workflow script proxy role does not apply
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Zope 2 |
Invalid
|
Medium
|
Unassigned |
Bug Description
I have a workflow script which runs with proxy 'manager' and I get
the following error (VerboseSecurity):
"The owner of the executing script is defined outside the context of the object being accessed. The script has proxy roles, but they do not apply in this context.. Access to 'new_state' of (Products.
The error happens when the script tries to access state_change.
state_change.object can be accessed, no problem.
<PythonScript at /Intranet/
Line 15
> if state_change.
the complete script is attached, bound names are : context, container, script, traverse_subpath, parameter list: state_change
The user manager (which is the owner) exists in the context (a plone instance). I also tried to take ownership with another user, still the same error. The script worked with Zope-2.7.4-final.
FWIW, I chatted about this in IRC with r33t and it does appear to be some sort of bug. The same configuration works in 2.7.3 and 2.7.4 but does not work in 2.7.5 and 2.7.6.
The suspicious things in changes.txt for 2.7.5 are:
- AccessControl/ User.py: _check_context() has not been called
for authenticated users
- guarded_getattr: Restored ability to aquire "through" unprotected
contexts, broken through overzealous cleanup in Zope 2.7.3.