#2 Unauthorized to view/save versions

open
nobody
versioning (6)
5
2005-09-15
2005-09-15
Anonymous
No

Hi,

I have adjusted my Plone Site to introduce extra roles.
Doing so, I disallow Members to contribute content, and
have introduced Writers to do so. Managers can still do
everything.

Evidently, I allow Writers to add/save/modify versions.

I have installed CMFEditions 1.0alpha2, and am
experiencing some strange behavior of CMFEditions.

When "Writers" click on the Versions tab of a document,
they are asked for a username/pasword. As I have
installed VerboseSecurity, I am provided the following
message:

Site error

This site encountered an error trying to fulfill your
request. The errors were:

Error Type
Unauthorized
Error Value
Your user account is defined outside the context of
the object being accessed. Access to 'object' of
(Products.CMFEditions.CopyModifyMergeRepositoryTool.VersionData
instance at 0x43e05bac) denied. Your user account,
bdubois, exists at /serious/acl_users. Access requires
View_Permission, granted to the following roles:
['Manager', 'Member'].
Request made at
2005/09/15 20:35:48.387 GMT+2

However, the View permission is given to _all_roles at
the Plone Site level and I have even tried it at the
Root level. Therefore I assume that this error message
isn't correct.

Moreover, I am experiencing the same problem when I
login as a Manager. This however does not occur for all
documents. Can't seem to be able to discover a pattern
in it though. On these occasions, even the plone site
administrator is

-Are there any roles hard-coded in the CMFEditions code
(or code it depends upon)? Is it supposed to be
available only for Managers?

-Do you have any clue on why a Manager (aka god) might
be unable to view the version history?

Kind regards,
Bart Du Bois.
bart.dubois@ua.ac.be

Discussion

  • Alec Mitchell
    Alec Mitchell
    2005-12-12

    Logged In: YES
    user_id=70421

    The key to the error is "Your user account is defined
    outside the context of the object being accessed" which
    means whatever user you are logging in as, because of the
    context you have no roles in context. This sort of thing
    is generally related to acquisition wrapping issues. I've
    fixed a few similar issues, though it's not clear what is
    triggering this one unless I have a way to reproduce it
    reliably. Did you version a "private" document perhaps?
    Were you upgrading an existing CMFEditions instance?