If anyone can help me with this, it'd give me more faith in the new
security model :-S

Right, I have a Python Product Class (lots of bits left out ;-):

> class MyProduct(OFS.SimpleItem.SimpleItem): 
>     """...
>     """
>     __ac_permissions__=(
>       ('Use MyProduct'     ,    ('a_method',),('Manager',)),
>       )
>     a_methodisDocTemp=1
>     def a_method(self,ignored,md):
>         list = []
>         for name in self.get_contents():
>             list.append(DisplayClass(name,self))
>         return list 

The important bits of DisplayClass look like:

> class DisplayClass(Globals.Persistent):
>     """ """
>     __allow_access_to_unprotected_subobjects__=1
>     meta_type = 'CaseDisplay'
>     __ac_permissions__=(
>       ('View',    ('get_name',),('Anonymous',)),
>       )


>     def get_name(self):
>         return self._name

Now, I have a DTML method which goes like:

> <dtml-with an_instance_of_MyProduct>
>  <dtml-in a_method>
>   <B><dtml-var sequence-item html_quote>:</B>
>   <dtml-var get_name><BR>
>  </dtml-in>
> </dtml-with>

Which _always_ throws up an authentication box when a_method returns
anything except an empty list. no matter what username or password I
use, that box still appears.

What I would like is for the get_name and a_method methods to be mapped
to permissions so I can manage access to them using the security tab.
How should I do that?

BTW, in an attempt to get the method accessible in _some_ way I have
- setting __allow_access_to_unprotected_subobjects__=1 in both the
MyProduct and DisplayClass classes.
- setting get_name__roles__=None in the DisplayClass.
- giving every conceivable permission to both the Anonymous and Manager
roles in the folder containing the MyProduct instance

None of which feel like a good way to go, but nevertheless, none of them
The only way I coudl solve the problem was to give the DTML Method the
'Manager' proxy role, then everything worked fine.
Why is that?
What's _is_ going on?

Confused and Frustrated (isn't that always the way with Zope security?!)


Zope-Dev maillist  -  [EMAIL PROTECTED]
**  No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope )

Reply via email to