[ZPatterns] LoginManager roles problem

Joachim Schmitz js@aixtraware.de
Thu, 11 Oct 2001 13:46:51 +0200 (CEST) 

Tim,

thanks for your thinking investment ;-).

No index_html is a dtml-method, but there is only one index_html for the
whole site. But I just see that my drawing in the first mail is wrong:

it actually looks like this:

root:
  acl_users (standard)
  mysitefolder: viewable by Anonymous
    index_html
    acl_users (login-manager with a custumized login form)
    otherfolder: viewable only by Authenticated
       testfolder
          content dtml method

where index_html looks like this:

<dtml-var standart_html_header>
<dtml-var init>
...
<dtml-var content>
...
<dtml-var standart_html_footer>

the calling URL looks like /mysitefolder/otherfolder/testfolder

since there is no index_html in testfolder, the one-and-only index_html is
called, which calls the content method. So the index_html is the parent.


On Thu, 11 Oct 2001, Tim McLaughlin wrote:

> Joachim,
> It looks like you got it out.  And I'm not sure what the prob is now.
> My similar probs were eliminated by doing this, but I'm not sure what
> the cause of yours might be.  I'm definitely not a guru when it comes to
> ZP and LM, I just know enough to make it work ;)
>
> But regarding your thoughts of where it is.  I don't think that specific
> bit is the problem because index_html is not actually the parent (I'm
> assuming its a DTML Method or DTML Doc).  It is a method or object of
> the parent and therefore wouldn't be checked.  You know what, maybe I'm
> assuming too much.  Is index_html a folder?  For me that would be a
> bizarrely new way to organize it (and I'm not sure why you would do it).
>


> Cheers,
> Tim
>
> Joachim Schmitz wrote:
> >
> > Tim,
> >
> > I think I removed it by changing:
> >
> > class BetterSimpleUser(BetterLocalRolesMixin, SimpleUser):
> > to:
> > class BetterSimpleUser(SimpleUser):
> >
> > in LoginManager.py
> >
> > and
> > class LoginUser(DataSkin, BetterLocalRolesMixin, BasicUser, Item):
> > to:
> > class LoginUser(DataSkin, BasicUser, Item):
> >
> > in UserSources.py
> >
> > but that didn't help.
> >
> > I think its caused by the following line in the validate function of
> > LoginManager:
> >
> >         if user is not None:
> >             # We got a user, check him out
> >             user=getattr(user,'aq_base',user).__of__(self)
> >             if user.allowed(parent, roles): return user
> >
> > cause the parent is the index_html, but changing that to:
> >             for p in parents:
> >                 if not user.allowed(p, roles):
> >                     break
> >                 return user
> >
> > did also not help.
> >
> > On Wed, 10 Oct 2001, Tim McLaughlin wrote:
> >
> > > Joachim,
> > > This can be fixed by eliminating the BetterLocalRolesMixin and
> > > BetterSimpleUser from LoginManager.py and UserSources.py.  I can send
> > > you my *hacked* copy if you want.
> > >
> > > Cheers,
> > > Tim
> > >
> > > Joachim Schmitz wrote:
> > > >
> > > > Hi,
> > > >
> > > > my site structure is like this:
> > > >
> > > > root:
> > > >  acl_users (standard)
> > > >  mysitefolder: viewable by Anonymous
> > > >    index_html
> > > >     acl_users (login-manager with a custumized login form)
> > > >     otherfolder: viewable only by Authenticated
> > > >       test dtml document
> > > >
> > > > When I now call the /mysite/otherfolder/test
> > > >
> > > > not my customized loginform pops up, but the standard httpauthorization from
> > > > the root acl_users folder.
> > > > When I cancel the authentication box, I get that Anonymous User has no
> > > > access to the "test" document, which is contained in otherfolder
> > > >
> > > > When I copy the index_html into the otherfolder, it works correctly.
> > > >
> > > > Apparently LoginManager checks for the permissions in the parent, which is
> > > > index_html. Is this a bug or a feature ?
> > > >
> > > > Mit freundlichen Grüßen
> > > >
> > > > Joachim Schmitz
> > >
> > > --
> > > Tim McLaughlin
> > > iterationZERO - www.iterationzero.com
> > > 703.481.2233
> > >
> > >
> >
> > Mit freundlichen Grüßen
> >
> > Joachim Schmitz
> >
> > AixtraWare, Ing. Büro für Internetanwendungen
> > Hüsgenstr. 33a, D-52457 Aldenhoven
> > Telefon: +49-2464-8851, FAX: +49-2464-905163
> >
> > _______________________________________________
> > ZPatterns mailing list
> > ZPatterns@eby-sarna.com
> > http://www.eby-sarna.com/mailman/listinfo/zpatterns
>
> --
> Tim McLaughlin
> iterationZERO - www.iterationzero.com
> 703.481.2233
>
>

Mit freundlichen Grüßen

Joachim Schmitz

AixtraWare, Ing. Büro für Internetanwendungen
Hüsgenstr. 33a, D-52457 Aldenhoven
Telefon: +49-2464-8851, FAX: +49-2464-905163