----- Original Message ----- 
From: "Dieter Maurer" <[EMAIL PROTECTED]>
To: "Kees de Brabander" <[EMAIL PROTECTED]>
Cc: <zope@zope.org>
Sent: Thursday, December 15, 2005 5:54 PM
Subject: Re: [Zope] user account defined outside context of object being

> Kees de Brabander wrote at 2005-12-13 22:40 +0100:
> > ...
> >  Module AccessControl.ImplPython, line 449, in validate
> >  Module AccessControl.ImplPython, line 774, in raiseVerbose
> >Unauthorized: Your user account is defined outside the context of the
> >being accessed.  Access to 'f1_index' of (Folder at /f1), acquired
> >(Folder at /f1/f11/f111), denied. Your user account, user1, exists at
> >/f1/f11/acl_users. Access requires one of the following roles:
> >['Authenticated', 'Manager', 'Owner', 'student'].
> A user defined in "/f1/f11/acl_users" tries to access the protected
> "/f1/f1_index". This is not allowed by Zope security system:
> a user defined in a user folder can only access protected objects
> "governed" by this user folder.
> In your case, all objects at or below "/f1/f11" is governed by
> your user folder ("/f1/f11/acl_users"). "/f1/f1_index" does not lie
> within this hierarchy and is therefore not governed.

I am painfully aware now that this is the case, at least starting from zope
2.7.8. I have not tested all versions of zope, but at least up to 2.7.3 zope
had no problem with such a set up.

Zope maillist  -  Zope@zope.org
**   No cross posts or HTML encoding!  **
(Related lists - 
 http://mail.zope.org/mailman/listinfo/zope-dev )

Reply via email to