Skip to content. | Skip to navigation

Personal tools

Navigation

You are here: Home / Members / jhb / old blog entries / traversal_before_auth

traversal_before_auth

by Jörg Baach last modified Feb 15, 2006 08:48 PM
why does my zsql traversal only work if the parent folder has "access contents information' set?

Problem:

I traverse /foo/bar/guests/1/display, but even with admin access, having
the manager role, I get an 'unauthorized' error, when 'bar' doesn't have
the 'access contents information' right set for the anonymous role.

Solution:

After reading
http://mail.zope.org/pipermail/zope/2005-February/156553.html it dawned
me - in the sql method I query an attribute of the 'bar' folder, to
determine the table to query from.
As traversal (hoping over the 1 in guests/1/display) comes before
authentication, I am stuck in the anonymous role at that point in time.

Add comment

You can add a comment by filling out the form below. Plain text formatting.

Question: What is 6 times 7?
Your answer: