Ticket #7104 (closed Bug: wontfix)

Opened 7 years ago

Last modified 3 years ago

Clean Plone 3 shows lots of security warnings in verbose-security mode

Reported by: dturvene Owned by:
Priority: minor Milestone: 3.3.x
Component: General Version: 4.1
Keywords: verbose-securityImplPython Cc:

Description (last modified by wichert) (diff)

Searched tickets but didn't see an obvious match.

Setup: 3.0.1, Zope 2.10.4, Python 2.4.4 debug-mode on, verbose-security on, security-policy-implementation python. No additional products or packages. Start as ./runzope. When verbose-security off, output is not displayed

Rendering of front page produces the following console output:

2007-09-14 15:33:00 DEBUG ImplPython Unauthorized: Your user account does not have the required permission.  Access to 'render' of (Products.Five.viewlet.metaconfigure.LockInfoViewlet object at 0xe1700cc) denied. Your user account, Anonymous User, exists at /acl_users. Access requires one of the following roles: ['Editor', 'Manager', 'Owner']. Your roles in this context are ['Anonymous'].

Create user1 with Manager role and user2 with Member role. Login as user1 and don't see warnings when rendering a page. Login as user2 and see on console output:

2007-09-14 15:33:16 DEBUG ImplPython Unauthorized: Your user account does not have the required permission.  Access to 'addATBooleanCriterion' of (App.ProductContext.__FactoryDispatcher__ object at 0xe3268cc) denied. Your user account, user2, exists at /pl3site/acl_users. Access requires ATContentTypes_Topic__Add_ATBooleanCriterion_Permission, granted to the following roles: ['Manager']. Your roles in this context are ['Authenticated', 'Member'].

  .. repeated on addATCurrentAuthorCriterion, addATDateCriteria, plus 24 other classes

2007-09-14 15:33:16 DEBUG ImplPython Unauthorized: Your user account does not have the required permission.  Access to 'render' of (Products.Five.viewlet.metaconfigure.LockInfoViewlet object at 0xe3259cc) denied. Your user account, user2, exists at /pl3site/acl_users. Access requires one of the following roles: ['Editor', 'Manager', 'Owner']. Your roles in this context are ['Authenticated', 'Member'].

Change History

comment:1 Changed 7 years ago by hannosch

  • Component changed from Unknown to Permissions

comment:2 Changed 7 years ago by wichert

  • Description modified (diff)

comment:3 Changed 6 years ago by hannosch

  • Component changed from Permissions to Infrastructure

comment:4 Changed 3 years ago by kleist

  • Keywords verbose-securityImplPython added; verbose-security ImplPython removed
  • Status changed from new to closed
  • Version set to 4.1
  • Resolution set to wontfix

Plone 3 not supported.

comment:5 Changed 3 years ago by davisagli

  • Component changed from Infrastructure to General
Note: See TracTickets for help on using tickets.