#1 — Security Error with Column on Example Type
| State | Resolved |
|---|---|
| Version: | 0.3 |
| Area | Functionality |
| Issue type | Bug |
| Severity | Critical |
| Submitted by | (anonymous) |
| Submitted on | Feb 19, 2006 |
| Responsible | Mikko Ohtamaa |
| Target release: | 0.3 |
Last modified on
Feb 21, 2009
by
Matthew Wilkes
I installed the DataGridField 0.3 on a plone 2.1.2 site and set the INSTALL_DEMO_TYPES to True.
Then I added a datagriddemotype to the root of the site and got the following error mesage
Time 2006/02/19 18:51:24.521 GMT+13
User Name (User Id) pete (pete)
Request URL http://propane.bcmpweb.com:13080/[…]/base_edit
Exception Type Unauthorized
Exception Value The container has no security assertions. Access to 'getMacro' of (Products.DataGridField.Column.Column instance at 0x41bad06c) denied.
Full trace back is:
Traceback (innermost last):
Module ZPublisher.Publish, line 101, in publish
Module ZPublisher.mapply, line 88, in mapply
Module ZPublisher.Publish, line 39, in call_object
Module Products.CMFFormController.FSControllerPageTemplate, line 98, in __call__
Module Products.CMFFormController.BaseControllerPageTemplate, line 42, in _call
Module Shared.DC.Scripts.Bindings, line 306, in __call__
Module Shared.DC.Scripts.Bindings, line 343, in _bindAndExec
Module Products.CMFCore.FSPageTemplate, line 188, in _exec
Module Products.CMFCore.FSPageTemplate, line 127, in pt_render
Module Products.PageTemplates.PageTemplate, line 96, in pt_render
- <FSControllerPageTemplate at /test/base_edit used for /test/datagriddemotype2.2006-02-19.0099567677>
Module TAL.TALInterpreter, line 190, in __call__
Module TAL.TALInterpreter, line 234, in interpret
Module TAL.TALInterpreter, line 650, in do_defineMacro
Module TAL.TALInterpreter, line 234, in interpret
Module TAL.TALInterpreter, line 409, in do_optTag_tal
Module TAL.TALInterpreter, line 394, in do_optTag
Module TAL.TALInterpreter, line 389, in no_tag
Module TAL.TALInterpreter, line 234, in interpret
Module TAL.TALInterpreter, line 671, in do_useMacro
Module TAL.TALInterpreter, line 234, in interpret
Module TAL.TALInterpreter, line 409, in do_optTag_tal
Module TAL.TALInterpreter, line 394, in do_optTag
Module TAL.TALInterpreter, line 389, in no_tag
Module TAL.TALInterpreter, line 234, in interpret
Module TAL.TALInterpreter, line 702, in do_defineSlot
Module TAL.TALInterpreter, line 234, in interpret
Module TAL.TALInterpreter, line 409, in do_optTag_tal
Module TAL.TALInterpreter, line 394, in do_optTag
Module TAL.TALInterpreter, line 389, in no_tag
Module TAL.TALInterpreter, line 234, in interpret
Module TAL.TALInterpreter, line 650, in do_defineMacro
Module TAL.TALInterpreter, line 234, in interpret
Module TAL.TALInterpreter, line 694, in do_defineSlot
Module TAL.TALInterpreter, line 234, in interpret
Module TAL.TALInterpreter, line 409, in do_optTag_tal
Module TAL.TALInterpreter, line 394, in do_optTag
Module TAL.TALInterpreter, line 389, in no_tag
Module TAL.TALInterpreter, line 234, in interpret
Module TAL.TALInterpreter, line 650, in do_defineMacro
Module TAL.TALInterpreter, line 234, in interpret
Module TAL.TALInterpreter, line 409, in do_optTag_tal
Module TAL.TALInterpreter, line 394, in do_optTag
Module TAL.TALInterpreter, line 389, in no_tag
Module TAL.TALInterpreter, line 234, in interpret
Module TAL.TALInterpreter, line 671, in do_useMacro
Module TAL.TALInterpreter, line 234, in interpret
Module TAL.TALInterpreter, line 702, in do_defineSlot
Module TAL.TALInterpreter, line 234, in interpret
Module TAL.TALInterpreter, line 409, in do_optTag_tal
Module TAL.TALInterpreter, line 394, in do_optTag
Module TAL.TALInterpreter, line 389, in no_tag
Module TAL.TALInterpreter, line 234, in interpret
Module TAL.TALInterpreter, line 613, in do_loop_tal
Module TAL.TALInterpreter, line 234, in interpret
Module TAL.TALInterpreter, line 409, in do_optTag_tal
Module TAL.TALInterpreter, line 394, in do_optTag
Module TAL.TALInterpreter, line 389, in no_tag
Module TAL.TALInterpreter, line 234, in interpret
Module TAL.TALInterpreter, line 671, in do_useMacro
Module TAL.TALInterpreter, line 234, in interpret
Module TAL.TALInterpreter, line 409, in do_optTag_tal
Module TAL.TALInterpreter, line 394, in do_optTag
Module TAL.TALInterpreter, line 389, in no_tag
Module TAL.TALInterpreter, line 234, in interpret
Module TAL.TALInterpreter, line 671, in do_useMacro
Module TAL.TALInterpreter, line 234, in interpret
Module TAL.TALInterpreter, line 409, in do_optTag_tal
Module TAL.TALInterpreter, line 394, in do_optTag
Module TAL.TALInterpreter, line 389, in no_tag
Module TAL.TALInterpreter, line 234, in interpret
Module TAL.TALInterpreter, line 637, in do_condition
Module TAL.TALInterpreter, line 234, in interpret
Module TAL.TALInterpreter, line 409, in do_optTag_tal
Module TAL.TALInterpreter, line 394, in do_optTag
Module TAL.TALInterpreter, line 389, in no_tag
Module TAL.TALInterpreter, line 234, in interpret
Module TAL.TALInterpreter, line 637, in do_condition
Module TAL.TALInterpreter, line 234, in interpret
Module TAL.TALInterpreter, line 407, in do_optTag_tal
Module TAL.TALInterpreter, line 389, in no_tag
Module TAL.TALInterpreter, line 234, in interpret
Module TAL.TALInterpreter, line 694, in do_defineSlot
Module TAL.TALInterpreter, line 234, in interpret
Module TAL.TALInterpreter, line 409, in do_optTag_tal
Module TAL.TALInterpreter, line 394, in do_optTag
Module TAL.TALInterpreter, line 389, in no_tag
Module TAL.TALInterpreter, line 234, in interpret
Module TAL.TALInterpreter, line 613, in do_loop_tal
Module TAL.TALInterpreter, line 234, in interpret
Module TAL.TALInterpreter, line 460, in do_setLocal_tal
Module Products.PageTemplates.TALES, line 221, in evaluate
- URL: file:DataGridField/skins/DataGridWidget/datagridwidget.pt
- Line 79, Column 27
- Expression: <PythonExpr path('here/%s/macros' % column_definition.getMacro())>
- Names:
{'container': <PloneSite instance at 41d02890>,
'context': <DataGridDemoType2 at /test/datagriddemotype2.2006-02-19.0099567677>,
'default': <Products.PageTemplates.TALES.Default instance at 0x40b43e6c>,
'here': <DataGridDemoType2 at /test/datagriddemotype2.2006-02-19.0099567677>,
'loop': <SafeMapping instance at 414efef0>,
'modules': <Products.PageTemplates.ZRPythonExpr._SecureModuleImporter instance at 0x40b4324c>,
'nothing': None,
'options': {'state': <ControllerState instance at 4124f0b0>, 'args': ()},
'repeat': <SafeMapping instance at 414efef0>,
'request': <HTTPRequest, URL=http://propane.bcmpweb.com:13080/[…]/base_edit>,
'root': <Application instance at 41d53c20>,
'template': <FSControllerPageTemplate at /test/base_edit used for /test/datagriddemotype2.2006-02-19.0099567677>,
'traverse_subpath': [],
'user': pete}
Module Products.PageTemplates.ZRPythonExpr, line 47, in __call__
- __traceback_info__: path('here/%s/macros' % column_definition.getMacro())
Module Python expression "path('here/%s/macros' % column_definition.getMacro())", line 1, in <expression>
Module Products.VerboseSecurity.VerboseSecurityPolicy, line 151, in validate
Unauthorized: The container has no security assertions. Access to 'getMacro' of (Products.DataGridField.Column.Column instance at 0x41bad06c) denied.
Added byMikko OhtamaaonFeb 19, 2006 10:02 AM
What Zope version are you using?
Severity:
Critical
→
Important
Target release:
None
→
0.3
Responsible manager:
(UNASSIGNED)
→
miohtama
Added byMikko OhtamaaonFeb 22, 2006 10:36 AM
This seem to be Zope 2.7.x issue. It will be fixed in the future releases.
Workaround is to put following code to Column.py
# Initializes class security
InitializeClass(Column)
from AccessControl import allow_class
allow_class(Column)
Added byMikko OhtamaaonNov 29, 2006 02:03 AM
Please see comments if you wish to run on Zope 2.7
Issue state:
unconfirmed
→
resolved
Severity:
Important
→
Critical
No responses can be added.
If you can, please log in before submitting a reaction.