Ticket #13044 (confirmed Bug)
External edit raises Unauthorized if user has no AccessContentsInformation on parent
Reported by: | thomasdesvenain | Owned by: | |
---|---|---|---|
Priority: | minor | Milestone: | 4.x |
Component: | General | Version: | 4.3 |
Keywords: | security, external_editor | Cc: |
Description (last modified by kleist) (diff)
external_edit.py python script raises
Unauthorized: You are not allowed to access 'aq_parent' in this context
if user can edit a content but have no access privileges on its parent
this can be fixed replacing external_edit by a view,
Change History
Note: See
TracTickets for help on using
tickets.
https://github.com/plone/Products.CMFPlone/blob/master/Products/CMFPlone/skins/plone_scripts/external_edit.py