rbrown12 via Plone Community wrote at 2022-3-10 18:51 +0000:
I have verbose-security turned on in my instance now. This is what is displayed in the console:
2022-03-10 13:40:39 INFO plone.app.blocks Do not have permission for tile plone.app.standardtiles.lockinfo on context acl_users/credentials_cookie_auth
This does not (yet) look like a verbose message (that would tell
(at least) which permission is required).
Are you aware that you must also set
"security-policy-implementation" to PYTHON to make verbose security
effective?
The log entry indicates that the message was not generated
by Zope's security system (i.e. AccessControl) but
by plone.app.blocks. You could try to locate the respective
source code and add additional information to the log entry.
You could look at the implementation of "verbose-security" (in AccessControl)
to learn how this additional information can be determined.
Verbose security messages have (approximately) the form:
"you do not have permission PPPP to access OOOO;
you are authenticated as UUUU by the user folder at PPPP and have the roles
RRRR, RRRR, RRRR; required is one of the roles RRRR, RRRR, RRRR".