Re: [Zope] problem accessing object as anonymous

2009-04-22 Thread robert rottermann 
oh, I am using plone 2.5x here with Zope 2.9.8-final, python 2.4.6, linux2
robert
robert rottermann schrieb:
 Hi there,
 I try to find out, why  in an intranet accessing an object from a link sendt 
 by
 email is not possible.
 situation:
 a user from a plone intranet sends a link to a dokument within the intranet 
 to a
 colleague.
 if that colleague clicks on the link while *not logged* into the intranet she 
 is
 presented with the *browser* login box repeatedly. entering the credential 
 does
 not help.
 the error log shows that access to the document is forbidden for the document
 for the user Anonymous
 
 while debugging I found out, that the __roles__ property of a given document 
 is
 a tuple of the form
 ('GroupMember', 'Guest', 'Manager', 'FolderManager', 'Owner')
 
 if I copy the same document to a vanilla plone site its __roles__ property is
 ['Anonymous', 'Manager', 'Reviewer', 'Manager', 'Anonymous']
 
 
 I have the impression, that when 'Anonymous' is part of __roles__, access to 
 the
 object is possible. without it, access fails.
 
 now my questions:
 is the assumption, that the failed acces is caused by the missing 'Anonymous'
 role in __roles__ correct?
 
 if yes: what controls the setting of __roles__
 
 if not: what could be the reason of the fact, that users are not presented the
 cookieCrumbler-base plone login is not presented?
 
 thanks very much for your help
 robert
 
 
 
 ___
 Zope maillist  -  Zope@zope.org
 http://mail.zope.org/mailman/listinfo/zope
 **   No cross posts or HTML encoding!  **
 (Related lists - 
  http://mail.zope.org/mailman/listinfo/zope-announce
  http://mail.zope.org/mailman/listinfo/zope-dev )
 
 

___
Zope maillist  -  Zope@zope.org
http://mail.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope-dev )

Re: [Zope] problem accessing object as anonymous

2009-04-22 Thread robert rottermann 

robert rottermann schrieb:
 Hi there,
 I try to find out, why  in an intranet accessing an object from a link sendt 
 by
 email is not possible.
 situation:
 a user from a plone intranet sends a link to a dokument within the intranet 
 to a
 colleague.
 if that colleague clicks on the link while *not logged* into the intranet she 
 is
 presented with the *browser* login box repeatedly. entering the credential 
 does
 not help.
 the error log shows that access to the document is forbidden for the document
 for the user Anonymous
 
 while debugging I found out, that the __roles__ property of a given document 
 is
 a tuple of the form
 ('GroupMember', 'Guest', 'Manager', 'FolderManager', 'Owner')
 
 if I copy the same document to a vanilla plone site its __roles__ property is
 ['Anonymous', 'Manager', 'Reviewer', 'Manager', 'Anonymous']
 

I found out more:
this dropping of 'Anonymous' and converting to a tuple only happens when I use
our own workflow.
if I use the standard plone workflow so I wonder, what can provoke this?

robert

 
 I have the impression, that when 'Anonymous' is part of __roles__, access to 
 the
 object is possible. without it, access fails.
 
 now my questions:
 is the assumption, that the failed acces is caused by the missing 'Anonymous'
 role in __roles__ correct?
 
 if yes: what controls the setting of __roles__
 
 if not: what could be the reason of the fact, that users are not presented the
 cookieCrumbler-base plone login is not presented?
 
 thanks very much for your help
 robert
___
Zope maillist  -  Zope@zope.org
http://mail.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope-dev )

Re: [Zope] problem accessing object as anonymous

2009-04-22 Thread Tres Seaver 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

robert rottermann wrote:

 while debugging I found out, that the __roles__ property of a given document 
 is
 a tuple of the form
 ('GroupMember', 'Guest', 'Manager', 'FolderManager', 'Owner')

 if I copy the same document to a vanilla plone site its __roles__ property is
 ['Anonymous', 'Manager', 'Reviewer', 'Manager', 'Anonymous']

 
 I found out more: this dropping of 'Anonymous' and converting to a
 tuple only happens when I use our own workflow. if I use the standard
 plone workflow so I wonder, what can provoke this?

The tuple form is how the classic Z2 security policy spells don't
acquire under the hood (it goes all the way back to bobo, I think).
My guess is that the state in your custom workflow has the 'acquire'
flag unchecked:  you need either to add permissions for Anonymous on
that state, or else check the acquire checkbox.


Tres.
- --
===
Tres Seaver  +1 540-429-0999  tsea...@palladion.com
Palladion Software   Excellence by Designhttp://palladion.com
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFJ7z0i+gerLs4ltQ4RAgh/AKDO7d13bqX3dW5BvsoYSryGNDyGEwCgq8bp
1Y3ds5ROL1n5qyBZelIObDw=
=oG9u
-END PGP SIGNATURE-

___
Zope maillist  -  Zope@zope.org
http://mail.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-announce
 http://mail.zope.org/mailman/listinfo/zope-dev )