Hi in a product I am working on, I have to set the permissions. I tried this, using the following code snippet: roles = object.valid_roles() object.manage_acquiredPermissions(permissions['Acquire']) for role in roles: object.manage_role(role, permissions[role]) permissions is a dictionary of roles with lists of permission names (e.g. {'Authenticated': [], 'Acquire': ['Access Transient Objects', 'Access arbitrary user session data', ...}). The thing I don't understand concerns the 'Manager' role. I observed the following things: - if I ommit the call to manage_acquiredPermissions, the permissions for 'Manager' are not set - 'Manager' inherits all permissions of Roles that are set AFTER the 'Manager' role is set (with manage_role). e.g. 'Owner' has the 'Add Database Methods' permission set. When the 'Owner' role is managed, the Permission 'Add Database Methods' is also added to the 'Manager' role. ('Owner' comes after 'Manager' in the roles list). Can someone explain why this is so? or what I am doing wrong. my setup is: Zope Version (unreleased version, python 2.3.3, linux2) Python Version 2.3.3 (#1, Apr 6 2004, 01:47:39) [GCC 3.3.3 (SuSE Linux)] regards Stefan
bTurtle ZOpe wrote at 2004-11-30 16:37 +0100:
... Can someone explain why this is so? or what I am doing wrong.
I did not understand what you are trying to achieve. Do you want to: * determine the protection of methods by permissions? You would use "ClassSecurityInfo" and its "declareProtected" for this. The Zope Developper Guide would tell you the details. * set the permission to role mapping? Look how the ZMI does it. The relevant methods are in "AccessControl.Role". * something else? -- Dieter
I try to set the permission to role mapping (which worked with the code snippet I posted, except for the behaviour i described). I just thought the manage_role could be used for this task. I will have a look at the methods used by the ZMI. thanks Stefan Zitat von Dieter Maurer <dieter@handshake.de>:
bTurtle ZOpe wrote at 2004-11-30 16:37 +0100:
... Can someone explain why this is so? or what I am doing wrong.
I did not understand what you are trying to achieve.
Do you want to:
* determine the protection of methods by permissions?
You would use "ClassSecurityInfo" and its "declareProtected" for this.
The Zope Developper Guide would tell you the details.
* set the permission to role mapping?
Look how the ZMI does it.
The relevant methods are in "AccessControl.Role".
* something else?
-- Dieter
Have a look at DCWorkflow.utils there are simple functions to do exactly that. Florent In article <1102081944.41b06f988bb3a@horde.nts.ch> you write:
I try to set the permission to role mapping (which worked with the code snippet I posted, except for the behaviour i described). I just thought the manage_role could be used for this task. I will have a look at the methods used by the ZMI.
thanks
Stefan
Zitat von Dieter Maurer <dieter@handshake.de>:
bTurtle ZOpe wrote at 2004-11-30 16:37 +0100:
... Can someone explain why this is so? or what I am doing wrong.
I did not understand what you are trying to achieve.
Do you want to:
* determine the protection of methods by permissions?
You would use "ClassSecurityInfo" and its "declareProtected" for this.
The Zope Developper Guide would tell you the details.
* set the permission to role mapping?
Look how the ZMI does it.
The relevant methods are in "AccessControl.Role".
* something else?
-- Dieter
_______________________________________________ Zope-Dev maillist - Zope-Dev@zope.org http://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope )
-- Florent Guillaume, Nuxeo (Paris, France) CTO, Director of R&D +33 1 40 33 71 59 http://nuxeo.com fg@nuxeo.com
participants (3)
-
bTurtle ZOpe -
Dieter Maurer -
Florent Guillaume