Hi,

I have a fairly simple get-to-know Zope app. I'm using parts of the
user authentication in Philipp's book (2nd) to allow barebones user
registration. For now just the SignUp and the CookieCredentials
plugins.

In a nutshell I have a content type that I'm allowing users to write
reviews about. I'm using ViewReviews and AddReviews permissions.
ViewReviews is granted to my Visitor role.

I've defined a view displays all reviews for a piece of content. It is
viewable by my Visitor role when anonymous. However when I login, I
lose the ability to view the list of reviews (do not have permission).
I have granted both my Visitor and Member roles to new principals via
the SignUp plugin. Strangely I can still view single reviews if
manually type in their location as contained objects--this view uses
the same ViewReviews permission. Other permissions granted to the
Visitor role work for both anonymous and logged-in users.

Can anyone suggest ways of debugging this behavior? I'm still getting
up to speed on debugging in general and figuring out how this could be
happening. It would be nice to examine some sort of record of the
permissions check being performed in the problematic example so I can
figure out what I'm doing wrong. Is this possible?

Thank you,
Sam
_______________________________________________
Zope3-users mailing list
Zope3-users@zope.org
http://mail.zope.org/mailman/listinfo/zope3-users

Reply via email to