On Sun, Feb 11, 2007 at 09:24:34AM +0100, FB wrote: > On Sun, Feb 11, 2007 at 01:16:51AM +0100, Dominique Lederer wrote: > > i created a trusted adapter on a content object. > > then i created a formlib edit page for the ZMI, to be able to edit the > > new attributes on the adapted content object. the adapters interface is > > correctly rendered to the form. > > > > if i try to edit, an unauthorized error is shown, which i also get, when > > i register the user as Site Manager via Grant in the ZMI. > > The global admin *can* edit the adapters attributes (the one which is > > set globally via ZCML).
For future reference, when you get into a situation when the global manager can do something, but a local manager cannot, know what you have a broken __parent__ chain somewhere. Every object that has security declarations and can be security proxied must have a valid __parent__ chain leading to the ZODB root, or you will have problems like this. > > i registered the adapter like this: > > <adapter factory=".MyClassAnnotations" > > trusted="true" /> > > Try to add the attribute 'locate="true"' to the adapter-statement. Cool, I didn't know about that one. I'd've suggested setting the adapter's __parent__ manually in the constructor. Marius Gedminas -- Where do you think you're going today?
Description: Digital signature
_______________________________________________ Zope3-users mailing list Zope3firstname.lastname@example.org http://mail.zope.org/mailman/listinfo/zope3-users