That worked immediately...  Thank you sir.

other than "being really smart", how did you know to look at that?  I
guess I don't understand some of the implied permissions, esp when
they contradict what I put in the zcml.  is there a writeup of the
security chain on the zope3 application server startup somewhere that
I can read through to have a better idea of how that works?  I hate
sending questions to the list if I could have just read it myself
somewhere.

On 3/29/06, Michael Howitz <[EMAIL PROTECTED]> wrote:
> Am Mittwoch, den 29.03.2006, 01:56 -0500 schrieb Pete Taylor:
> > Hi all (yet again ;) ),
> > I ran into this issue on a project I worked on before, but I ended up
> > changing the design before  it became a significant issue.  this time
> > around, i don't see a way by it.
> >
> > i have a class that derives from Folder (or BTreeContainer, it doesn't
> > really matter for this).  in configure.zcml, i set it up as follows:
> >          <content class=".consumer.Consumer">
> >             <implements
> >
> > interface="zope.app.annotation.interfaces.IAttributeAnnotatable"
> >          />
> >             <require
> >                 permission="zope.ManageContent"
> >                 interface="zope.app.container.interfaces.IReadContainer"
> >                 />
> >             <require
> >                 permission="zope.ManageContent"
> >                 interface="zope.app.container.interfaces.IWriteContainer"
> >                 />
> >             <require
> >                 permission="zope.ManageContent"
> >                 interface=".interfaces.consumer.IConsumer"
> >                 />
> >             <require
> >                 permission="zope.ManageContent"
> >                 set_schema=".interfaces.consumer.IConsumer"
> >                 />
> >         </content>
> >
> > this doesn't work.  putting in the third-down require statement breaks
> [ ... ]
> > I've put the traceback below...
> >
> > Traceback (most recent call last):
> >   File "bin/runzope", line 48, in ?
> >     run()
> >   File "bin/runzope", line 44, in run
> >     main(["-C", CONFIG_FILE] + sys.argv[1:])
> >   File "/opt/zope3//lib/python/zope/app/twisted/main.py", line 74, in main
> >     service = setup(load_options(args))
> >   File "/opt/zope3//lib/python/zope/app/twisted/main.py", line 139, in setup
> >     zope.app.appsetup.config(options.site_definition, features=features)
> >   File "/opt/zope3//lib/python/zope/app/appsetup/appsetup.py", line
> > 110, in config
> >     context = xmlconfig.file(file, context=context, execute=execute)
> >   File "/opt/zope3//lib/python/zope/configuration/xmlconfig.py", line
> > 556, in file
> >     context.execute_actions()
> >   File "/opt/zope3//lib/python/zope/configuration/config.py", line
> > 606, in execute_actions
> >     for action in resolveConflicts(self.actions):
> >   File "/opt/zope3//lib/python/zope/configuration/config.py", line
> > 1511, in resolveConflicts
> >     raise ConfigurationConflictError(conflicts)
> > zope.configuration.config.ConfigurationConflictError: Conflicting
> > configuration actions
> >   For: ('protectName', <class 'petetest.consumer.Consumer'>, '__contains__')
> >     File "/usr/lib/python2.4/site-packages/petetest/configure.zcml",
> [ ... ]
>
> This is because your Interface IConsumer extends the
> IContainer-Interface. In Zope3 security declarations can only be done
> once on a content class, but if you extend from IContainer in both
> require statements (for IConsumer and IReadContainer) a permission is
> declared.
>
> Solution: Let ICustomer extend zope.interface.Interface. Because your
> implementation of ICustomer extends BTreeContainer it also interhits the
> implements statement for IContainer.
>
> HTH,
>  mac
>
>


--
"All guilt is relative, loyalty counts, and never let your conscience
be your guide."
  - Lucas Buck, American Gothic
_______________________________________________
Zope3-users mailing list
Zope3-users@zope.org
http://mail.zope.org/mailman/listinfo/zope3-users

Reply via email to