On Mon, 13 May 2002 21:16:24 +0200 "Dieter Maurer" <dieter@handshake.de> wrote:
Andre Schubert writes:
i have i question on the permission-system of zope. Lets say i have a product which contains a zclass "foo" and i have created a role "foo_role" where every user belonges to this role is able to add "foo" instances. This works fine. But how do i define my permissions so, that all users which belong to "foo_role" are able to delete "foo"-instances.
I created a zope-permission "Delete Foo objects", then i mapped this permission to "Delete objects" in the zclass "foo" like the mapping from "Add Foos" to "Create class instances". But this doesnt work. "Delete objects" is a permission of the container (containing the objects to be deleted) and not the objects themselves.
You can make your own object deletion method (script) that applies the permission checks you want (give it a "Manager" proxy role, such that it is able to actually delete the objects).
Dieter
Thanks for your help, i will try to implement such a method. Regards..