Security validation issue

Collapse
This topic is closed.
X
X
 
  • Time
  • Show
Clear All
new posts
  • Herman Geldenhuys

    Security validation issue

    I've written a Zope product that exposes a "MenuItem". I add a menuItem in a Zope folder, and I have no difficulty accessing and editing it via the ZMI. I've written an xml-rpc-like protocol for Zope, that basically validates the security "manually".

    This menuItem has an attribute called "def getVersion(self ):" which returns an int.

    This is the Code that prevents me from accessing the method in python, via my protocol:

    if not AccessControl.g etSecurityManag er().validate(N one, object, attributes[-1]):
    raise UnauthorisedAcc essException('U nauthorised: ' + originalAddress )

    object = <bound method HWMenuItem.getV ersion of <HWMenuItem instance at 01B7B290>>
    This is the method getVersion

    attributes[-1] = "getVersion " (string)

    UnauthorisedAcc essException: Unauthorised: menus.administr ation.addUser.g etVersion

    This code works for any other default Zope type, but not mine. Did I perhaps forgot a permission or something?

    I can access this fine via the ZMI, but when I validate it this way, python just starts cursing at me.

    Can somebody help?

    Thanks

    H
Working...