this is in the context of CMF, but its a ZOPE Security issue. I have a Script (Python), createJobPosting which is: from DateTime import DateTime path = ('', 'virtual_hosts', 'thecommode', 'Members', 'PUBLIC') PUBLIC = context.restrictedTraverse(path) id = str(DateTime().millis()) PUBLIC.invokeFactory(type_name='Job Posting', id=id) obj = getattr(PUBLIC,id) view = getattr(obj,'job_edit_form') return obj.getEditView() that is Proxied as Manager/Member/Reviewer. it creates a object just fine (in Members/PUBLIC) so then the script then calls obj.getEditView() which is: security.declarePublic('getEditView') def getEditView(self): skins = getToolByName(self, 'portal_skins') if hasattr(skins, 'job_edit_form'): self.editView = getattr(skins, 'job_edit_form') return self.editView(self, self.REQUEST) # i assume this gets a new security context? when its being 'published', how can i proxy this as Manager/Member/Reviewer? I need to render the job_edit_form (filesystem DTML Method) in the same Security Proxy context (as Manager/Member/Reviewer), but upon its publishing it encounters as _.hasattr(this(), 'myAttribute') and says I dont have access to this(). Zope2.3.3, CMF1.1, Linux, Python 1.52 Traceback (innermost last): File /home/zope/ZopeInstallation/ZopeSoftwareHome/lib/python/ZPublisher/Publish.p y, line 223, in publish_module File /home/zope/ZopeInstallation/ZopeSoftwareHome/lib/python/ZPublisher/Publish.p y, line 187, in publish File /home/zope/ZopeInstallation/ZopeSoftwareHome/lib/python/ZPublisher/Publish.p y, line 171, in publish File /home/zope/ZopeInstallation/ZopeSoftwareHome/lib/python/ZPublisher/mapply.py , line 160, in mapply (Object: createJobPosting) File /home/zope/ZopeInstallation/ZopeSoftwareHome/lib/python/ZPublisher/Publish.p y, line 112, in call_object (Object: createJobPosting) File /home/zope/ZopeInstallation/ZopeSoftwareHome/lib/python/Shared/DC/Scripts/Bi ndings.py, line 324, in __call__ (Object: createJobPosting) File /home/zope/ZopeInstallation/ZopeSoftwareHome/lib/python/Shared/DC/Scripts/Bi ndings.py, line 354, in _bindAndExec (Object: createJobPosting) File /home/zope/ZopeInstallation/ZopeSoftwareHome/lib/python/Products/PythonScrip ts/PythonScript.py, line 336, in _exec (Object: createJobPosting) (Info: ({'script': <PythonScript instance at 8896da8>, 'context': <CMFSite instance at 884bad0>, 'container': <CMFSite instance at 884bad0>, 'traverse_subpath': []}, (), {}, None)) File Script (Python), line 11, in createJobPosting (Object: DateTime) File /home/zope/ZopeInstallation/InstanceHome/Products/CMFEmployment/JobPosting.p y, line 255, in getEditView (Object: DynamicType) File /home/zope/ZopeInstallation/ZopeSoftwareHome/lib/python/Products/CMFCore/FSD TMLMethod.py, line 180, in __call__ (Object: job_edit_form) File /home/zope/ZopeInstallation/ZopeSoftwareHome/lib/python/DocumentTemplate/DT_ String.py, line 540, in __call__ (Object: job_edit_form) File /home/zope/ZopeInstallation/ZopeSoftwareHome/lib/python/Products/CMFCore/FSD TMLMethod.py, line 175, in __call__ (Object: standard_html_header) File /home/zope/ZopeInstallation/ZopeSoftwareHome/lib/python/DocumentTemplate/DT_ String.py, line 540, in __call__ (Object: standard_html_header) File /home/zope/ZopeInstallation/ZopeSoftwareHome/lib/python/DocumentTemplate/DT_ Util.py, line 333, in eval (Object: _.hasattr(this(),'isEffective') and not isEffective(ZopeTime() )) (Info: this) File /home/zope/ZopeInstallation/ZopeSoftwareHome/lib/python/Products/CMFCore/FSD TMLMethod.py, line 198, in validate (Object: job_edit_form) File /home/zope/ZopeInstallation/ZopeSoftwareHome/lib/python/AccessControl/Securi tyManager.py, line 144, in validate File /home/zope/ZopeInstallation/ZopeSoftwareHome/lib/python/AccessControl/ZopeSe curityPolicy.py, line 225, in validate Unauthorized: (see above) I think quite a few people could run into this, when trying to Proxy content manipulation to non-logged into user, i.e. allowing people who are not logged into submitContent (but proxying them off as if they were a logged in Member -- in this case PUBLIC) .. I am going about this the correct way, I believe. ? I also tried to 'customize' the FSDTMLMethod and proxy it as Manager/Reviewer/Member and it still gives me the same error ;'( thanks, ~runyaga _______________________________________________ Zope-Dev maillist - [EMAIL PROTECTED] http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )