#23 — cannot view a photo in the state of "private"
| State | Resolved |
|---|---|
| Version: |
—
|
| Area | Functionality |
| Issue type | Bug |
| Severity | Medium |
| Submitted by | gerry rodman |
| Submitted on | Apr 02, 2006 |
| Responsible |
—
|
| Target release: |
—
|
Last modified on
Jan 08, 2009
by
Matthew Wilkes
zope 2.8, plone 2.12
When you try to view a private photo you will get a "Insufficient Privileges" message.
Doing the same and running under verbose security yields the following:
Your user account is defined outside the context of the object being accessed. Access to 'content_type' of (ATPhoto at /test/v/vpa/v1.jpeg) denied. Your user account, gerryr, exists at /acl_users. Access requires one of the following roles: ['Manager', 'Owner'].
- Steps to reproduce:
- create an album
add a photo
change the state of the photo to private
click on the photo in photo album view
you will get a "Insufficient Privileges" message.
Added bygerry rodmanonApr 02, 2006 11:14 PM
I worked on this a bit and believe I have found a fix.
In skin template "atphoto_view.cpt", change the second "defines" clause from
content_type context/content_type;
to
content_type context/getMimeType;
It seems that accessing the content_type attribute directly returns an unwrapped object which results in a permissions error.
gr
Added by(anonymous)onApr 04, 2006 08:00 PM
I observe the same problem but the fix works for me, too.
Added byGael PasgrimaudonApr 04, 2006 08:17 PM
Change is on the trunk.
Issue state:
unconfirmed
→
open
Added byGael PasgrimaudonApr 04, 2006 08:19 PM
Issue state:
open
→
resolved
Added byMichel Le CocqonJul 07, 2006 09:05 AM
I observe the same problem the fix works for me but is not corrected in last svn : my version is : ATPhoto 1.0-alpha1 build 53
Added byMichel Le CocqonJul 31, 2006 09:12 AM
When you change the state of a photo in a photo album, from public to private for exemple, when you click to "next item" the value show in state is the one of the previous photo. If the state of the next item is public it will tell you it's private (the state of the previous one) until you refresh the page.
Add response
If you can, please log in before submitting a reaction.