Mario Olimpio de Menezes a écrit : >> To setup read/write permissions on the directories you can adjust the ACL_* >> properties of the directories configuration (either directly in the ZMI in >> portal_directories or in the directories/my_directory.xml in the profile). > > I haven't this file: my_directory.xml > did you mean directories/members_ldap.xml ? This was an example. Each xml file in the directories folder corresponds to some directory object in the portal_directories tool of your CPS instance. If you want to make the 'members' directory unmodifiable, you'll have to edit the directories/members.xml file and remove the Member and Manager roles for the create/write entry ACL properties. >> If you want per-field permission settings you must adjust similar ACL >> properties in the corresponding schema (in portal_schemas in the ZMI or >> schemas/members.xml for instance in the profile). > > sorry, but I can't understand what you mean here; my ldap/xml knowledge isn't > good enough. CPS schemas allow for fine-grained access rights management to each field of your entries. But you probably don't need that so that you can ignore ACL on fields and focus on directories settings instead of schemas settings. >> Don't forget to reimport the profile if you make changes to the xml files >> to apply your changes to the objects living in the ZODB. >> >> To bind as "anonymous", use an empty bind_dn/password in the directory >> configuration. > I did this, then when I try to import CPSLDAPSetup on a fresh new cps site, it > prompted me to supply Zope Site Manager user/password. If I deny, it gives > me the error bellow for all kind of further access; and as a result, I can't > access the site anymore! > > Error Type: > Unauthorized > Error Value: > You are not authorized to access this resource. > Traceback: > Traceback (innermost last): > Module ZPublisher.Publish, line 104, in publish > > Module ZPublisher.BaseRequest, line 464, in traverse > > Module ZPublisher.HTTPResponse, line 697, in unauthorized > > Unauthorized: <strong>You are not authorized to access this resource.</strong> > ---------------------------------- end of copied error text --------------- > > > what is this error? how to fix it? Please login as the Zope admin and not as the CPS Manager. As written in the README.txt file of the CPSLDAPSetup product, importing this profile erases the default "members" directory and thus the default CPS Manager account, thus the authentication error. -- Olivier
Hosting: Nuxeo: Zope service provider