Ok, this is driving me slightly nutso.

Why won't this work in Zope 2.2? Make a DTML method containing:

<dtml-with "manage_addProduct['ZCatalog']">
  <dtml-call "manage_addVocabulary(id='doofus')">
</dtml-with>

I cannot find a way to make the security system let this through. method
is owned and executed by a user who is a manager, no wierd permissions,
nothing. I get a permission failure trying to look up and access the
'manage_addVocabulary' method.

The example of ZCatalog.Vocabulary is simply chosen because it is a standard
product that is a) a python product, b) using the "new-style" __init__ 
method (as opposed to the ancient one). The actual product I'm seeing
the problem on is a bit more complex, but Vocab will do.

It's been driving me insane for most of this evening - I'm positive 
you _used_ to be able to do stuff like this, and it works when the 
product is a ZClass-based one... 

I've pretty much convinced myself it's a bug in the 2.2 security system...

Anyone? Brian?

Anthony
--
Anthony Baxter     <[EMAIL PROTECTED]>
It's never too late to have a happy childhood.

_______________________________________________
Zope maillist  -  [EMAIL PROTECTED]
http://lists.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://lists.zope.org/mailman/listinfo/zope-announce
 http://lists.zope.org/mailman/listinfo/zope-dev )

Reply via email to