On 22 Nov 2005, at 20:08, Dieter Maurer wrote:
You have lost the thread's start:
George's problem has been that he could not move an object
in an *EXTERNAL METHOD*, i.e. in trusted filesystem code.
He would have the same problem in a filesystem product.
The problem is that "CopySuppor
Jens Vagelpohl wrote at 2005-11-20 19:01 +0100:
> ...
>IMHO proxy roles should be used extremely sparingly, if at all. They
>are a last resort and I personally never use them. Matter of fact I
>believe having to use them means the application design could use
>some improvement...
>
>If someth
George Lee wrote at 2005-11-20 12:47 -0500:
>Is there much buzz about this in CMF developer land?
Apart from regular problem reports (usually in the Plone mailing list),
there are few talks about proxy roles.
--
Dieter
___
Zope maillist - Zope@zope.o
On 20 Nov 2005, at 18:47, George Lee wrote:
Great, thanks much.
Is there much buzz about this in CMF developer land? It seems like
proper proxy roles handling, and like you said what Zope 3 security
will do to it, are pretty important and will come up quite often (all
I was doing, after all, w
Great, thanks much.
Is there much buzz about this in CMF developer land? It seems like
proper proxy roles handling, and like you said what Zope 3 security
will do to it, are pretty important and will come up quite often (all
I was doing, after all, was trying to move an object upon workflow
change
George Lee wrote at 2005-11-19 00:46 -0500:
>In CMFCore 1.5.4:
>
>If a low-security-clearance user calls an external method that pastes
>an object from a PortalFolder, he gets an error because the following
>line in CMFCore.PortalFolder fails:
>
>if not sm.checkPermission(DeleteObjects, parent):
>
In CMFCore 1.5.4:
If a low-security-clearance user calls an external method that pastes
an object from a PortalFolder, he gets an error because the following
line in CMFCore.PortalFolder fails:
if not sm.checkPermission(DeleteObjects, parent):
raise AccessControl_Unauthorized
This is even the