Velko Ivanov wrote:
My bigger problem is that when I grant zope.Manager to an user in the
principals folder, it somehow doesn't get all permitions. I can still
manage the site and do everything, except use DA connections
(psycopgDA ones to be specific, I didn't check Gadfly), which require
zope.app.rdb.Use . Even when I grant the 'Use database connections'
permission explicitly, the user is still unable to use psycopgDA. The
etc/principals.zcml user with zope.Manage role is able to use the DA.
I never used DA connections, but I think that artefact might be caused
by a more general problem: If adapters are not locatable only the global
authentication can be invoked. Therefore local principals its privilege
are not included. Provide ILocation by those adapters, use the
'locatalbe' attribute of the adapter directive (-> location proxied) or
set the permission explicitly to zope.Public.
Zope3-dev mailing list