Replying to my own post as I just found the answer to my problem (which had nothing to do with the version of zope).

The problem was that when I mass-imported some folders to the new instance, I didn't check to retain the ownership information; thus the templates where executed whith the credentials of the Anonymous role.

Sorry for bothering, I hope someone finds this post usefull in the future,

PS: setting the verbose-security on was of great help in order to address this issue

Pablo Ziliani wrote:

I am having a very tough time with permissions after I have upgraded to 2.8.4 from 2.8.1, and I would really appreciate some help as I have exhausted my imagination trying to figure what's wrong.

I have the following structure in my zope instance:

zope root
|---- sites
|----|---- admin
|----|---- website

Inside the folder admin I have some templates using a macro named "page" in a sibling template. The folder "sites" has some checks marked in the security tab, but this is supposed to be ineffective since all the permissions are also acquiring from the root folder. The folder "admin" has the default permissions but for the "View" and "Access Content Information", which I only made available for Managers and some other irrelevant roles. Pages inside admin (i.e.: "users.html") have additional security configurations, but in all cases Managers are explicitly allowed. The "website" folder is the virtual domain, so when I call I am in fact acquiring the folder from above the site root (website). However, this doesn't seem to be the problem: the same occurs if I move admin inside website. My user is defined in the zope root and although there's another acl_folder in "sites" there's no user there with my same id. The odd thing is that if I (also) check all the "Acquire permissions settings" checkbox in admin, I will be able to access the macro but then the macro page won't be able to access some methods i.e."template/title_or_id". I think this should not happen, Managers are always (explicitly!) allowed all along the path from the root to each page.

As said, this was working fine in 2.8.1.
Any help or hint would be greatly appreciated,
TIA,  Pablo

PS: this is the traceback:

Request URL
Exception Type     Unauthorized
Exception Value     Not authorized to access binding: context

Traceback (innermost last):

   * Module ZPublisher.Publish, line 113, in publish
   * Module ZPublisher.mapply, line 88, in mapply
   * Module ZPublisher.Publish, line 40, in call_object
   * Module Shared.DC.Scripts.Bindings, line 311, in __call__
   * Module Shared.DC.Scripts.Bindings, line 348, in _bindAndExec
   * Module Products.PageTemplates.ZopePageTemplate, line 256, in _exec
   * Module Products.PageTemplates.PageTemplate, line 104, in pt_render
     <ZopePageTemplate at /sites/admin/users.html>
   * Module TAL.TALInterpreter, line 206, in __call__
   * Module TAL.TALInterpreter, line 250, in interpret
   * Module TAL.TALInterpreter, line 697, in do_useMacro
   * Module Products.PageTemplates.TALES, line 221, in evaluate
     URL: /sites/admin/users.html
     Line 4, Column 0
     Expression: standard:'here/template_admin.html/macros/page'

{'container': <UnauthorizedBinding: container>,
'context': <UnauthorizedBinding: context>,
'default': <Products.PageTemplates.TALES.Default instance at 0xb7516c4c>,
'here': <UnauthorizedBinding: context>,
'loop': <Products.PageTemplates.TALES.SafeMapping object at 0xb3ee062c>,
'modules': <Products.PageTemplates.ZRPythonExpr._SecureModuleImporter instance at 0xb7528b4c>,
'nothing': None,
'options': {'args': ()},
'repeat': <Products.PageTemplates.TALES.SafeMapping object at 0xb3ee062c>,
'request': <HTTPRequest, URL=>,
'root': <Application at >,
'template': <ZopePageTemplate at /sites/admin/users.html>,
'traverse_subpath': [],
'user': pablo}

   * Module Products.PageTemplates.Expressions, line 185, in __call__
   * Module Products.PageTemplates.Expressions, line 173, in _eval
   * Module Products.PageTemplates.Expressions, line 127, in _eval
     __traceback_info__: here
* Module Products.PageTemplates.Expressions, line 284, in restrictedTraverse __traceback_info__: {'path': ['template_admin.html', 'macros', 'page'], 'TraversalRequestNameStack': ['page', 'macros']}
   * Module Shared.DC.Scripts.Bindings, line 180, in __getattr__
   * Module Shared.DC.Scripts.Bindings, line 187, in __you_lose

Unauthorized: Not authorized to access binding: context

Zope maillist  -
**   No cross posts or HTML encoding!  **
(Related lists - )

Reply via email to