John Hunter wrote at 2005-6-15 14:42 -0500:
> Dieter> Thus, the primary problem is that "mentor" magically
> Dieter> does not have a "__roles__" attribute or (maybe) that it
> Dieter> was never expected to be accessed via the
> Dieter> "FactoryDispatcher".
>My classes are all defined through the old ZClass mechanism and I
>don't see any way to fix the problem on my end. I've added these
>security assertions and roles when writing pure python products, but
>do not know how to do it with ZClasses (is it possible?)
>Is this a bug in my ZClasses or a zope bug?
I did not yet analyse how ZClass security works.
My ZClasses work but I still use Zope 2.7.2 and
several security tighening measures in 2.7.3 introduced a lot
of problems. Maybe, also for ZClasses...
In your product, you have an "mentor_add_permission"
and in the "Define permissions tab" of your mentor ZClass,
you map "Create class instances" to this (or another existing)
Zope maillist - Zope@zope.org
** No cross posts or HTML encoding! **
(Related lists -