I have a problem in Zope 3.2.0 using schema.getFieldsInOrder in a view
that has permission zope.Public. When I'm trying the view as an
anonymous user, I get the error
Unauthorized (<zope.schema._bootstrapfields.Text object at 0xb694f48c>, 'order',
'zope.ManageContent'). Doing it as Manager, everything is fine as expected.

This exception is triggered inside schema.getFieldsInOrder and it seems that every field description attribute has zope.ManageContent permissions where the content
objects allow public viewing.

I created a simple PersonContainer/Person example application and tried the view on this application. Guess what, everything is working. The view gets published with zope.Public permission. I have no clue, why my original application does not behave like the example.

My Question is: What is needed to set the permission for field descriptions to zope.ManageContent ? This is somewhat in reverse, but with some hints it's possibly easier to find the bug in my other

Here is the view from my (working) example application. The view looks the same in my other
application, but requires to be logged in as Manager.

from zope import schema
from schematesting.interfaces import IPerson

class Details(object):
    def getDetails(self):
        fields = schema.getFieldsInOrder(IPerson)
        data = dict([(i,getattr(self.context,i,None))
                     for i in schema.getFieldNamesInOrder(IPerson)])
        return {'fields':fields,

And the template:

<html metal:use-macro="views/standard_macros/view">
    <div metal:fill-slot="body" tal:define="details view/getDetails">
        <span tal:repeat="field details/fields">
          <span tal:replace="python:field[1].title"></span>:
<span tal:replace="python:details['data'][field[0]]"></span><br />

Thanks for any hint.
- Andreas

Zope3-users mailing list

Reply via email to