype
def __call__(self, REQUEST=None, RESPONSE=None): if RESPONSE is None: RESPONSE = REQUEST.RESPONSE if RESPONSE is not None: mt = self._mimetype name =self._filename RESPONSE.setHeader('Content-type', str(mt)) RESPONSE.setHeader('Content-Disposition', 'inline;filename=%s' % name) RESPONSE.setHeader('Content-Length', len(self._data)) return self._data
_______________________________________________
Zope-Dev maillist - Zope-Dev@zope.org
http://mail.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists - http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )