I am getting a ForbiddenAttribute error on 'render' when I try to display
a viewlet in my Zope2 application.

I am running zope 2.11.2 + Five. I am currently working on integrating
grok + z3c.form into our stack.

I have security a problem configuring the
z3c.formjs.interfaces.IDynamicJavaScript viewlet.

The viewlet configuration (in z3c.formjs) seems standard...

  <browser:viewlet
      name="z3c.formjs.subscriptions"
      manager=".interfaces.IDynamicJavaScript"
      view="z3c.formjs.interfaces.IHaveJSSubscriptions"
      class="z3c.formjs.jsevent.JSSubscriptionsViewlet"
      permission="zope.Public"
      layer="z3c.form.interfaces.IFormLayer"
      />

The viewlet is very standard.

When I run the system, the viewlet is wrapped using the
Products.Five.viewlet.metaconfigure functionality to provide a wrapped
viewlet.

However, when I run the application, I get this error...

  Module zope.viewlet.manager, line 107, in update
  Module zope.viewlet.manager, line 85, in filter
  Module zope.security.checker, line 134, in canAccess
ForbiddenAttribute: ('render',
<Products.Five.viewlet.metaconfigure.JSSubscriptionsViewlet object at
0x84c0410>)

It appears to me that, at runtime, an incorrect 'checker' is being picked
up. I believe that I should be seeing a call to
Products/Five/security.py:checkPermission, but I believe I am picking up a
different checker.

I cannot seem to debug the checker, even though I set
security-policy-implementation python in the zope.conf.

Other (possibly) relevant information...

(Pdb) adapter.__class__
<class 'Products.Five.viewlet.metaconfigure.JSSubscriptionsViewlet'>

(Pdb) from Products.Five.security import getSecurityInfo
(Pdb) getSecurityInfo(adapter.__class__)
{'render__roles__': None, 'update__roles__': None, '__roles__': None,
'__ac_permissions__': ()}

(Pdb) from zope.security.management import thread_local
(Pdb) thread_local.interaction
<Products.Five.security.FiveSecurityPolicy object at 0x84c0650>



_______________________________________________
Zope3-users mailing list
Zope3-users@zope.org
http://mail.zope.org/mailman/listinfo/zope3-users

Reply via email to