[Zope] subscribe

Khachatur Yengibaryan Thu, 16 Feb 2006 23:26:52 -0800

[EMAIL PROTECTED] wrote:

Send Zope mailing list submissions to
        zope@zope.org


To subscribe or unsubscribe via the World Wide Web, visit
        http://mail.zope.org/mailman/listinfo/zope
or, via email, send a message with subject or body 'help' to
        [EMAIL PROTECTED]

You can reach the person managing the list at
        [EMAIL PROTECTED]

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Zope digest..."


Today's Topics:

  1. Re: Error Value: 'File' object has no      attribute
     'manage_fixupOwnershipAfterAdd' (Jens Vagelpohl)
  2. Re: Re: restricting permissions for direct access only
     (Chris Withers)
  3. Re: Zope 2.9 and SSL (Chris Withers)
  4. Re: Granting access by reading http headers (Chris Withers)
  5. Re: Re: restricting permissions for direct access only
     (Chris Withers)
  6. Re: installing PIL on Window Zope (Josef Meile)
  7. SSL & Digest Auth (Chris Withers)
  8. Re: Re: installing PIL on Window Zope (Tino Wildenhain)
  9. Re: Zope 2.9 and SSL (Janusz Zamecki)
 10. Re: Re: restricting permissions for direct access only
     (Chris Withers)
 11. Re: Re: restricting permissions for direct access only
     (Chris Withers)
 12. Re: Zope 2.9 and SSL (Michael Haubenwallner)
 13. Re: installing PIL on Window Zope (Allen Huang)
 14. Re: SSL & Digest Auth (michael nt milne)
 15. Re: Error Value: 'File' object     has     no      attribute
     'manage_fixupOwnershipAfterAdd' (Roman Klesel)
 16. Re: SSL & Digest Auth (Andrew Milton)
 17. Re: Re: Re: major problems placing authentication on an
     extranet site-security flaw? (michael nt milne)
 18. Re: Error Value: 'File' object     has     no      attribute
     'manage_fixupOwnershipAfterAdd' (Stefan H. Holek)
 19. Re: SSL & Digest Auth (michael nt milne)
 20. Re: Error Value: 'File' object     has     no      attribute
     'manage_fixupOwnershipAfterAdd' (Roman Klesel)
 21. Re: installing PIL on Window Zope (Josef Meile)
 22. Re: Error Value: 'File'    object  has     no      attribute
     'manage_fixupOwnershipAfterAdd' (Roman Klesel)
 23. Re: restricting permissions for direct access only
     (Michael Shulman)
 24. Re: restricting permissions for direct access only (Tres Seaver)
 25. Re: Re: Re: major problems placing authentication on an
     extranet site-security flaw? (Floyd May)
 26. Re: Error Value: 'File' object     has     no      attribute
     'manage_fixupOwnershipAfterAdd' (Roman Klesel)


----------------------------------------------------------------------

Message: 1
Date: Thu, 16 Feb 2006 09:59:58 +0000
From: Jens Vagelpohl <[EMAIL PROTECTED]>
Subject: Re: [Zope] Error Value: 'File' object has      no      attribute
        'manage_fixupOwnershipAfterAdd'
To: zope list user <zope@zope.org>
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed


On 16 Feb 2006, at 09:33, Roman Klesel wrote:

Hello Bruno,

bruno desthuilliers schrieb:

What's wrong with:

container.manage_addProduct['OFSP'].manage_addFile(id, file='',
title='', precondition='', content_type='', REQUEST=None)

Well, in a fs product I don't have container norself.manage_addProduct or something (AFAIK).


Therefore I use the ._setObject() method.

Instead of "container" you substitute the object that you called_setObject on before. No rocket science here. If that objectsubclasses from the normal Zope Folder class (or is a Zope Folder)you *will* have manage_addProduct.


jens



------------------------------

Message: 2
Date: Thu, 16 Feb 2006 08:27:43 +0000
From: Chris Withers <[EMAIL PROTECTED]>
Subject: Re: [Zope] Re: restricting permissions for direct access only
To: Tres Seaver <[EMAIL PROTECTED]>
Cc: [EMAIL PROTECTED], zope@zope.org
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed

Tres Seaver wrote:

The prior behavior (allowing users to access protected resources "above"
the domain of their user folders) was a security hole caused by a bug,
and was never documented as allowable:  correcting it was a matter for a
rather urgent fix, as it broke the explicitly-documented model.


I don't think that's what Michael and I were commenting on...

IIRC, if you had scripta calling scriptb, you used to be able to givescripta a proxy role and scriptb would also execute with that role.However, again IIRC, in current Zope releases, if you give scripta aproxy role, when it calls scriptb, scriptb will just run with the rolesof the current user.


Have I got this right? If so, I wonder why the change was made...

Chris


_______________________________________________
Zope maillist  -  Zope@zope.org
http://mail.zope.org/mailman/listinfo/zope
**   No cross posts or HTML encoding!  **

(Related lists -http://mail.zope.org/mailman/listinfo/zope-announce

http://mail.zope.org/mailman/listinfo/zope-dev )

[Zope] subscribe

Reply via email to