I haven't worked with this code closely in a few months, but as I recall permissions that are acquired are stored as a list, and those that aren't are stored as a tuple. if type(self._View_Permission) == type(()): # done, this permission isn't acquired above this point Furthermore, I may be missing the point of this thread, but if you are trying to get the list of all roles assigned to a permission (from a python product), you could use this: from AccessControl.PermissionRole import rolesFromPermissionOn roles = rolesFromPermissionOn('View', ob) -Randy
-----Original Message----- From: Danny William Adair [mailto:Danny@Adair.net] Sent: Monday, April 09, 2001 7:49 PM To: richard@bizarsoftware.com.au Cc: zope-dev@zope.org Subject: Re: [Zope-dev] Objects, Roles and Permissions
Thank you very much, Richard! Cool!
Still...
... Feel free to expand the method to other roles and the full suite of permissions. ...
Other *roles*? Roles are what's coming back, isn't it?
def viewPermissions(self, acquired=0): ''' walk up the acquisition path to find a
_View_Permission
attribute... possibly _only_ the acquired
permissions.
''' chain = self.aq_chain if acquired: chain = chain[1:] for self in chain: if hasattr(self.aq_base, '_View_Permission'): return self._View_Permission return ['Manager']
"possibly _only_ the acquired permissions" - oops! Your snippet worked fine _if_ the view permission was acquired by that object. As soon as I turned off acquisition for the view permission of the object, it would still give me the acquired roles (that in fact were'nt acquired). What does the "if" statement look like that would return the object's own roles for the View Permission if acquisition was turned off? Naive Danny who doesn't know s... tried to put
if hasattr(self.aq_base, '_View_Permission'): return self._View_Permission
at the beginning of your code, but no effect. :-(
But now I see how to access specific permissions and read their content (do I? I'll experiment with it), thank you very much! I will put a string.replace on top and pass the Permission to examine by string parameter, and call that whole stuff "getAllowedRoles".
A "getGrantedPermissions" for examining a role should work similarly, right?
def ac_inherited_permissions(self, all=0):
set all to 1 and then... iterate through the list (tuple or list? list of tuples?) and check every "_current_Permission" if it contains the role?
Thx once again, Danny
btw: Isn't return['Manager'] at the end of your code obsolete (but safe)? Or is there anything special going on at the root level (isTopLevelPrincipiaApplicationObject)?
_______________________________________________ Zope-Dev maillist - Zope-Dev@zope.org http://lists.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://lists.zope.org/mailman/listinfo/zope-announce http://lists.zope.org/mailman/listinfo/zope )