On Tuesday, January 13, 2004, at 11:21 PM, Travis Miller wrote:

hi Dirk,

i just (configure/make/make install)ed Zope-2.7.0-b4 and i immediately ran into the .min/.max/... security changes when i tried to rename an object through the ZMI.

I got around the min/max by adding them to the list on RestrictedPython/Guards.py.


But b4 seemed to make any script trying to pass a zero-value parameter raise unauthorized exceptions. Code like

ob.edit( is_exemplar=0 )

non longer worked. Traceback from another attempt attached below, when "notify_instantly" was set to 0. (Passing an integer 1 *would* work.)

Roger

Traceback (most recent call last):
File "/usr/local/zope/App/lib/python/ZPublisher/Publish.py", line 100, in publ
ish
request, bind=1)
File "/usr/local/zope/App/lib/python/ZPublisher/mapply.py", line 88, in mapply
if debug is not None: return debug(object,args,context)
File "/usr/local/zope/App/lib/python/ZPublisher/Publish.py", line 40, in call_
object
result=apply(object,args) # Type s<cr> to step into published object.
File "/usr/local/zope/App/lib/python/Products/CMFCore/FSPythonScript.py", line
92, in __call__
return Script.__call__(self, *args, **kw)
File "/usr/local/zope/App/lib/python/Shared/DC/Scripts/Bindings.py", line 261,
in __call__
return self._bindAndExec(args, kw, None)
File "/usr/local/zope/App/lib/python/Shared/DC/Scripts/Bindings.py", line 292,
in _bindAndExec
return self._exec(bound_data, args, kw)
File "/usr/local/zope/App/lib/python/Products/CMFCore/FSPythonScript.py", line
126, in _exec
result = apply(f, args, kw)
File "Script (Python)", line 55, in post_feedback
File "/usr/local/zope/App/lib/python/AccessControl/ZopeGuards.py", line 349, i
n guarded_apply
return builtin_guarded_apply(func, args, kws)
File "/usr/local/zope/App/lib/python/AccessControl/ZopeGuards.py", line 371, i
n builtin_guarded_apply
return func(*arglist, **argdict)
File "/usr/local/zope/App/lib/python/Products/CMFCore/PortalFolder.py", line 3
62, in invokeFactory
, kw
File "/usr/local/zope/App/lib/python/Products/CMFCore/TypesTool.py", line 824,
in constructContent
ob = apply(info.constructInstance, (container, id) + args, kw)
File "/usr/local/zope/App/lib/python/Products/CMFCore/TypesTool.py", line 513,
in constructInstance
id = apply( m, args, kw ) or id # allow factory to munge ID
File "/usr/local/zope/M2K3/Products/Mousetrap/FeedbackPost.py", line 84, in ad
dFeedbackPost
o.setupFeedbackType(defaults=kw)
File "/usr/local/zope/M2K3/Products/Mousetrap/FeedbackPost.py", line 124, in s
etupFeedbackType
method(defaults=defaults)
File "/usr/local/zope/App/lib/python/Products/CMFCore/FSPythonScript.py", line
92, in __call__
return Script.__call__(self, *args, **kw)
File "/usr/local/zope/App/lib/python/Shared/DC/Scripts/Bindings.py", line 261,
in __call__
return self._bindAndExec(args, kw, None)
File "/usr/local/zope/App/lib/python/Shared/DC/Scripts/Bindings.py", line 292,
in _bindAndExec
return self._exec(bound_data, args, kw)
File "/usr/local/zope/App/lib/python/Products/CMFCore/FSPythonScript.py", line
126, in _exec
result = apply(f, args, kw)
File "Script (Python)", line 5, in apply_CommentSchema
File "/usr/local/zope/App/lib/python/AccessControl/ZopeGuards.py", line 349, i
n guarded_apply
return builtin_guarded_apply(func, args, kws)
File "/usr/local/zope/App/lib/python/AccessControl/ZopeGuards.py", line 369, i
n builtin_guarded_apply
guard(kws, v, k)
File "/usr/local/zope/App/lib/python/AccessControl/ZopeGuards.py", line 219, i
n guard
if getSecurityManager().validate(container, container, index, value):
File "/usr/local/zope/App/lib/python/AccessControl/ImplPython.py", line 263, i
n validate
raise Unauthorized(name, value)
Unauthorized: You are not allowed to access 'notify_instantly' in this context



_______________________________________________
Zope-Dev maillist - [EMAIL PROTECTED]
http://mail.zope.org/mailman/listinfo/zope-dev
** No cross posts or HTML encoding! **
(Related lists - http://mail.zope.org/mailman/listinfo/zope-announce
http://mail.zope.org/mailman/listinfo/zope )

Reply via email to