Velko Ivanov wrote:

My bigger problem is that when I grant zope.Manager to an user in the principals folder, it somehow doesn't get all permitions. I can still manage the site and do everything, except use DA connections (psycopgDA ones to be specific, I didn't check Gadfly), which require . Even when I grant the 'Use database connections' permission explicitly, the user is still unable to use psycopgDA. The etc/principals.zcml user with zope.Manage role is able to use the DA.

I never used DA connections, but I think that artefact might be caused by a more general problem: If adapters are not locatable only the global authentication can be invoked. Therefore local principals its privilege are not included. Provide ILocation by those adapters, use the 'locatalbe' attribute of the adapter directive (-> location proxied) or set the permission explicitly to zope.Public.


Zope3-dev mailing list

Reply via email to