OK, lets try on THIS mailing list, then. :) TopicIndexes can have expressions as filters. Like for example: "getattr(o, 'portal_type', None) not in ('Section', 'Workspace')" Where o is the object that are being indexed.
But, this being an expression, it's protected, and therefore, a getattr becomes a guarded_gettatr. guarded_getattr does it's security check by doing: validate = SecurityManagement.getSecurityManager().validate aq_acquire(inst, name, aq_validate, validate) Where in this case inst will be the object that is being indexed. aq_acquire will, if the first parameter is not an AcquisitionWrapper, and the third parameter is not None, wrap the object. Now, in most CMF cases, the object is an IndexableObjectWrapper, wrapping an Acquisition wrapped object. So, aq_acquire will Acquicision wrap the IndexableObjectWrapper, with the result that the object being used now has no context! Then, it passes this to validate, who in turn passes it to allowed, who check that the object has the users user folder in it's context. And it hasn't, because it has no context. *blam* You get an AuthorizedError, and the object does not get indexed. OK, there are several ways to fix this, one being to not use getattr. But there is still something missing from my understandning of all this: - Not every object has this problem! Why, I have no idea. I had his problem in two products, and in ONE of them, it disappeared when I introduced the otherwise useless PropertyManager as a baseclass. The other product already has propertymanager as a baseclass! Any insight into this would be appreciated. //Lennart -- Lennart Regebro, Nuxeo http://www.nuxeo.com/ CPS Content Management http://www.cps-project.org/ _______________________________________________ Zope-CMF maillist - Zope-CMF@lists.zope.org http://mail.zope.org/mailman/listinfo/zope-cmf See http://collector.zope.org/CMF for bug reports and feature requests